VYPR

rpm package

opensuse/openssl-1_0_0&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/openssl-1_0_0&distro=openSUSE%20Tumbleweed

Vulnerabilities (43)

  • CVE-2006-2940Sep 28, 2006
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to proces

  • CVE-2006-2937Sep 28, 2006
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition.

  • CVE-2006-4339Sep 5, 2006
    affected < 1.0.2u-6.2fixed 1.0.2u-6.2

    OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from cor

Page 3 of 3