Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-0208

Опубликовано: 19 мар. 2015
Источник: ubuntu
Приоритет: medium
CVSS2: 4.3

Описание

The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature.

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

not-affected

lucid

not-affected

precise

not-affected

trusty

not-affected

trusty/esm

not-affected

upstream

needs-triage

utopic

not-affected

Показывать по

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
lucid

DNE

precise

not-affected

trusty

not-affected

trusty/esm

DNE

trusty was not-affected
upstream

needs-triage

utopic

not-affected

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2015-0208

redhat
почти 11 лет назад

The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature.

nvd логотип

CVE-2015-0208

nvd
почти 11 лет назад

The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature.

debian логотип

CVE-2015-0208

debian
почти 11 лет назад

The ASN.1 signature-verification implementation in the rsa_item_verify ...

github логотип

GHSA-53qj-xqjg-44rj

github
больше 3 лет назад

The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature.

fstec логотип

BDU:2015-11030

fstec
почти 11 лет назад

Уязвимость библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании

4.3 Medium

CVSS2