HP Security Bulletin HPSBOV02793 SSRT100891 - Potential security vulnerabilities have been identified with HP OpenVMS running SSL. The vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or to gain unauthorized access. Revision 1 of this advisory.
81afd5381e1f8df30bc1eda96940a682d60e52c9185ef5115fed35b8f301ab7c
HP Security Bulletin HPSBMU02776 SSRT100852 - Potential security vulnerabilities have been identified with HP Onboard Administrator (OA). The vulnerabilities could be exploited remotely resulting in unauthorized access to data, unauthorized disclosure of information, and Denial of Service (DoS). Revision 1 of this advisory.
81bc660490835ba3e0d0c8bb863ac4728f1c3963fde22d565671ac239b46f148
Gentoo Linux Security Advisory 201203-12 - Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to cause a Denial of Service or obtain sensitive information. Versions less than 1.0.0g are affected.
33d5dcd48ce0543fba2329b32e7c2e3cb7ad20833adcae6ddcc406a2b4b01fd0
HP Security Bulletin HPSBUX02737 SSRT100747 2 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.
19e6114da67ae376ce2cb7ed67e338b31708557b126fcebc375c1599c6fcaa2a
Ubuntu Security Notice 1357-1 - It was discovered that the elliptic curve cryptography (ECC) subsystem in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm (ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement curves over binary fields. This could allow an attacker to determine private keys via a timing attack. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Adam Langley discovered that the ephemeral Elliptic Curve Diffie-Hellman (ECDH) functionality in OpenSSL did not ensure thread safety while processing handshake messages from clients. This could allow a remote attacker to cause a denial of service via out-of-order messages that violate the TLS protocol. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Various other issues were also addressed.
35a63a05c4a33b71a7bcfee436327107866cecc57861e8d07b69574145af5179
HP Security Bulletin HPSBUX02737 SSRT100747 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
004e3bbac9a4f1675f731d8470a1b4f5909eeb8652398d9bc0170e94aedd0b8d
Mandriva Linux Security Advisory 2012-011 - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. The updated packages have been patched to correct this issue. The openssl0.9.8 packages for 2010.2 have been upgraded to the 0.9.8t version which is not vulnerable to this issue.
35b11032bcc6ae21446636fb990652ffe9762c98d3d9d0030aaed125ce61a84d
Debian Linux Security Advisory 2392-1 - Antonio Martin discovered a denial-of-service vulnerability in OpenSSL, an implementation of TLS and related protocols. A malicious client can cause the DTLS server implementation to crash. Regular, TCP-based TLS is not affected by this issue.
afac160955e83c1b70219fa47c4c99378cf5dc92f6d40882d5dc31e23864116c
OpenSSL Security Advisory 20120118 - A flaw in the fix to CVE-2011-4108 can be exploited in a denial of service attack. Only DTLS applications using OpenSSL 1.0.0f and 0.9.8s are affected.
e55f12039df4b1b5e3090b2ac7d30399d54dbd028fdcbc8d757749f399095b1d