Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-0166

Опубликовано: 08 фев. 2013
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5

Описание

OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.

РелизСтатусПримечание
devel

released

1.0.1c-4ubuntu4
esm-infra-legacy/trusty

not-affected

1.0.1c-4ubuntu4
hardy

released

0.9.8g-4ubuntu3.20
lucid

released

0.9.8k-7ubuntu8.14
oneiric

released

1.0.0e-2ubuntu4.7
precise

released

1.0.1-4ubuntu5.6
quantal

released

1.0.1c-3ubuntu2.1
raring

released

1.0.1c-4ubuntu4
saucy

released

1.0.1c-4ubuntu4
trusty

released

1.0.1c-4ubuntu4

Показывать по

РелизСтатусПримечание
devel

released

0.9.8o-7ubuntu4
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [0.9.8o-7ubuntu3.2.14.04.1]]
hardy

DNE

lucid

DNE

oneiric

ignored

end of life
precise

released

0.9.8o-7ubuntu3.2
quantal

ignored

end of life
raring

ignored

end of life
saucy

released

0.9.8o-7ubuntu3.2.13.10.1
trusty

released

0.9.8o-7ubuntu3.2.14.04.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 90%
0.05333
Низкий

5 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2013-0166

redhat
больше 12 лет назад

OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.

nvd логотип

CVE-2013-0166

nvd
больше 12 лет назад

OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.

debian логотип

CVE-2013-0166

debian
больше 12 лет назад

OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d do ...

github логотип

GHSA-f8qw-pqjg-gpv2

github
около 3 лет назад

OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.

oracle-oval логотип

ELSA-2013-0587

oracle-oval
больше 12 лет назад

ELSA-2013-0587: openssl security update (MODERATE)

EPSS

Процентиль: 90%
0.05333
Низкий

5 Medium

CVSS2