Описание
The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | replaced by polarssl |
| hardy | ignored | end of life |
| intrepid | not-affected | 0.9-1 |
| jaunty | not-affected | |
| karmic | not-affected | |
| lucid | not-affected | |
| maverick | not-affected | |
| natty | not-affected | |
| oneiric | not-affected |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors.
The ssl_parse_client_key_exchange function in XySSL before 0.9 does no ...
The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors.
EPSS
7.5 High
CVSS2