[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[VulnWatch] Vulnerability Issues in OpenSSL

To: vulnwatch@vulnwatch.org
Subject: [VulnWatch] Vulnerability Issues in OpenSSL
From: Chris Wysopal <weld@vulnwatch.org>
Date: Tue, 30 Sep 2003 14:52:07 +0000 (GMT)

Full Advisory:
http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm

Vulnerability Issues in OpenSSL

Version Information
Advisory Reference      006489/OpenSSL
Release Date    30 September 2003
Last Revision   30 September 2003
Version Number  1.1

What is Affected?

All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all
versions of SSLeay. (SSLeay is no longer maintained.)

Severity

Three specific vulnerabilities have been discovered in the OpenSSL
libraries. Two of these could allow a Denial of Service attack, the third
may result in an attacker being able to execute malicious code under
certain conditions.

Next by Date: [VulnWatch] ptl-2003-01: IBM DB2 LOAD Command Stack Overflow Vulnerability
Next by thread: [VulnWatch] ptl-2003-01: IBM DB2 LOAD Command Stack Overflow Vulnerability
Index(es):
- Date
- Thread