This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Summuary | |
---|---|
CPE Name | cpe:/a:openssl:openssl:0.9.8n |
Detail | |||
---|---|---|---|
Vendor | Openssl | First view | 2009-06-04 |
Product | Openssl | Last view | 2018-09-10 |
Version | 0.9.8n | Type | Application |
Edition | |||
Language | |||
Update | |||
CPE Product | cpe:/a:openssl:openssl |
Activity : Overall
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
2.1 | 2018-09-10 | CVE-2016-7056 | Local | Low | None Requ... | |
5 | 2017-08-28 | CVE-2017-3735 | Network | Low | None Requ... | |
6.4 | 2016-05-04 | CVE-2016-2176 | Network | Low | None Requ... | |
7.8 | 2016-05-04 | CVE-2016-2109 | Network | Low | None Requ... | |
10 | 2016-05-04 | CVE-2016-2108 | Network | Low | None Requ... | |
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
2.6 | 2016-05-04 | CVE-2016-2107 | Network | High | None Requ... | |
5 | 2016-05-04 | CVE-2016-2106 | Network | Low | None Requ... | |
4.3 | 2014-10-14 | CVE-2014-3566 | Network | Medium | None Requ... | |
4.3 | 2014-08-13 | CVE-2014-3510 | Network | Medium | None Requ... | |
4.3 | 2014-08-13 | CVE-2014-3508 | Network | Medium | None Requ... | |
5 | 2014-08-13 | CVE-2014-3507 | Network | Low | None Requ... | |
5 | 2014-08-13 | CVE-2014-3506 | Network | Low | None Requ... | |
5 | 2014-08-13 | CVE-2014-3505 | Network | Low | None Requ... | |
4.3 | 2014-06-05 | CVE-2014-3470 | Network | Medium | None Requ... | |
4.3 | 2014-06-05 | CVE-2014-0221 | Network | Medium | None Requ... | |
6.8 | 2014-06-05 | CVE-2014-0195 | Network | Medium | None Requ... | |
4 | 2014-04-14 | CVE-2010-5298 | Network | High | None Requ... | |
1.9 | 2014-03-25 | CVE-2014-0076 | Local | Medium | None Requ... | |
4.3 | 2013-12-23 | CVE-2013-6449 | Network | Medium | None Requ... | |
2.6 | 2013-02-08 | CVE-2013-0169 | Network | High | None Requ... | |
5 | 2013-02-08 | CVE-2013-0166 | Network | Low | None Requ... | |
5 | 2012-06-16 | CVE-2011-1473 | Network | Low | None Requ... | |
6.8 | 2012-05-14 | CVE-2012-2333 | Network | Medium | None Requ... | |
7.5 | 2012-04-19 | CVE-2012-2110 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
31% (12) | CWE-399 | Resource Management Errors |
31% (12) | CWE-310 | Cryptographic Issues |
13% (5) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
5% (2) | CWE-362 | Race Condition |
5% (2) | CWE-200 | Information Exposure |
% | id | Name |
---|---|---|
5% (2) | CWE-189 | Numeric Errors |
2% (1) | CWE-320 | Key Management Errors |
2% (1) | CWE-287 | Improper Authentication |
2% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
Oval Markup Language : Definitions
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID | Name |
---|---|
oval:org.mitre.oval:def:19264 | HP-UX Running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access |
oval:org.mitre.oval:def:25015 | Vulnerability in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e, allows... |
oval:org.mitre.oval:def:25037 | Vulnerability in OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not prop... |
oval:org.mitre.oval:def:20686 | VMware vSphere, ESX and ESXi updates to third party libraries |
oval:org.mitre.oval:def:19487 | HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Unauthorized Discl... |
id | Name |
---|---|
oval:org.mitre.oval:def:19360 | Multiple OpenSSL vulnerabilities |
oval:org.mitre.oval:def:19081 | OpenSSL vulnerability before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.... |
oval:org.mitre.oval:def:18754 | HP-UX Apache Web Server, Remote Denial of Service (DoS) |
oval:org.mitre.oval:def:24756 | OpenSSL vulnerability before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.... |
oval:org.mitre.oval:def:26011 | SUSE-SU-2013:0549-1 -- Security update for OpenSSL |
oval:org.mitre.oval:def:25900 | SUSE-SU-2013:0554-1 -- Security update for OpenSSL |
oval:org.mitre.oval:def:25849 | SUSE-SU-2013:0549-2 -- Security update for OpenSSL |
oval:org.mitre.oval:def:25357 | SUSE-SU-2013:0549-3 -- Security update for OpenSSL |
oval:org.mitre.oval:def:26491 | Vulnerability in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1... |
oval:org.mitre.oval:def:26445 | HP-UX running OpenSSL, Multiple Vulnerabilities |
oval:org.mitre.oval:def:26622 | AIX OpenSSL Denial of Service due to double free |
oval:org.mitre.oval:def:21388 | RHSA-2012:0699: openssl security and bug fix update (Moderate) |
oval:org.mitre.oval:def:20725 | Multiple OpenSSL vulnerabilities |
oval:org.mitre.oval:def:19623 | HP-UX Running OpenSSL, Remote Denial of Service (DoS) |
oval:org.mitre.oval:def:17865 | DSA-2475-1 openssl - integer underflow |
oval:org.mitre.oval:def:17579 | USN-1451-1 -- openssl vulnerabilities |
oval:org.mitre.oval:def:23676 | ELSA-2012:0699: openssl security and bug fix update (Moderate) |
oval:org.mitre.oval:def:23379 | DEPRECATED: ELSA-2012:0699: openssl security and bug fix update (Moderate) |
oval:org.mitre.oval:def:24897 | OpenSSL vulnerability in before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before... |
oval:org.mitre.oval:def:27609 | DEPRECATED: ELSA-2012-0699 -- openssl security and bug fix update (moderate) |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78191 | OpenSSL GOST ENGINE Parameter Parsing Remote DoS |
78190 | OpenSSL Server Gated Cryptograpy (SGC) Handshake Restart Handling Remote DoS |
78189 | OpenSSL RFC 3779 Certificate Data Parsing Assertion Failure Remote DoS |
78188 | OpenSSL SSL 3.0 Record Cipher Padding Uninitialized Memory Information Disclo... |
78187 | OpenSSL X509_V_FLAG_POLICY_CHECK Double-free Unspecified Weakness |
id | Description |
---|---|
78186 | OpenSSL Datagram Transport Layer Security (DTLS) CBC Encryption Weakness Plai... |
75230 | OpenSSL Ephemeral ECDH Ciphersuites Handshake Message Parsing Remote DoS |
74632 | OpenSSL ECDHE_ECDSA Cipher Suite ECDSA Timing Attack Weakness |
73894 | Multiple Vendor SSL/TLS Implementation Renegotiation DoS |
70847 | OpenSSL ClientHello Handshake Message Parsing Invalid Memory Access |
69657 | OpenSSL J-PAKE Public Parameter Validation Shared Secret Authentication Bypass |
69565 | OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Session Resume Ciphersuite Do... |
69265 | OpenSSL TLS Server ssl/t1_lib.c Extension Parsing Race Condition Overflow |
65057 | OpenSSL Cryptographic Message Syntax crypto/cms/cms_asn1.c OriginatorInfo Ele... |
55072 | OpenSSL ssl/d1_both.cdtls1_retrieve_buffered_fragment Function DTLS Handshake... |
ExploitDB Exploits
id | Description |
---|---|
18756 | OpenSSL ASN1 BIO Memory Corruption Vulnerability |
OpenVAS Exploits
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id | Description |
---|---|
2014-10-16 | Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl |
2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
2012-08-30 | Name : Fedora Update for openssl FEDORA-2012-7939 File : nvt/gb_fedora_2012_7939_openssl_fc17.nasl |
2012-08-30 | Name : Fedora Update for openssl FEDORA-2012-4630 File : nvt/gb_fedora_2012_4630_openssl_fc17.nasl |
2012-08-30 | Name : Fedora Update for openssl FEDORA-2012-6343 File : nvt/gb_fedora_2012_6343_openssl_fc17.nasl |
id | Description |
---|---|
2012-08-10 | Name : FreeBSD Ports: FreeBSD File : nvt/freebsd_FreeBSD19.nasl |
2012-08-03 | Name : Mandriva Update for openssl MDVSA-2012:073 (openssl) File : nvt/gb_mandriva_MDVSA_2012_073.nasl |
2012-08-03 | Name : Mandriva Update for openssl MDVSA-2012:007 (openssl) File : nvt/gb_mandriva_MDVSA_2012_007.nasl |
2012-08-03 | Name : Mandriva Update for openssl MDVSA-2012:038 (openssl) File : nvt/gb_mandriva_MDVSA_2012_038.nasl |
2012-08-03 | Name : Mandriva Update for openssl MDVSA-2012:060 (openssl) File : nvt/gb_mandriva_MDVSA_2012_060.nasl |
2012-08-03 | Name : Mandriva Update for openssl0.9.8 MDVSA-2012:064 (openssl0.9.8) File : nvt/gb_mandriva_MDVSA_2012_064.nasl |
2012-08-02 | Name : SuSE Update for openssl openSUSE-SU-2012:0083-1 (openssl) File : nvt/gb_suse_2012_0083_1.nasl |
2012-07-30 | Name : CentOS Update for openssl CESA-2010:0977 centos4 x86_64 File : nvt/gb_CESA-2010_0977_openssl_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for openssl CESA-2012:0699 centos5 File : nvt/gb_CESA-2012_0699_openssl_centos5.nasl |
2012-07-30 | Name : CentOS Update for openssl CESA-2012:0699 centos6 File : nvt/gb_CESA-2012_0699_openssl_centos6.nasl |
2012-07-30 | Name : CentOS Update for openssl CESA-2012:0059 centos6 File : nvt/gb_CESA-2012_0059_openssl_centos6.nasl |
2012-07-30 | Name : CentOS Update for openssl CESA-2012:0060 centos5 File : nvt/gb_CESA-2012_0060_openssl_centos5.nasl |
2012-07-30 | Name : CentOS Update for openssl CESA-2012:0086 centos4 File : nvt/gb_CESA-2012_0086_openssl_centos4.nasl |
2012-07-30 | Name : CentOS Update for openssl CESA-2012:0426 centos5 File : nvt/gb_CESA-2012_0426_openssl_centos5.nasl |
2012-07-30 | Name : CentOS Update for openssl CESA-2012:0426 centos6 File : nvt/gb_CESA-2012_0426_openssl_centos6.nasl |
2012-07-30 | Name : CentOS Update for openssl097a CESA-2012:0518 centos5 File : nvt/gb_CESA-2012_0518_openssl097a_centos5.nasl |
2012-07-30 | Name : CentOS Update for openssl098e CESA-2012:0518 centos6 File : nvt/gb_CESA-2012_0518_openssl098e_centos6.nasl |
2012-07-09 | Name : RedHat Update for openssl RHSA-2012:0059-01 File : nvt/gb_RHSA-2012_0059-01_openssl.nasl |
2012-06-06 | Name : RedHat Update for openssl RHSA-2011:0677-01 File : nvt/gb_RHSA-2011_0677-01_openssl.nasl |
2012-06-04 | Name : Fedora Update for openssl FEDORA-2012-8014 File : nvt/gb_fedora_2012_8014_openssl_fc16.nasl |
Information Assurance Vulnerability Management (IAVM)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id | Description |
---|---|
2015-A-0154 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity : Category I - VMSKEY : V0061081 |
2015-A-0113 | Multiple Vulnerabilities in Juniper Networks CTPOS Severity : Category I - VMSKEY : V0060737 |
2015-B-0014 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity : Category I - VMSKEY : V0058513 |
2015-B-0013 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity : Category I - VMSKEY : V0058515 |
2015-B-0012 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity : Category I - VMSKEY : V0058517 |
id | Description |
---|---|
2015-B-0007 | Multiple Vulnerabilities in Juniper Secure Analytics (JSA) and Security Threa... Severity : Category I - VMSKEY : V0058213 |
2014-A-0172 | Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform Severity : Category I - VMSKEY : V0057381 |
2014-A-0115 | Multiple Vulnerabilities in VMware Horizon View Severity : Category I - VMSKEY : V0053501 |
2014-B-0101 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1 Severity : Category I - VMSKEY : V0053505 |
2014-B-0102 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5 Severity : Category I - VMSKEY : V0053507 |
2014-B-0103 | Multiple Vulnerabilities in VMware Horizon View Client Severity : Category I - VMSKEY : V0053509 |
2014-B-0097 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity : Category I - VMSKEY : V0053319 |
2014-B-0095 | Multiple Vulnerabilities in Splunk Severity : Category I - VMSKEY : V0053177 |
2014-A-0111 | Multiple Vulnerabilities in VMware Workstation Severity : Category I - VMSKEY : V0053179 |
2014-A-0110 | Multiple Vulnerabilities in VMware Player Severity : Category I - VMSKEY : V0053181 |
2014-A-0109 | Multiple Vulnerabilities in VMware Fusion Severity : Category I - VMSKEY : V0053183 |
2014-A-0100 | Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux Severity : Category I - VMSKEY : V0053201 |
2014-A-0099 | Multiple Vulnerabilities in McAfee Email Gateway Severity : Category I - VMSKEY : V0053203 |
2014-B-0092 | Multiple Vulnerabilities in VMware vSphere Client 5.5 Severity : Category I - VMSKEY : V0052893 |
2014-B-0085 | Multiple Vulnerabilities in HP System Management Homepage (SMH) Severity : Category I - VMSKEY : V0052899 |
2014-B-0091 | Multiple Vulnerabilities in VMware vCenter Update Manager 5.5 Severity : Category I - VMSKEY : V0052907 |
2014-B-0089 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity : Category I - VMSKEY : V0052909 |
2014-B-0088 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity : Category I - VMSKEY : V0052911 |
2014-A-0089 | Multiple Vulnerabilities in Juniper Pulse Secure Access Service (IVE) Severity : Category I - VMSKEY : V0052805 |
2014-B-0077 | Multiple Vulnerabilities in McAfee Web Gateway Severity : Category I - VMSKEY : V0052625 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-12-03 | OpenSSL ECDH malformed Client Hello denial of service attempt RuleID : 52042 - Type : SERVER-OTHER - Revision : 1 |
2019-09-24 | OpenSSL DTLS zero-length fragments denial of service attempt RuleID : 51215 - Type : SERVER-OTHER - Revision : 1 |
2019-09-24 | OpenSSL DTLS bad fragment length denial of service attempt RuleID : 51214 - Type : SERVER-OTHER - Revision : 2 |
2018-05-24 | X.509 IPAddressFamily extension buffer overread attempt RuleID : 46418 - Type : SERVER-OTHER - Revision : 2 |
2018-05-24 | X.509 IPAddressFamily extension buffer overread attempt RuleID : 46417 - Type : SERVER-OTHER - Revision : 2 |
Date | Description |
---|---|
2016-05-19 | OpenSSL TLS change cipher spec protocol denial of service attempt RuleID : 38575 - Type : SERVER-OTHER - Revision : 4 |
2015-10-20 | OpenSSL DTLS handshake oversized fragment length denial of service attempt RuleID : 36096 - Type : SERVER-OTHER - Revision : 2 |
2014-12-18 | SSLv3 CBC client connection attempt RuleID : 32566 - Type : POLICY-OTHER - Revision : 2 |
2014-11-19 | SSLv3 POODLE CBC padding brute force attempt RuleID : 32205 - Type : SERVER-OTHER - Revision : 5 |
2014-11-19 | SSLv3 POODLE CBC padding brute force attempt RuleID : 32204 - Type : SERVER-OTHER - Revision : 5 |
2014-11-16 | OpenSSL DTLSv1.0 handshake fragment buffer overrun attempt RuleID : 31361 - Type : SERVER-OTHER - Revision : 2 |
2014-11-16 | OpenSSL DTLSv1.0 handshake fragment buffer overrun attempt RuleID : 31182 - Type : SERVER-OTHER - Revision : 2 |
2014-07-05 | OpenSSL DTLS handshake recursion denial of service attempt RuleID : 31181 - Type : SERVER-OTHER - Revision : 8 |
2014-07-05 | OpenSSL DTLS handshake recursion denial of service attempt RuleID : 31180 - Type : SERVER-OTHER - Revision : 7 |
2014-01-10 | SSLv3 plaintext recovery attempt RuleID : 25828 - Type : SERVER-OTHER - Revision : 4 |
2014-01-10 | TLSv1.2 plaintext recovery attempt RuleID : 25827 - Type : SERVER-OTHER - Revision : 4 |
2014-01-10 | TLSv1.1 plaintext recovery attempt RuleID : 25826 - Type : SERVER-OTHER - Revision : 4 |
2014-01-10 | TLSv1.0 plaintext recovery attempt RuleID : 25825 - Type : SERVER-OTHER - Revision : 4 |
2014-01-10 | THC SSL renegotiation DOS attempt RuleID : 20439 - Type : MALWARE-TOOLS - Revision : 6 |
2014-01-10 | THC SSL renegotiation DOS attempt RuleID : 20438 - Type : MALWARE-TOOLS - Revision : 6 |
2014-01-10 | THC SSL renegotiation DOS attempt RuleID : 20437 - Type : MALWARE-TOOLS - Revision : 6 |
2014-01-10 | THC SSL renegotiation DOS attempt RuleID : 20436 - Type : MALWARE-TOOLS - Revision : 6 |
2014-01-10 | OpenSSL CMS structure OriginatorInfo memory corruption attempt RuleID : 18766 - Type : SERVER-OTHER - Revision : 9 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id | Description |
---|---|
2019-01-08 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2019-1009.nasl - Type : ACT_GATHER_INFO |
2018-12-28 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1420.nasl - Type : ACT_GATHER_INFO |
2018-12-10 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1392.nasl - Type : ACT_GATHER_INFO |
2018-12-07 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-1102.nasl - Type : ACT_GATHER_INFO |
2018-11-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2018-3221.nasl - Type : ACT_GATHER_INFO |
id | Description |
---|---|
2018-11-09 | Name : The remote Amazon Linux 2 host is missing a security update. File : al2_ALAS-2018-1102.nasl - Type : ACT_GATHER_INFO |
2018-09-27 | Name : The remote Debian host is missing a security update. File : debian_DLA-1518.nasl - Type : ACT_GATHER_INFO |
2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2017-0042.nasl - Type : ACT_GATHER_INFO |
2018-04-27 | Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_jsa10851.nasl - Type : ACT_GATHER_INFO |
2018-03-08 | Name : The remote AIX host has a version of OpenSSL installed that is affected by an... File : aix_openssl_advisory24.nasl - Type : ACT_GATHER_INFO |
2018-02-28 | Name : The version of Arista Networks EOS running on the remote device is affected b... File : arista_eos_sa0020.nasl - Type : ACT_GATHER_INFO |
2018-01-15 | Name : The remote Fedora host is missing a security update. File : fedora_2017-4cf72e2c11.nasl - Type : ACT_GATHER_INFO |
2018-01-15 | Name : The remote Fedora host is missing a security update. File : fedora_2017-512a6c5aae.nasl - Type : ACT_GATHER_INFO |
2017-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201712-03.nasl - Type : ACT_GATHER_INFO |
2017-12-14 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-1324.nasl - Type : ACT_GATHER_INFO |
2017-12-07 | Name : The remote host is potentially affected by an SSL/TLS vulnerability. File : check_point_gaia_sk103683.nasl - Type : ACT_GATHER_INFO |
2017-12-07 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_9442a811dab311e7b5afa4badb2f4699.nasl - Type : ACT_GATHER_INFO |
2017-12-07 | Name : The remote host is missing a macOS update that fixes multiple security vulner... File : macos_10_13_2.nasl - Type : ACT_GATHER_INFO |
2017-12-07 | Name : The remote host is missing a macOS or Mac OS X security update that fixes mul... File : macosx_SecUpd2017-005.nasl - Type : ACT_GATHER_INFO |
2017-12-01 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3169-1.nasl - Type : ACT_GATHER_INFO |
2017-11-29 | Name : The remote Fedora host is missing a security update. File : fedora_2017-55a3247cfd.nasl - Type : ACT_GATHER_INFO |
2017-11-29 | Name : The remote Fedora host is missing a security update. File : fedora_2017-dbec196dd8.nasl - Type : ACT_GATHER_INFO |
2017-11-22 | Name : The remote Fedora host is missing a security update. File : fedora_2017-7f30914972.nasl - Type : ACT_GATHER_INFO |
2017-11-16 | Name : The Tenable SecurityCenter application on the remote host contains an OpenSSL... File : securitycenter_openssl_1_0_2m.nasl - Type : ACT_GATHER_INFO |
2017-11-13 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2981-1.nasl - Type : ACT_GATHER_INFO |