Описание
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.0.0g-1ubuntu1 |
| hardy | released | 0.9.8g-4ubuntu3.15 |
| lucid | released | 0.9.8k-7ubuntu8.8 |
| maverick | released | 0.9.8o-1ubuntu4.6 |
| natty | released | 0.9.8o-5ubuntu1.2 |
| oneiric | released | 1.0.0e-2ubuntu4.2 |
| upstream | released | 0.9.8s,1.0.0f |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.9.8o-7ubuntu3.1 |
| hardy | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | released | 0.9.8o-7ubuntu1.2 |
| upstream | released | 0.9.8s |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0 ...
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.
EPSS
5 Medium
CVSS2