Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Vulnerability in OpenSSL 1.0.x
Posted by Philipp Esselbach on: 08/11/2010 03:08 PM [ Print | 0 comment(s) ]
The H Open Source reports that a flaw in the 1.0 branch of OpenSSL can potentially be exploited to compromise clients and even execute injected code
Security expert Georgi Guninski has pointed out a security issue in the 1.0 branch of OpenSSL that potentially allows SSL servers to compromise clients. Apparently the hole can be exploited simply by sending a specially crafted certificate to the client, causing deallocated memory to be accessed in the ssl3_get_key_exchange function (in ssl\s3_clnt.c).
Vulnerability in OpenSSL 1.0.x
Related Stories
07/27/2010 09:09 PM: DSA 2075-1: New xulrunner packages fix several vulnerabilities by Philipp Esselbach
New xulrunner packages are available for Debian GNU/Linux...
07/19/2010 04:54 PM: DSA 2072-1: New libpng packages fix several vulnerabilities by Philipp Esselbach
New libpng packages are available for Debian GNU/Linux...
07/02/2010 09:08 PM: DSA-2067-1: New mahara packages fix several vulnerabilities by Philipp Esselbach
New mahara packages are available for Debian GNU/Linux to address multiple vulnerabilities...
07/01/2010 09:10 PM: DSA 2066-1: New wireshark packages fix several vulnerabilities by Philipp Esselbach
New wireshark packages are available for Debian GNU/Linuy to fix several remote vulnerabilities ...
06/17/2010 11:31 AM: DSA 2062-1: New sudo packages fix environment sanitization bypass vulnerability by Philipp Esselbach
The sudo security update is now available for Debian GNU/Linux. Here the security advisory: ...
06/10/2010 09:37 AM: DSA 2058-1: New glibc packages fix several vulnerabilities by Philipp Esselbach
New glibc packages are available for Debian GNU/Linux...
06/07/2010 03:04 PM: DSA 2057-1: New mysql-dfsg-5.0 packages fix several vulnerabilities by Philipp Esselbach
New mysql-dfsg-5.0 packages has been released for Debian GNU/Linux to address 4 vulnerabilities...
05/18/2010 10:50 PM: USN-939-1: X.org vulnerabilities by Bob
A new X.org vulnerabilities update is available for Ubuntu Linux. Here the announcement:...
05/13/2010 09:20 PM: DSA-2046-1: New phpgroupware packages fix several vulnerabilities by Bob
The Debian Security Team published a new security update for Debian GNU/Linux. Here the announcement:...
05/13/2010 02:20 PM: USN-938-1: KDENetwork vulnerability by Bob
A new KDENetwork vulnerability update is available for Ubuntu Linux. Here the announcement:...
New xulrunner packages are available for Debian GNU/Linux...
07/19/2010 04:54 PM: DSA 2072-1: New libpng packages fix several vulnerabilities by Philipp Esselbach
New libpng packages are available for Debian GNU/Linux...
07/02/2010 09:08 PM: DSA-2067-1: New mahara packages fix several vulnerabilities by Philipp Esselbach
New mahara packages are available for Debian GNU/Linux to address multiple vulnerabilities...
07/01/2010 09:10 PM: DSA 2066-1: New wireshark packages fix several vulnerabilities by Philipp Esselbach
New wireshark packages are available for Debian GNU/Linuy to fix several remote vulnerabilities ...
06/17/2010 11:31 AM: DSA 2062-1: New sudo packages fix environment sanitization bypass vulnerability by Philipp Esselbach
The sudo security update is now available for Debian GNU/Linux. Here the security advisory: ...
06/10/2010 09:37 AM: DSA 2058-1: New glibc packages fix several vulnerabilities by Philipp Esselbach
New glibc packages are available for Debian GNU/Linux...
06/07/2010 03:04 PM: DSA 2057-1: New mysql-dfsg-5.0 packages fix several vulnerabilities by Philipp Esselbach
New mysql-dfsg-5.0 packages has been released for Debian GNU/Linux to address 4 vulnerabilities...
05/18/2010 10:50 PM: USN-939-1: X.org vulnerabilities by Bob
A new X.org vulnerabilities update is available for Ubuntu Linux. Here the announcement:...
05/13/2010 09:20 PM: DSA-2046-1: New phpgroupware packages fix several vulnerabilities by Bob
The Debian Security Team published a new security update for Debian GNU/Linux. Here the announcement:...
05/13/2010 02:20 PM: USN-938-1: KDENetwork vulnerability by Bob
A new KDENetwork vulnerability update is available for Ubuntu Linux. Here the announcement:...
Related Threads
01/28/2005 12:20 AM: Is Linux just as vulnerable as Windows? (30) by clutch