CVE-2008-1672 - Secunia Advisories - Vulnerability Intelligence

Secunia Advisories

CVE Reference: CVE-2008-1672
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-1672

Description: OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites."

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-620-1 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.562004 SAID Secunia Advisory: SA30405 Secunia Advisory: SA30825 Secunia Advisory: SA31288 Secunia Advisory: SA31228 Secunia Advisory: SA30868 GENTOO http://security.gentoo.org/glsa/glsa-200806-08.xml CONFIRM http://sourceforge.net/project/shownotes.php?release_id=615606 http://www.openssl.org/news/secadv_20080528.txt CERT-VN 520586 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/492932/100/0/threaded BID 29405

Return to the previous page.