Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-3512

Опубликовано: 13 авг. 2014
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 7.5

Описание

Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.

РелизСтатусПримечание
devel

released

1.0.1f-1ubuntu7
esm-infra-legacy/trusty

not-affected

1.0.1f-1ubuntu2.5
lucid

not-affected

precise

released

1.0.1-4ubuntu5.17
trusty

released

1.0.1f-1ubuntu2.5
trusty/esm

not-affected

1.0.1f-1ubuntu2.5
upstream

released

1.0.1i

Показывать по

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
lucid

DNE

precise

not-affected

trusty

not-affected

trusty/esm

DNE

trusty was not-affected
upstream

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 98%
0.66927
Средний

7.5 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2014-3512

redhat
около 11 лет назад

Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.

nvd логотип

CVE-2014-3512

nvd
около 11 лет назад

Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.

debian логотип

CVE-2014-3512

debian
около 11 лет назад

Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implement ...

github логотип

GHSA-gp83-w673-qcx5

github
около 3 лет назад

Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.

fstec логотип

BDU:2015-00645

fstec
около 11 лет назад

Уязвимость программного обеспечения OpenSSL, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 98%
0.66927
Средний

7.5 High

CVSS2