Search This Blog

Powered by Blogger.

Blog Archive

Labels

OpenSSL Security Advisory for fixing Six vulnerabilities [04 Jan 2012]

Update version of OpenSSL released that fixes six vulnerabilities . Users of previous versions should upgrade to OpenSSL 1.0.0f or 0.9.8s.

Vulnerability Details:
  • DTLS Plaintext Recovery Attack (CVE-2011-4108)
  • Double-free in Policy Checks (CVE-2011-4109)
  • Uninitialized SSL 3.0 Padding (CVE-2011-4576)
  • Malformed RFC 3779 Data Can Cause Assertion Failures (CVE-2011-4577)
  • SGC Restart DoS Attack (CVE-2011-4619)
  • Invalid GOST parameters DoS Attack (CVE-2012-0027)
The Security advisory can be found here:
http://openssl.org/news/secadv_20120104.txt
Share it:

Security Advisory

Security News