exploit the possibilities
Showing 1 - 7 of 7 RSS Feed

CVE-2007-4995

Status Candidate

Overview

Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.

Related Files

Gentoo Linux Security Advisory 201412-11
Posted Dec 12, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-11 - Multiple vulnerabilities have been found in AMD64 x86 emulation base libraries, the worst of which may allow remote execution of arbitrary code. Versions prior to 20140406-r1 are affected.

tags | advisory, remote, arbitrary, x86, vulnerability
systems | linux, gentoo
advisories | CVE-2007-0720, CVE-2007-1536, CVE-2007-2026, CVE-2007-2445, CVE-2007-2741, CVE-2007-3108, CVE-2007-4995, CVE-2007-5116, CVE-2007-5135, CVE-2007-5266, CVE-2007-5268, CVE-2007-5269, CVE-2007-5849, CVE-2010-1205, CVE-2013-0338, CVE-2013-0339, CVE-2013-1664, CVE-2013-1969, CVE-2013-2877, CVE-2014-0160
MD5 | 79d42811d0d77f411edfda4a318d5bb6
HP Security Bulletin 2007-15.4
Posted Dec 13, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running OpenSSL. The vulnerability could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary
systems | hpux
advisories | CVE-2007-4995
MD5 | f7c42212c5895b6e0c7827b3cf5fe9f5
Mandriva Linux Security Advisory 2007.237
Posted Dec 6, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A buffer overflow in the DTLS implementation of OpenSSL 0.9.8 could be exploited by attackers to potentially execute arbitrary code. It is questionable as to whether the DTLS support even worked or is used in any applications; as a result this flaw most likely does not affect most Mandriva users.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4995
MD5 | 3da9e6824cdc78f35bcc7df2c9865f62
Gentoo Linux Security Advisory 200710-30
Posted Oct 31, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-30:02 - Andy Polyakov reported a vulnerability in the OpenSSL toolkit, that is caused due to an unspecified off-by-one error within the DTLS implementation. Versions greater than or equal to 0.9.8f are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-4995
MD5 | d512f124ed8f60961db844caffc013cb
Ubuntu Security Notice 534-1
Posted Oct 23, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 534-1 - Andy Polyakov discovered that the DTLS implementation in OpenSSL was vulnerable. A remote attacker could send a specially crafted connection request to services using DTLS and execute arbitrary code with the service's privileges. There are no known Ubuntu applications that are currently using DTLS.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-4995
MD5 | 3117c8dc3a3b0c45760d154d0cd66ccd
openssl-0.9.8f.tar.gz
Posted Oct 13, 2007
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Multiple security fixes.
tags | encryption, protocol
advisories | CVE-2007-4995, CVE-2007-5135
MD5 | 114bf908eb1b293d11d3e6b18a09269f
OpenSSL-12-Oct-2007.txt
Posted Oct 13, 2007
Authored by Ben Laurie | Site openssl.org

OpenSSL Security Advisory - Andy Polyakov discovered a flaw in OpenSSL's DTLS implementation which could lead to the compromise of clients and servers with DTLS enabled. All versions of 0.9.8 prior to 0.9.8f are affected. Moritz Jodeit found an off-by-one error in SSL_get_shared_ciphers(), a function that should normally only be used for logging or debugging. All releases of 0.9.8 prior to 0.9.8f and all releases of 0.9.7 prior to 0.9.7m are affected.

tags | advisory
advisories | CVE-2007-4995, CVE-2007-5135
MD5 | 930dc9a42ecda065f6b34cdb7909144f
Page 1 of 1
Back1Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    1 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close