Описание
The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.0.0g-1ubuntu1 |
| hardy | not-affected | openssl 1.0 only |
| lucid | not-affected | openssl 1.0 only |
| maverick | not-affected | openssl 1.0 only |
| natty | not-affected | openssl 1.0 only |
| oneiric | released | 1.0.0e-2ubuntu4.2 |
| upstream | released | 0.9.8s,1.0.0f |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | openssl 1.0 only |
| hardy | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | not-affected | openssl 1.0 only |
| upstream | released | 0.9.8s |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client.
The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client.
The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle inva ...
The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client.
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
5 Medium
CVSS2