VuXML ID | Description |
1d56cfc5-3970-11eb-929d-d4c9ef517024 | OpenSSL -- NULL pointer de-reference
The OpenSSL project reports:
EDIPARTYNAME NULL pointer de-reference (High)
The X.509 GeneralName type is a generic type for representing
different types of names. One of those name types is known as
EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which
compares different instances of a GENERAL_NAME to see if they
are equal or not. This function behaves incorrectly when both
GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer
dereference and a crash may occur leading to a possible denial
of service attack.
Discovery 2020-12-08 Entry 2020-12-08 Modified 2020-12-15 openssl
>= 1.0.2,1 lt 1.1.1i,1
FreeBSD
>= 12.2 lt 12.2_2
>= 12.1 lt 12.1_12
>= 11.4 lt 11.4_6
https://www.openssl.org/news/secadv/20201208.txt
CVE-2020-1971
SA-20:33.openssl
|
7700061f-34f7-11e9-b95c-b499baebfeaf | OpenSSL -- Padding oracle vulnerability
The OpenSSL project reports:
0-byte record padding oracle (CVE-2019-1559) (Moderate)
If an application encounters a fatal protocol error and then calls
SSL_shutdown() twice (once to send a close_notify, and once to receive
one) then OpenSSL can respond differently to the calling application if
a 0 byte record is received with invalid padding compared to if a 0 byte
record is received with an invalid MAC. If the application then behaves
differently based on that in a way that is detectable to the remote peer,
then this amounts to a padding oracle that could be used to decrypt data.
Discovery 2019-02-19 Entry 2019-02-20 Modified 2019-03-07 openssl
< 1.0.2r,1
linux-c6-openssl
< 1.0.1e_16
https://www.openssl.org/news/secadv/20190226.txt
CVE-2019-1559
|
9e0c6f7a-d46d-11e9-a1c7-b499baebfeaf | OpenSSL -- Multiple vulnerabilities
The OpenSSL project reports:
ECDSA remote timing attack (CVE-2019-1547) [Low]
Fork Protection (CVE-2019-1549) [Low]
(OpenSSL 1.1.1 only)
Discovery 2019-09-10 Entry 2019-09-11 openssl
< 1.0.2t,1
openssl111
< 1.1.1d
https://www.openssl.org/news/secadv/20190910.txt
CVE-2019-1547
CVE-2019-1549
|
c82ecac5-6e3f-11e8-8777-b499baebfeaf | OpenSSL -- Client DoS due to large DH parameter
The OpenSSL project reports:
During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server can send a very large prime value
to the client. This will cause the client to spend an unreasonably
long period of time generating a key for this prime resulting in a
hang until the client has finished. This could be exploited in a
Denial Of Service attack.
Discovery 2018-06-12 Entry 2018-06-12 Modified 2018-07-24 libressl
libressl-devel
< 2.6.5
>= 2.7.0 lt 2.7.4
openssl
< 1.0.2o_4,1
openssl-devel
< 1.1.0h_2
https://www.openssl.org/news/secadv/20180612.txt
CVE-2018-0732
|
d778ddb0-2338-11ea-a1c7-b499baebfeaf | OpenSSL -- Overflow vulnerability
The OpenSSL project reports:
rsaz_512_sqr overflow bug on x86_64 (CVE-2019-1551) (Low)
There is an overflow bug in the x64_64 Montgomery squaring procedure
used in exponentiation with 512-bit moduli. No EC algorithms are
affected. Analysis suggests that attacks against 2-prime RSA1024,
3-prime RSA1536, and DSA1024 as a result of this defect would be very
difficult to perform and are not believed likely. Attacks against
DH512 are considered just feasible. However, for an attack the target
would have to re-use the DH512 private key, which is not recommended
anyway. Also applications directly using the low level API BN_mod_exp
may be affected if they use BN_FLG_CONSTTIME.
Discovery 2019-12-06 Entry 2019-12-20 openssl
< 1.0.2u,1
https://www.openssl.org/news/secadv/20191206.txt
CVE-2019-1551
|