rpm package
opensuse/openssl-1_0_0&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/openssl-1_0_0&distro=openSUSE%20Tumbleweed
Vulnerabilities (43)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2006-2940 | — | < 1.0.2u-6.2 | 1.0.2u-6.2 | Sep 28, 2006 | OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to proces | ||
| CVE-2006-2937 | — | < 1.0.2u-6.2 | 1.0.2u-6.2 | Sep 28, 2006 | OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. | ||
| CVE-2006-4339 | — | < 1.0.2u-6.2 | 1.0.2u-6.2 | Sep 5, 2006 | OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from cor |
- CVE-2006-2940Sep 28, 2006affected < 1.0.2u-6.2fixed 1.0.2u-6.2
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to proces
- CVE-2006-2937Sep 28, 2006affected < 1.0.2u-6.2fixed 1.0.2u-6.2
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition.
- CVE-2006-4339Sep 5, 2006affected < 1.0.2u-6.2fixed 1.0.2u-6.2
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from cor
Page 3 of 3