Описание
Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.
Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-0891
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42666
- https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01029.html
- http://cert.fi/haavoittuvuudet/2008/advisory-openssl.html
- http://secunia.com/advisories/30405
- http://secunia.com/advisories/30460
- http://secunia.com/advisories/30825
- http://secunia.com/advisories/30852
- http://secunia.com/advisories/30868
- http://secunia.com/advisories/31228
- http://secunia.com/advisories/31288
- http://security.gentoo.org/glsa/glsa-200806-08.xml
- http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.562004
- http://sourceforge.net/project/shownotes.php?release_id=615606
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=738400
- http://www.kb.cert.org/vuls/id/661475
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:107
- http://www.openssl.org/news/secadv_20080528.txt
- http://www.securityfocus.com/bid/29405
- http://www.securitytracker.com/id?1020121
- http://www.ubuntu.com/usn/usn-620-1
- http://www.vupen.com/english/advisories/2008/1680
- http://www.vupen.com/english/advisories/2008/1937/references
EPSS
CVE ID
Связанные уязвимости
Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.
Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.
Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.
Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS s ...
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации
EPSS