Описание
XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.8 (включая)
Одно из
cpe:2.3:a:xyssl:xyssl:*:*:*:*:*:*:*:*
cpe:2.3:a:xyssl:xyssl:0.1:*:*:*:*:*:*:*
cpe:2.3:a:xyssl:xyssl:0.2:*:*:*:*:*:*:*
cpe:2.3:a:xyssl:xyssl:0.3:*:*:*:*:*:*:*
cpe:2.3:a:xyssl:xyssl:0.4:*:*:*:*:*:*:*
cpe:2.3:a:xyssl:xyssl:0.5:*:*:*:*:*:*:*
cpe:2.3:a:xyssl:xyssl:0.6:*:*:*:*:*:*:*
cpe:2.3:a:xyssl:xyssl:0.7:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00329
Низкий
5 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
ubuntu
больше 16 лет назад
XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification.
debian
больше 16 лет назад
XySSL before 0.9 allows remote attackers to cause a denial of service ...
github
больше 3 лет назад
XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification.
EPSS
Процентиль: 55%
0.00329
Низкий
5 Medium
CVSS2
Дефекты
CWE-399