Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-4577

Опубликовано: 04 янв. 2012
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers.

Отчет

This issue did not affect the versions of openssl as shipped with Red Hat Enterprise Linux 3, 4 and 5.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 3opensslNot affected
Red Hat Enterprise Linux 4opensslNot affected
Red Hat Enterprise Linux 4openssl096bNot affected
Red Hat Enterprise Linux 5opensslNot affected
Red Hat Enterprise Linux 5openssl097aNot affected
Red Hat Enterprise Linux 6openssl098eNot affected
Red Hat Enterprise Linux 6opensslFixedRHSA-2012:005924.01.2012
RHEV 3.X Hypervisor and Agents for RHEL-6rhev-hypervisor6FixedRHSA-2012:010915.02.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=771778openssl: malformed RFC 3779 data can cause assertion failures

EPSS

Процентиль: 81%
0.01693
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-4577

ubuntu
больше 13 лет назад

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers.

nvd логотип

CVE-2011-4577

nvd
больше 13 лет назад

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers.

debian логотип

CVE-2011-4577

debian
больше 13 лет назад

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is ...

github логотип

GHSA-566r-v75p-wp79

github
больше 3 лет назад

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers.

oracle-oval логотип

ELSA-2012-0059

oracle-oval
больше 13 лет назад

ELSA-2012-0059: openssl security update (MODERATE)

EPSS

Процентиль: 81%
0.01693
Низкий

4.3 Medium

CVSS2