CVE-2014-8627

Опубликовано: 24 нояб. 2014

Источник: debian

Описание

PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
polarssl	fixed	1.3.9-1		package
polarssl	not-affected		wheezy	package
polarssl	not-affected		squeeze	package

Связанные уязвимости

CVE-2014-8627

ubuntu

около 11 лет назад

PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.

CVE-2014-8627

nvd

около 11 лет назад

PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.

GHSA-9jjq-g2xm-68mw

github

больше 3 лет назад

PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.