HP Security Bulletin HPSBOV02793 SSRT100891 - Potential security vulnerabilities have been identified with HP OpenVMS running SSL. The vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or to gain unauthorized access. Revision 1 of this advisory.
eacb8010f09a7a1c3c8779c2c97eb599
HP Security Bulletin HPSBMU02776 SSRT100852 - Potential security vulnerabilities have been identified with HP Onboard Administrator (OA). The vulnerabilities could be exploited remotely resulting in unauthorized access to data, unauthorized disclosure of information, and Denial of Service (DoS). Revision 1 of this advisory.
e586982a7e6c33e479a4d3923b9eab86
Gentoo Linux Security Advisory 201203-12 - Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to cause a Denial of Service or obtain sensitive information. Versions less than 1.0.0g are affected.
5a96b5a5c58e821de757d3125af91819
HP Security Bulletin HPSBUX02737 SSRT100747 2 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.
a2682e45c9798a86bfcacf3216da22cd
Ubuntu Security Notice 1357-1 - It was discovered that the elliptic curve cryptography (ECC) subsystem in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm (ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement curves over binary fields. This could allow an attacker to determine private keys via a timing attack. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Adam Langley discovered that the ephemeral Elliptic Curve Diffie-Hellman (ECDH) functionality in OpenSSL did not ensure thread safety while processing handshake messages from clients. This could allow a remote attacker to cause a denial of service via out-of-order messages that violate the TLS protocol. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Various other issues were also addressed.
cb9906382e5228bc3514db5a3b873c3a
HP Security Bulletin HPSBUX02737 SSRT100747 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
4a259259f4d45ac40f694081c1325e5f
Mandriva Linux Security Advisory 2012-011 - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. The updated packages have been patched to correct this issue. The openssl0.9.8 packages for 2010.2 have been upgraded to the 0.9.8t version which is not vulnerable to this issue.
401bd9d16e9029659f39db64d93b731d
Debian Linux Security Advisory 2392-1 - Antonio Martin discovered a denial-of-service vulnerability in OpenSSL, an implementation of TLS and related protocols. A malicious client can cause the DTLS server implementation to crash. Regular, TCP-based TLS is not affected by this issue.
9e2cf62e3dd7b227ea7deaa3450e4158