This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:openssl:openssl:0.9.8i
Detail
VendorOpensslFirst view 2009-03-27
ProductOpensslLast view2018-11-15
Version0.9.8iTypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:openssl:openssl

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
1.92018-11-15CVE-2018-5407LocalMediumNone Requ...
2.12018-09-10CVE-2016-7056LocalLowNone Requ...
52017-08-28CVE-2017-3735NetworkLowNone Requ...
2.62017-05-04CVE-2016-7055NetworkHighNone Requ...
6.42016-05-04CVE-2016-2176NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.82016-05-04CVE-2016-2109NetworkLowNone Requ...
102016-05-04CVE-2016-2108NetworkLowNone Requ...
2.62016-05-04CVE-2016-2107NetworkHighNone Requ...
52016-05-04CVE-2016-2106NetworkLowNone Requ...
4.32015-05-20CVE-2015-4000NetworkMediumNone Requ...
4.32014-10-14CVE-2014-3566NetworkMediumNone Requ...
4.32014-08-13CVE-2014-3510NetworkMediumNone Requ...
4.32014-08-13CVE-2014-3508NetworkMediumNone Requ...
52014-08-13CVE-2014-3507NetworkLowNone Requ...
52014-08-13CVE-2014-3506NetworkLowNone Requ...
52014-08-13CVE-2014-3505NetworkLowNone Requ...
4.32014-06-05CVE-2014-3470NetworkMediumNone Requ...
6.82014-06-05CVE-2014-0224NetworkMediumNone Requ...
4.32014-06-05CVE-2014-0221NetworkMediumNone Requ...
6.82014-06-05CVE-2014-0195NetworkMediumNone Requ...
42014-04-14CVE-2010-5298NetworkHighNone Requ...
1.92014-03-25CVE-2014-0076LocalMediumNone Requ...
4.32013-12-23CVE-2013-6449NetworkMediumNone Requ...
2.62013-02-08CVE-2013-0169NetworkHighNone Requ...

CWE : Common Weakness Enumeration

%idName
32% (17)CWE-310Cryptographic Issues
26% (14)CWE-399Resource Management Errors
13% (7)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
5% (3)CWE-200Information Exposure
5% (3)CWE-189Numeric Errors
Hide | Show 4 More...
%idName
5% (3)CWE-20Improper Input Validation
3% (2)CWE-362Race Condition
3% (2)CWE-320Key Management Errors
3% (2)CWE-287Improper Authentication

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:19264HP-UX Running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access
oval:org.mitre.oval:def:25015Vulnerability in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e, allows...
oval:org.mitre.oval:def:29329AIX Logjam Vulnerability
oval:org.mitre.oval:def:29478HP-UX OpenSSL Vulnerability (DHE man-in-the-middle protection (Logjam))
oval:org.mitre.oval:def:20686VMware vSphere, ESX and ESXi updates to third party libraries
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:19487HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Unauthorized Discl...
oval:org.mitre.oval:def:19360Multiple OpenSSL vulnerabilities
oval:org.mitre.oval:def:19081OpenSSL vulnerability before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1....
oval:org.mitre.oval:def:18754HP-UX Apache Web Server, Remote Denial of Service (DoS)
oval:org.mitre.oval:def:24756OpenSSL vulnerability before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1....
oval:org.mitre.oval:def:26011SUSE-SU-2013:0549-1 -- Security update for OpenSSL
oval:org.mitre.oval:def:25900SUSE-SU-2013:0554-1 -- Security update for OpenSSL
oval:org.mitre.oval:def:25849SUSE-SU-2013:0549-2 -- Security update for OpenSSL
oval:org.mitre.oval:def:25357SUSE-SU-2013:0549-3 -- Security update for OpenSSL
oval:org.mitre.oval:def:26491Vulnerability in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1...
oval:org.mitre.oval:def:26445HP-UX running OpenSSL, Multiple Vulnerabilities
oval:org.mitre.oval:def:26622AIX OpenSSL Denial of Service due to double free
oval:org.mitre.oval:def:21388RHSA-2012:0699: openssl security and bug fix update (Moderate)
oval:org.mitre.oval:def:20725Multiple OpenSSL vulnerabilities
oval:org.mitre.oval:def:19623HP-UX Running OpenSSL, Remote Denial of Service (DoS)
oval:org.mitre.oval:def:17865DSA-2475-1 openssl - integer underflow
oval:org.mitre.oval:def:17579USN-1451-1 -- openssl vulnerabilities
oval:org.mitre.oval:def:23676ELSA-2012:0699: openssl security and bug fix update (Moderate)
oval:org.mitre.oval:def:23379DEPRECATED: ELSA-2012:0699: openssl security and bug fix update (Moderate)
oval:org.mitre.oval:def:24897OpenSSL vulnerability in before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before...

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
78191OpenSSL GOST ENGINE Parameter Parsing Remote DoS
78190OpenSSL Server Gated Cryptograpy (SGC) Handshake Restart Handling Remote DoS
78189OpenSSL RFC 3779 Certificate Data Parsing Assertion Failure Remote DoS
78188OpenSSL SSL 3.0 Record Cipher Padding Uninitialized Memory Information Disclo...
78187OpenSSL X509_V_FLAG_POLICY_CHECK Double-free Unspecified Weakness
Hide | Show 20 More...
idDescription
78186OpenSSL Datagram Transport Layer Security (DTLS) CBC Encryption Weakness Plai...
75230OpenSSL Ephemeral ECDH Ciphersuites Handshake Message Parsing Remote DoS
74632OpenSSL ECDHE_ECDSA Cipher Suite ECDSA Timing Attack Weakness
70847OpenSSL ClientHello Handshake Message Parsing Invalid Memory Access
69657OpenSSL J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
69655OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Ciphersuite Disabled Cipher I...
69565OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Session Resume Ciphersuite Do...
69265OpenSSL TLS Server ssl/t1_lib.c Extension Parsing Race Condition Overflow
65057OpenSSL Cryptographic Message Syntax crypto/cms/cms_asn1.c OriginatorInfo Ele...
63299OpenSSL ssl/s3_pkt.c ssl3_get_record Function TLS Connection Record Remote DoS
62881SSH Tectia Audit Player ASN1_STRING_print_ex() Function BMPString / Universal...
62880SSH Tectia Audit Player CMS_verify() Function Malformed Signed Attribute Cont...
62844OpenSSL bn_wexpand Function NULL Return Value Check Weakness
62808OpenSSL RSA Authentication Fault-Based Attack Key Disclosure Weakness
62719OpenSSL Kerberos ssl/kssl.c kssk_keytab_is_available() Function NULL Derefere...
61684OpenSSL CRYPTO_free_all_ex_data() Function Memory Exhaustion DoS
56752Network Security Services (NSS) Library X.509 Certificate MD2 Hash Collision ...
55072OpenSSL ssl/d1_both.cdtls1_retrieve_buffered_fragment Function DTLS Handshake...
54613OpenSSL ssl/d1_both.c dtls1_process_out_of_seq_message Function DTLS Record H...
54612OpenSSL ssl/d1_pkt.c dtls1_buffer_record Function Buffered DTLS Record Handli...

ExploitDB Exploits

idDescription
18756OpenSSL ASN1 BIO Memory Corruption Vulnerability
12334OpenSSL remote DoS
8873OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
8720OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-10-16Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability
File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl
2012-08-31Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.
File : nvt/gb_VMSA-2012-0013.nasl
2012-08-30Name : Fedora Update for openssl FEDORA-2012-7939
File : nvt/gb_fedora_2012_7939_openssl_fc17.nasl
2012-08-30Name : Fedora Update for openssl FEDORA-2012-4630
File : nvt/gb_fedora_2012_4630_openssl_fc17.nasl
2012-08-30Name : Fedora Update for openssl FEDORA-2012-6343
File : nvt/gb_fedora_2012_6343_openssl_fc17.nasl
Hide | Show 20 More...
idDescription
2012-08-10Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD19.nasl
2012-08-03Name : Mandriva Update for openssl MDVSA-2012:073 (openssl)
File : nvt/gb_mandriva_MDVSA_2012_073.nasl
2012-08-03Name : Mandriva Update for openssl MDVSA-2012:007 (openssl)
File : nvt/gb_mandriva_MDVSA_2012_007.nasl
2012-08-03Name : Mandriva Update for openssl MDVSA-2012:038 (openssl)
File : nvt/gb_mandriva_MDVSA_2012_038.nasl
2012-08-03Name : Mandriva Update for openssl MDVSA-2012:060 (openssl)
File : nvt/gb_mandriva_MDVSA_2012_060.nasl
2012-08-03Name : Mandriva Update for openssl0.9.8 MDVSA-2012:064 (openssl0.9.8)
File : nvt/gb_mandriva_MDVSA_2012_064.nasl
2012-08-02Name : SuSE Update for openssl openSUSE-SU-2012:0083-1 (openssl)
File : nvt/gb_suse_2012_0083_1.nasl
2012-07-30Name : CentOS Update for openssl CESA-2010:0977 centos4 x86_64
File : nvt/gb_CESA-2010_0977_openssl_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0699 centos5
File : nvt/gb_CESA-2012_0699_openssl_centos5.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0699 centos6
File : nvt/gb_CESA-2012_0699_openssl_centos6.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0059 centos6
File : nvt/gb_CESA-2012_0059_openssl_centos6.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0060 centos5
File : nvt/gb_CESA-2012_0060_openssl_centos5.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0086 centos4
File : nvt/gb_CESA-2012_0086_openssl_centos4.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0426 centos5
File : nvt/gb_CESA-2012_0426_openssl_centos5.nasl
2012-07-30Name : CentOS Update for openssl CESA-2012:0426 centos6
File : nvt/gb_CESA-2012_0426_openssl_centos6.nasl
2012-07-30Name : CentOS Update for openssl097a CESA-2012:0518 centos5
File : nvt/gb_CESA-2012_0518_openssl097a_centos5.nasl
2012-07-30Name : CentOS Update for openssl098e CESA-2012:0518 centos6
File : nvt/gb_CESA-2012_0518_openssl098e_centos6.nasl
2012-07-09Name : RedHat Update for openssl RHSA-2012:0059-01
File : nvt/gb_RHSA-2012_0059-01_openssl.nasl
2012-06-06Name : RedHat Update for openssl RHSA-2011:0677-01
File : nvt/gb_RHSA-2011_0677-01_openssl.nasl
2012-06-04Name : Fedora Update for openssl FEDORA-2012-8014
File : nvt/gb_fedora_2012_8014_openssl_fc16.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2015-A-0154Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0061081
2015-A-0158Multiple Vulnerabilities in Oracle Java SE
Severity : Category I - VMSKEY : V0061089
2015-A-0113Multiple Vulnerabilities in Juniper Networks CTPOS
Severity : Category I - VMSKEY : V0060737
2015-B-0014Multiple Vulnerabilities in VMware ESXi 5.5
Severity : Category I - VMSKEY : V0058513
2015-B-0013Multiple Vulnerabilities in VMware ESXi 5.1
Severity : Category I - VMSKEY : V0058515
Hide | Show 20 More...
idDescription
2015-B-0012Multiple Vulnerabilities in VMware ESXi 5.0
Severity : Category I - VMSKEY : V0058517
2015-B-0007Multiple Vulnerabilities in Juniper Secure Analytics (JSA) and Security Threa...
Severity : Category I - VMSKEY : V0058213
2014-A-0172Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0057381
2014-A-0115Multiple Vulnerabilities in VMware Horizon View
Severity : Category I - VMSKEY : V0053501
2014-B-0101Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1
Severity : Category I - VMSKEY : V0053505
2014-B-0102Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5
Severity : Category I - VMSKEY : V0053507
2014-B-0103Multiple Vulnerabilities in VMware Horizon View Client
Severity : Category I - VMSKEY : V0053509
2014-B-0097Multiple Vulnerabilities in VMware ESXi 5.0
Severity : Category I - VMSKEY : V0053319
2014-B-0095Multiple Vulnerabilities in Splunk
Severity : Category I - VMSKEY : V0053177
2014-A-0111Multiple Vulnerabilities in VMware Workstation
Severity : Category I - VMSKEY : V0053179
2014-A-0110Multiple Vulnerabilities in VMware Player
Severity : Category I - VMSKEY : V0053181
2014-A-0109Multiple Vulnerabilities in VMware Fusion
Severity : Category I - VMSKEY : V0053183
2014-A-0103Multiple Vulnerabilities in Oracle E-Business
Severity : Category I - VMSKEY : V0053195
2014-A-0100Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux
Severity : Category I - VMSKEY : V0053201
2014-A-0099Multiple Vulnerabilities in McAfee Email Gateway
Severity : Category I - VMSKEY : V0053203
2014-B-0092Multiple Vulnerabilities in VMware vSphere Client 5.5
Severity : Category I - VMSKEY : V0052893
2014-B-0085Multiple Vulnerabilities in HP System Management Homepage (SMH)
Severity : Category I - VMSKEY : V0052899
2014-B-0084HP Onboard Administrator Information Disclosure Vulnerability
Severity : Category I - VMSKEY : V0052901
2014-B-0091Multiple Vulnerabilities in VMware vCenter Update Manager 5.5
Severity : Category I - VMSKEY : V0052907
2014-B-0089Multiple Vulnerabilities in VMware ESXi 5.1
Severity : Category I - VMSKEY : V0052909

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2018-05-24X.509 IPAddressFamily extension buffer overread attempt
RuleID : 46418 - Type : SERVER-OTHER - Revision : 2
2018-05-24X.509 IPAddressFamily extension buffer overread attempt
RuleID : 46417 - Type : SERVER-OTHER - Revision : 2
2016-05-19OpenSSL TLS change cipher spec protocol denial of service attempt
RuleID : 38575 - Type : SERVER-OTHER - Revision : 3
2015-10-20OpenSSL DTLS handshake oversized fragment length denial of service attempt
RuleID : 36096 - Type : SERVER-OTHER - Revision : 2
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33806 - Type : SERVER-OTHER - Revision : 5
Hide | Show 20 More...
DateDescription
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33805 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33804 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33803 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33802 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33801 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33800 - Type : SERVER-OTHER - Revision : 6
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33799 - Type : SERVER-OTHER - Revision : 6
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33798 - Type : SERVER-OTHER - Revision : 6
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33797 - Type : SERVER-OTHER - Revision : 6
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33796 - Type : SERVER-OTHER - Revision : 6
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33795 - Type : SERVER-OTHER - Revision : 6
2015-04-14SSL export grade ciphersuite server negotiation attempt
RuleID : 33794 - Type : SERVER-OTHER - Revision : 6
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33793 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33792 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33791 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33790 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33789 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33788 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33787 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33786 - Type : SERVER-OTHER - Revision : 5

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-08Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2019-1009.nasl - Type : ACT_GATHER_INFO
2019-01-02Name : Tenable Nessus running on the remote host is affected by multiple vulnerabili...
File : nessus_tns_2018_16.nasl - Type : ACT_GATHER_INFO
2019-01-02Name : Tenable Nessus running on the remote host is affected by multiple vulnerabili...
File : nessus_tns_2018_17.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1420.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1434.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-12-28Name : Node.js - JavaScript run-time environment is affected by multiple vulnerabili...
File : nodejs_2018_nov.nasl - Type : ACT_GATHER_INFO
2018-12-20Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4355.nasl - Type : ACT_GATHER_INFO
2018-12-10Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1392.nasl - Type : ACT_GATHER_INFO
2018-12-10Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type : ACT_GATHER_INFO
2018-12-07Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1102.nasl - Type : ACT_GATHER_INFO
2018-12-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4348.nasl - Type : ACT_GATHER_INFO
2018-11-23Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2018-325-01.nasl - Type : ACT_GATHER_INFO
2018-11-23Name : The remote Debian host is missing a security update.
File : debian_DLA-1586.nasl - Type : ACT_GATHER_INFO
2018-11-16Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2018-3221.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_6f170cf2e6b711e8a9a8b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2018-11-09Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2018-1102.nasl - Type : ACT_GATHER_INFO
2018-09-27Name : The remote Debian host is missing a security update.
File : debian_DLA-1518.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0042.nasl - Type : ACT_GATHER_INFO
2018-04-27Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_jsa10851.nasl - Type : ACT_GATHER_INFO
2018-03-08Name : The remote AIX host has a version of OpenSSL installed that is affected by an...
File : aix_openssl_advisory24.nasl - Type : ACT_GATHER_INFO
2018-02-28Name : The version of Arista Networks EOS running on the remote device is affected b...
File : arista_eos_sa0020.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-4cf72e2c11.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-512a6c5aae.nasl - Type : ACT_GATHER_INFO
2017-12-15Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201712-03.nasl - Type : ACT_GATHER_INFO
2017-12-14Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1324.nasl - Type : ACT_GATHER_INFO