| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2009-3555 |
310 |
|
|
2009-11-09 |
2012-10-22 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. |
|
2 |
CVE-2009-2409 |
310 |
|
|
2009-07-30 |
2012-10-22 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. |
|
3 |
CVE-2009-1387 |
399 |
|
DoS |
2009-06-04 |
2013-01-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug." |
|
4 |
CVE-2009-1386 |
|
1
|
DoS |
2009-06-04 |
2013-01-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello. |
|
5 |
CVE-2009-1379 |
399 |
|
DoS |
2009-05-19 |
2013-01-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. |
|
6 |
CVE-2009-1378 |
399 |
1
|
DoS |
2009-05-19 |
2013-01-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak." |
|
7 |
CVE-2009-1377 |
119 |
|
DoS Overflow |
2009-05-19 |
2013-01-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug." |
|
8 |
CVE-2009-0789 |
189 |
|
DoS |
2009-03-27 |
2011-10-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key. |
|
9 |
CVE-2009-0653 |
287 |
|
|
2009-02-20 |
2009-06-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970. |
|
10 |
CVE-2009-0591 |
287 |
|
|
2009-03-27 |
2011-01-19 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid. |
|
11 |
CVE-2009-0590 |
119 |
|
DoS Overflow |
2009-03-27 |
2013-01-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. |
|
12 |
CVE-2008-5077 |
20 |
|
Bypass |
2009-01-07 |
2012-10-30 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. |
