VYPR

rpm package

opensuse/openssl-1_0_0&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/openssl-1_0_0&distro=openSUSE%20Tumbleweed

Vulnerabilities (43)

  • CVE-2019-1559Feb 27, 2019
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by

  • CVE-2018-5407Nov 15, 2018
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

  • CVE-2018-0734Oct 30, 2018
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fi

  • CVE-2016-7056MedSep 10, 2018
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.

  • CVE-2018-0732HigJun 12, 2018
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client

  • CVE-2018-0737MedApr 16, 2018
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affec

  • CVE-2018-0739MedMar 27, 2018
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from u

  • CVE-2017-3738MedDec 7, 2017
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believ

  • CVE-2017-3737MedDec 7, 2017
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as d

  • CVE-2017-3736MedNov 2, 2017
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are n

  • CVE-2017-3735MedAug 28, 2017
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g

  • CVE-2016-7055MedMay 4, 2017
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impos

  • CVE-2017-3732MedMay 4, 2017
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and

  • CVE-2017-3731HigMay 4, 2017
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA

  • CVE-2008-1672May 29, 2008
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference.

  • CVE-2008-0891May 29, 2008
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.

  • CVE-2007-5135Sep 27, 2007
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a

  • CVE-2007-3108Aug 8, 2007
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.

  • CVE-2006-4343Sep 28, 2006
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.

  • CVE-2006-3738Sep 28, 2006
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.