This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:openssl:openssl
Detail
VendorOpensslFirst view 1999-03-22
ProductOpensslLast view2018-09-10
VersionTypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:openssl:openssl

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
2.12018-09-10CVE-2016-7056LocalLowNone Requ...
6.42016-05-04CVE-2016-2176NetworkLowNone Requ...
7.82016-05-04CVE-2016-2109NetworkLowNone Requ...
102016-05-04CVE-2016-2108NetworkLowNone Requ...
2.62016-05-04CVE-2016-2107NetworkHighNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52016-05-04CVE-2016-2106NetworkLowNone Requ...
52016-05-04CVE-2000-1254NetworkLowNone Requ...
4.32016-03-02CVE-2016-0704NetworkMediumNone Requ...
4.32016-03-02CVE-2016-0703NetworkMediumNone Requ...
52015-06-12CVE-2015-1792NetworkLowNone Requ...
6.82015-06-12CVE-2015-1791NetworkMediumNone Requ...
52015-06-12CVE-2015-1790NetworkLowNone Requ...
4.32015-06-12CVE-2015-1789NetworkMediumNone Requ...
4.32015-06-12CVE-2015-1788NetworkMediumNone Requ...
7.52015-06-12CVE-2014-8176NetworkLowNone Requ...
52015-03-19CVE-2015-0293NetworkLowNone Requ...
7.52015-03-19CVE-2015-0292NetworkLowNone Requ...
52015-03-19CVE-2015-0289NetworkLowNone Requ...
52015-03-19CVE-2015-0288NetworkLowNone Requ...
52015-03-19CVE-2015-0287NetworkLowNone Requ...
52015-03-19CVE-2015-0286NetworkLowNone Requ...
6.82015-03-19CVE-2015-0209NetworkMediumNone Requ...
4.32015-01-08CVE-2015-0204NetworkMediumNone Requ...
52015-01-08CVE-2014-8275NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
37% (23)CWE-310Cryptographic Issues
19% (12)CWE-399Resource Management Errors
12% (8)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (5)CWE-20Improper Input Validation
4% (3)CWE-200Information Exposure
Hide | Show 6 More...
%idName
4% (3)CWE-189Numeric Errors
3% (2)CWE-362Race Condition
3% (2)CWE-287Improper Authentication
3% (2)CWE-17Code
1% (1)CWE-320Key Management Errors
1% (1)CWE-264Permissions, Privileges, and Access Controls

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-96Block Access to Libraries

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:25037Vulnerability in OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not prop...
oval:org.mitre.oval:def:7899DSA-1943 openldap openldap2.3 -- insufficient input validation
oval:org.mitre.oval:def:7274VMware ESX, Service Console update for OpenLDAP.
oval:org.mitre.oval:def:21799RHSA-2010:0198: openldap security and bug fix update (Moderate)
oval:org.mitre.oval:def:20225DSA-1943-1 openldap openldap2.3 - SSL certificate
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:13869USN-858-1 -- openldap2.2 vulnerability
oval:org.mitre.oval:def:11178libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other version...
oval:org.mitre.oval:def:23047ELSA-2010:0198: openldap security and bug fix update (Moderate)
oval:org.mitre.oval:def:28271DEPRECATED: ELSA-2010-0198 -- openldap security and bug fix update (moderate)
oval:org.mitre.oval:def:21388RHSA-2012:0699: openssl security and bug fix update (Moderate)
oval:org.mitre.oval:def:20725Multiple OpenSSL vulnerabilities
oval:org.mitre.oval:def:19623HP-UX Running OpenSSL, Remote Denial of Service (DoS)
oval:org.mitre.oval:def:17865DSA-2475-1 openssl - integer underflow
oval:org.mitre.oval:def:17579USN-1451-1 -- openssl vulnerabilities
oval:org.mitre.oval:def:23676ELSA-2012:0699: openssl security and bug fix update (Moderate)
oval:org.mitre.oval:def:23379DEPRECATED: ELSA-2012:0699: openssl security and bug fix update (Moderate)
oval:org.mitre.oval:def:24897OpenSSL vulnerability in before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before...
oval:org.mitre.oval:def:27609DEPRECATED: ELSA-2012-0699 -- openssl security and bug fix update (moderate)
oval:org.mitre.oval:def:29160USN-2639-1 -- openssl vulnerabilities
oval:org.mitre.oval:def:28583USN-2639-1 -- openssl vulnerabilities
oval:org.mitre.oval:def:29435AIX OpenSSL CMS Code vulnerability
oval:org.mitre.oval:def:29466HP-UX OpenSSL Vulnerability (CMS verify infinite loop with unknown hash funct...
oval:org.mitre.oval:def:20495Multiple OpenSSL vulnerabilities
oval:org.mitre.oval:def:20409VMware vSphere and vCOps updates to third party libraries
oval:org.mitre.oval:def:19801HP-UX Running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
78191OpenSSL GOST ENGINE Parameter Parsing Remote DoS
78190OpenSSL Server Gated Cryptograpy (SGC) Handshake Restart Handling Remote DoS
78189OpenSSL RFC 3779 Certificate Data Parsing Assertion Failure Remote DoS
78188OpenSSL SSL 3.0 Record Cipher Padding Uninitialized Memory Information Disclo...
78186OpenSSL Datagram Transport Layer Security (DTLS) CBC Encryption Weakness Plai...
Hide | Show 20 More...
idDescription
77832Parallels Plesk Panel Billing System TLS Renegotiation Handshakes MiTM Plaint...
75622Blue Coat Director TLS Renegotiation Handshakes MiTM Plaintext Data Injection
74632OpenSSL ECDHE_ECDSA Cipher Suite ECDSA Timing Attack Weakness
74335Hitachi Web Server TLS Renegotiation Handshakes MiTM Plaintext Data Injection
73894Multiple Vendor SSL/TLS Implementation Renegotiation DoS
71961Oracle Fusion Middleware Oracle WebLogic Server TLS Renegotiation Handshakes ...
71951Oracle Multiple Products Oracle Security Service TLS Renegotiation Handshakes...
70620mGuard TLS Renegotiation Handshakes MiTM Plaintext Data Injection
70055Oracle Supply Chain Transportation Management TLS Renegotiation Handshakes Mi...
69657OpenSSL J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
69655OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Ciphersuite Disabled Cipher I...
69565OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Session Resume Ciphersuite Do...
69561IBM WebSphere MQ Internet Pass-Thru TLS Renegotiation Handshake MiTM Plaintex...
69032Oracle Java SE / Java for Business TLS Renegotiation Handshake MiTM Plaintext...
67029HP Threat Management Services zl Module TLS Renegotiation Handshakes MiTM Pla...
66315HP Insight Manager TLS Renegotiation Handshakes MiTM Plaintext Data Injection
65202OpenOffice.org (OOo) TLS Renegotiation Handshakes MiTM Plaintext Data Injection
65057OpenSSL Cryptographic Message Syntax crypto/cms/cms_asn1.c OriginatorInfo Ele...
64725HP System Management Homepage (SMH) TLS Renegotiation Handshakes MiTM Plainte...
64499ArubaOS HTTPS WebUI Admin Interface TLS Renegotiation Handshakes MiTM Plainte...

ExploitDB Exploits

idDescription
18756OpenSSL ASN1 BIO Memory Corruption Vulnerability
10579TLS Renegotiation Vulnerability PoC Exploit
8873OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
8720OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-08-31Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.
File : nvt/gb_VMSA-2012-0013.nasl
2012-08-30Name : Fedora Update for openssl FEDORA-2012-7939
File : nvt/gb_fedora_2012_7939_openssl_fc17.nasl
2012-08-30Name : Fedora Update for openssl FEDORA-2012-4630
File : nvt/gb_fedora_2012_4630_openssl_fc17.nasl
2012-08-30Name : Fedora Update for openssl FEDORA-2012-6343
File : nvt/gb_fedora_2012_6343_openssl_fc17.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-18 (GnuTLS)
File : nvt/glsa_201206_18.nasl
Hide | Show 20 More...
idDescription
2012-08-10Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD19.nasl
2012-08-03Name : Mandriva Update for openssl MDVSA-2012:073 (openssl)
File : nvt/gb_mandriva_MDVSA_2012_073.nasl
2012-08-03Name : Mandriva Update for openssl MDVSA-2012:007 (openssl)
File : nvt/gb_mandriva_MDVSA_2012_007.nasl
2012-08-03Name : Mandriva Update for openssl MDVSA-2012:038 (openssl)
File : nvt/gb_mandriva_MDVSA_2012_038.nasl
2012-08-03Name : Mandriva Update for mutt MDVSA-2012:048 (mutt)
File : nvt/gb_mandriva_MDVSA_2012_048.nasl
2012-08-03Name : Mandriva Update for openssl MDVSA-2012:060 (openssl)
File : nvt/gb_mandriva_MDVSA_2012_060.nasl
2012-08-03Name : Mandriva Update for openssl0.9.8 MDVSA-2012:064 (openssl0.9.8)
File : nvt/gb_mandriva_MDVSA_2012_064.nasl
2012-08-02Name : SuSE Update for openssl openSUSE-SU-2012:0083-1 (openssl)
File : nvt/gb_suse_2012_0083_1.nasl
2012-07-30Name : CentOS Update for openssl CESA-2010:0977 centos4 x86_64
File : nvt/gb_CESA-2010_0977_openssl_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0699 centos5
File : nvt/gb_CESA-2012_0699_openssl_centos5.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0699 centos6
File : nvt/gb_CESA-2012_0699_openssl_centos6.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0059 centos6
File : nvt/gb_CESA-2012_0059_openssl_centos6.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0060 centos5
File : nvt/gb_CESA-2012_0060_openssl_centos5.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0086 centos4
File : nvt/gb_CESA-2012_0086_openssl_centos4.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0426 centos5
File : nvt/gb_CESA-2012_0426_openssl_centos5.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0426 centos6
File : nvt/gb_CESA-2012_0426_openssl_centos6.nasl
2012-07-30Name : CentOS Update for openssl097a CESA-2012:0518 centos5
File : nvt/gb_CESA-2012_0518_openssl097a_centos5.nasl
2012-07-30Name : CentOS Update for openssl098e CESA-2012:0518 centos6
File : nvt/gb_CESA-2012_0518_openssl098e_centos6.nasl
2012-07-09Name : RedHat Update for openssl RHSA-2012:0059-01
File : nvt/gb_RHSA-2012_0059-01_openssl.nasl
2012-06-04Name : Fedora Update for openssl FEDORA-2012-8014
File : nvt/gb_fedora_2012_8014_openssl_fc16.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2015-A-0222Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0061471
2015-B-0106Multiple Vulnerabilities in HP Version Control Repository Manager
Severity : Category I - VMSKEY : V0061359
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2015-A-0154Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0061081
2015-A-0160Multiple Vulnerabilities in Oracle Linux and Virtualization
Severity : Category I - VMSKEY : V0061123
Hide | Show 20 More...
idDescription
2015-A-0135Multiple Vulnerabilities in Blue Coat ProxySG
Severity : Category I - VMSKEY : V0060997
2015-A-0113Multiple Vulnerabilities in Juniper Networks CTPOS
Severity : Category I - VMSKEY : V0060737
2015-B-0014Multiple Vulnerabilities in VMware ESXi 5.5
Severity : Category I - VMSKEY : V0058513
2015-B-0013Multiple Vulnerabilities in VMware ESXi 5.1
Severity : Category I - VMSKEY : V0058515
2015-B-0012Multiple Vulnerabilities in VMware ESXi 5.0
Severity : Category I - VMSKEY : V0058517
2015-B-0007Multiple Vulnerabilities in Juniper Secure Analytics (JSA) and Security Threa...
Severity : Category I - VMSKEY : V0058213
2014-A-0172Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0057381
2014-A-0115Multiple Vulnerabilities in VMware Horizon View
Severity : Category I - VMSKEY : V0053501
2014-B-0101Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1
Severity : Category I - VMSKEY : V0053505
2014-B-0102Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5
Severity : Category I - VMSKEY : V0053507
2014-B-0103Multiple Vulnerabilities in VMware Horizon View Client
Severity : Category I - VMSKEY : V0053509
2014-B-0097Multiple Vulnerabilities in VMware ESXi 5.0
Severity : Category I - VMSKEY : V0053319
2014-B-0095Multiple Vulnerabilities in Splunk
Severity : Category I - VMSKEY : V0053177
2014-A-0111Multiple Vulnerabilities in VMware Workstation
Severity : Category I - VMSKEY : V0053179
2014-A-0110Multiple Vulnerabilities in VMware Player
Severity : Category I - VMSKEY : V0053181
2014-A-0109Multiple Vulnerabilities in VMware Fusion
Severity : Category I - VMSKEY : V0053183
2014-A-0103Multiple Vulnerabilities in Oracle E-Business
Severity : Category I - VMSKEY : V0053195
2014-A-0100Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux
Severity : Category I - VMSKEY : V0053201
2014-A-0099Multiple Vulnerabilities in McAfee Email Gateway
Severity : Category I - VMSKEY : V0053203
2014-B-0092Multiple Vulnerabilities in VMware vSphere Client 5.5
Severity : Category I - VMSKEY : V0052893

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2019-10-01OpenSSL TLS anomalous ascii client session ticket
RuleID : 51354 - Type : SERVER-OTHER - Revision : 1
2019-10-01OpenSSL TLS anomalous ascii client session ticket
RuleID : 51353 - Type : SERVER-OTHER - Revision : 1
2019-10-01OpenSSL TLS anomalous ascii client session ticket
RuleID : 51352 - Type : SERVER-OTHER - Revision : 1
2019-10-01OpenSSL TLS anomalous ascii client session ticket
RuleID : 51351 - Type : SERVER-OTHER - Revision : 1
2019-10-01OpenSSL TLS anomalous ascii session ticket
RuleID : 51350 - Type : SERVER-OTHER - Revision : 1
Hide | Show 20 More...
DateDescription
2019-10-01OpenSSL TLS anomalous ascii session ticket
RuleID : 51349 - Type : SERVER-OTHER - Revision : 1
2019-10-01OpenSSL TLS anomalous ascii session ticket
RuleID : 51348 - Type : SERVER-OTHER - Revision : 1
2019-10-01OpenSSL TLS anomalous ascii session ticket
RuleID : 51347 - Type : SERVER-OTHER - Revision : 1
2019-10-01OpenSSL TLS anomalous non-zero length session ticket in client hello
RuleID : 51346 - Type : SERVER-OTHER - Revision : 1
2019-10-01OpenSSL TLS anomalous non-zero length session ticket in client hello
RuleID : 51345 - Type : SERVER-OTHER - Revision : 1
2019-10-01OpenSSL TLS anomalous non-zero length session ticket in client hello
RuleID : 51344 - Type : SERVER-OTHER - Revision : 1
2019-10-01OpenSSL TLS anomalous non-zero length session ticket in client hello
RuleID : 51343 - Type : SERVER-OTHER - Revision : 1
2016-05-19OpenSSL TLS change cipher spec protocol denial of service attempt
RuleID : 38575 - Type : SERVER-OTHER - Revision : 4
2015-07-19OpenSSL denial-of-service via crafted x.509 certificate attempt
RuleID : 34889 - Type : SERVER-OTHER - Revision : 3
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33806 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33805 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33804 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33803 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33802 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33801 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33800 - Type : SERVER-OTHER - Revision : 6
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33799 - Type : SERVER-OTHER - Revision : 6
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33798 - Type : SERVER-OTHER - Revision : 6
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33797 - Type : SERVER-OTHER - Revision : 6
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33796 - Type : SERVER-OTHER - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2018-04-03Name : The remote web server may allow remote code execution.
File : iis_7_pci.nasl - Type : ACT_GATHER_INFO
2018-03-09Name : The remote web server is affected by multiple vulnerabilities.
File : nginx_0_7_64.nasl - Type : ACT_GATHER_INFO
2018-02-28Name : The version of Arista Networks EOS running on the remote device is affected b...
File : arista_eos_sa0018.nasl - Type : ACT_GATHER_INFO
2018-02-28Name : The version of Arista Networks EOS running on the remote device is affected b...
File : arista_eos_sa0020.nasl - Type : ACT_GATHER_INFO
2017-12-07Name : The remote host is potentially affected by an SSL/TLS vulnerability.
File : check_point_gaia_sk103683.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2017-12-04Name : The remote host is missing a vendor-supplied security patch.
File : check_point_gaia_sk106499.nasl - Type : ACT_GATHER_INFO
2017-11-17Name : The remote host is affected by a MITM vulnerability.
File : fortios_FG-IR-17-137.nasl - Type : ACT_GATHER_INFO
2017-05-09Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-560.nasl - Type : ACT_GATHER_INFO
2017-05-09Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-561.nasl - Type : ACT_GATHER_INFO
2017-03-31Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_12_4.nasl - Type : ACT_GATHER_INFO
2017-03-31Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2017-001.nasl - Type : ACT_GATHER_INFO
2017-03-22Name : A data aggregation application installed on the remote host is affected by mu...
File : lce_4_8_1.nasl - Type : ACT_GATHER_INFO
2017-03-06Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0605-1.nasl - Type : ACT_GATHER_INFO
2017-03-02Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0585-1.nasl - Type : ACT_GATHER_INFO
2017-02-21Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-255.nasl - Type : ACT_GATHER_INFO
2017-02-15Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0461-1.nasl - Type : ACT_GATHER_INFO
2017-02-09Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-222.nasl - Type : ACT_GATHER_INFO
2017-02-02Name : The remote Debian host is missing a security update.
File : debian_DLA-814.nasl - Type : ACT_GATHER_INFO
2017-02-01Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3181-1.nasl - Type : ACT_GATHER_INFO
2017-01-30Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3773.nasl - Type : ACT_GATHER_INFO
2017-01-30Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0194.nasl - Type : ACT_GATHER_INFO
2017-01-27Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0193.nasl - Type : ACT_GATHER_INFO
2017-01-12Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_7caebe30d7f111e6a9a5b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2017-01-05Name : The remote device is missing a vendor-supplied security patch.
File : juniper_jsa10759.nasl - Type : ACT_GATHER_INFO
2016-12-07Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201612-16.nasl - Type : ACT_GATHER_INFO