Debian OpenSSL vulnerabilities

CVE-2011-4577 [MEDIUM] CVE-2011-4577: openssl - OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, a... OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers. Scope: local bookworm: resolved (fixed in 1.0.0f-1) bullseye: resolved (

CVE-2010-3864 [HIGH] CVE-2010-3864: openssl - Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0... Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. Scope: l

CVE-2010-0740 [MEDIUM] CVE-2010-0740: openssl - The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m al... The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information. Scope: local bookworm: resolved (fix

CVE-2010-4180 [MEDIUM] CVE-2010-4180: openssl - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHE... OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. Scope: local bookworm: re

CVE-2010-5298 [MEDIUM] CVE-2010-5298: openssl - Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.... Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. Scope: local bookworm: resolved (fixed in 1.0.1g-3) bullseye: resol

CVE-2010-1633 [MEDIUM] CVE-2010-1633: openssl - RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x... RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtain

CVE-2010-2939 [MEDIUM] CVE-2010-2939: openssl - Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL c... Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime. NOTE: some sources refer to th

CVE-2010-1378 [CRITICAL] CVE-2010-1378: openssl - OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithme... OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2010-4252 [HIGH] CVE-2010-4252: openssl - OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the pu... OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resol

CVE-2010-0433 [MEDIUM] CVE-2010-0433: openssl - The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, wh... The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of

CVE-2010-0742 [HIGH] CVE-2010-0742: openssl - The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c i... The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors. Scope: lo

CVE-2009-0653 [HIGH] CVE-2009-0653: openssl - OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermedia... OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970. Scope: local bookworm: resolved (fixed in 0.9.8-1) bullseye: resolved (fixed in 0.9.8-1) forky: resolved (fixed in 0.9.8-1) s

CVE-2009-3555 [MEDIUM] CVE-2009-3555: apache2 - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Micr... The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate reneg

CVE-2009-1386 [MEDIUM] CVE-2009-1386: openssl - ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial ... ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello. Scope: local bookworm: resolved (fixed in 0.9.8k-1) bullseye: resolved (fixed in 0.9.8k-1) forky: resolved (fixed in 0.9.8k-1) sid: resolved (fixed in 0.9.8k-1) trixi

CVE-2009-0789 [MEDIUM] CVE-2009-0789: openssl - OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly han... OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key. Scope: local bookworm: resolved bullseye: resolved

CVE-2009-4355 [MEDIUM] CVE-2009-4355: openssl - Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in Open... Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a relat

CVE-2009-0590 [MEDIUM] CVE-2009-0590: openssl - The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attacke... The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. Scope: local bookworm: resolved (fixed in 0.9.8g-16) bullseye: resolved (fixed in 0.9.8g-16) forky: re

CVE-2009-1378 [MEDIUM] CVE-2009-1378: openssl - Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1... Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak." Scope:

CVE-2009-0591 [LOW] CVE-2009-0591: openssl - The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, d... The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2009-1379 [MEDIUM] CVE-2009-1379: openssl - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in... Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. Scope: local bookworm: reso