CVE search results

421 – 430 of 492 results

Detailed view

Sort by:

CVE-2009-3555

Medium priority

Some fixes available 25 of 34

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier,...

10 affected packages

apache2, gnutls12, gnutls13, gnutls26, libapache-mod-ssl...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
apache2	—	—	—	—	—
gnutls12	—	—	—	—	—
gnutls13	—	—	—	—	—
gnutls26	—	—	—	—	—
libapache-mod-ssl	—	—	—	—	—
nss	—	—	—	—	—
openjdk-6	—	—	—	—	—
openjdk-6b18	—	—	—	—	—
openssl	—	—	—	—	—
sun-java6	—	—	—	—	—

CVE-2009-2904

Medium priority

Not affected

A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid...

1 affected package

openssh

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssh	—	—	—	—	—

CVE-2009-2404

Medium priority

Fixed

Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL...

1 affected package

nss

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
nss	—	—	—	—	—

CVE-2009-2408

Medium priority

Fixed

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN)...

5 affected packages

nss, openssl, xulrunner, xulrunner-1.9, xulrunner-1.9.1

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
nss	—	—	—	—	—
openssl	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—
xulrunner-1.9.1	—	—	—	—	—

CVE-2009-2409

Medium priority

Fixed

The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers...

6 affected packages

gnutls12, gnutls13, gnutls26, nss, openjdk-6, openssl

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gnutls12	—	—	—	—	—
gnutls13	—	—	—	—	—
gnutls26	—	—	—	—	—
nss	—	—	—	—	—
openjdk-6	—	—	—	—	—
openssl	—	—	—	—	—

CVE-2009-1387

Medium priority

Fixed

The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake...

1 affected package

openssl

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—	—

CVE-2009-1386

Medium priority

Fixed

ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.

1 affected package

openssl

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—	—

CVE-2009-1379

Medium priority

Fixed

Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified...

1 affected package

openssl

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—	—

CVE-2009-1378

Medium priority

Fixed

Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that...

1 affected package

openssl

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—	—

CVE-2009-1377

Medium priority

Fixed

The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are...

1 affected package

openssl

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports