OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) public exponent or (2) public modulus values in X.509 certificates that require extra time to process when using RSA signature verification.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openssl | Openssl | 0.9.1c (including) | 0.9.1c (including) |
Openssl | Openssl | 0.9.2b (including) | 0.9.2b (including) |
Openssl | Openssl | 0.9.3 (including) | 0.9.3 (including) |
Openssl | Openssl | 0.9.3a (including) | 0.9.3a (including) |
Openssl | Openssl | 0.9.4 (including) | 0.9.4 (including) |
Openssl | Openssl | 0.9.5 (including) | 0.9.5 (including) |
Openssl | Openssl | 0.9.5-beta1 (including) | 0.9.5-beta1 (including) |
Openssl | Openssl | 0.9.5-beta2 (including) | 0.9.5-beta2 (including) |
Openssl | Openssl | 0.9.5a (including) | 0.9.5a (including) |
Openssl | Openssl | 0.9.5a-beta1 (including) | 0.9.5a-beta1 (including) |
Openssl | Openssl | 0.9.5a-beta2 (including) | 0.9.5a-beta2 (including) |
Openssl | Openssl | 0.9.6 (including) | 0.9.6 (including) |
Openssl | Openssl | 0.9.6-beta1 (including) | 0.9.6-beta1 (including) |
Openssl | Openssl | 0.9.6-beta2 (including) | 0.9.6-beta2 (including) |
Openssl | Openssl | 0.9.6-beta3 (including) | 0.9.6-beta3 (including) |
Openssl | Openssl | 0.9.6a (including) | 0.9.6a (including) |
Openssl | Openssl | 0.9.6a-beta1 (including) | 0.9.6a-beta1 (including) |
Openssl | Openssl | 0.9.6a-beta2 (including) | 0.9.6a-beta2 (including) |
Openssl | Openssl | 0.9.6a-beta3 (including) | 0.9.6a-beta3 (including) |
Openssl | Openssl | 0.9.6b (including) | 0.9.6b (including) |
Openssl | Openssl | 0.9.6c (including) | 0.9.6c (including) |
Openssl | Openssl | 0.9.6d (including) | 0.9.6d (including) |
Openssl | Openssl | 0.9.6e (including) | 0.9.6e (including) |
Openssl | Openssl | 0.9.6f (including) | 0.9.6f (including) |
Openssl | Openssl | 0.9.6g (including) | 0.9.6g (including) |
Openssl | Openssl | 0.9.6h (including) | 0.9.6h (including) |
Openssl | Openssl | 0.9.6i (including) | 0.9.6i (including) |
Openssl | Openssl | 0.9.6j (including) | 0.9.6j (including) |
Openssl | Openssl | 0.9.6k (including) | 0.9.6k (including) |
Openssl | Openssl | 0.9.6l (including) | 0.9.6l (including) |
Openssl | Openssl | 0.9.6m (including) | 0.9.6m (including) |
Openssl | Openssl | 0.9.7 (including) | 0.9.7 (including) |
Openssl | Openssl | 0.9.7a (including) | 0.9.7a (including) |
Openssl | Openssl | 0.9.7b (including) | 0.9.7b (including) |
Openssl | Openssl | 0.9.7c (including) | 0.9.7c (including) |
Openssl | Openssl | 0.9.7d (including) | 0.9.7d (including) |
Openssl | Openssl | 0.9.7e (including) | 0.9.7e (including) |
Openssl | Openssl | 0.9.7f (including) | 0.9.7f (including) |
Openssl | Openssl | 0.9.7g (including) | 0.9.7g (including) |
Openssl | Openssl | 0.9.7h (including) | 0.9.7h (including) |
Openssl | Openssl | 0.9.7i (including) | 0.9.7i (including) |
Openssl | Openssl | 0.9.7j (including) | 0.9.7j (including) |
Openssl | Openssl | 0.9.7k (including) | 0.9.7k (including) |
Openssl | Openssl | 0.9.8 (including) | 0.9.8 (including) |
Openssl | Openssl | 0.9.8a (including) | 0.9.8a (including) |
Openssl | Openssl | 0.9.8b (including) | 0.9.8b (including) |
Openssl | Openssl | 0.9.8c (including) | 0.9.8c (including) |
Red Hat Enterprise Linux 2.1 | RedHat | openssl-0:0.9.6b-46 | * |
Red Hat Enterprise Linux 2.1 | RedHat | openssl095a-0:0.9.5a-32 | * |
Red Hat Enterprise Linux 2.1 | RedHat | openssl096-0:0.9.6-32 | * |
Red Hat Enterprise Linux 3 | RedHat | openssl-0:0.9.7a-33.21 | * |
Red Hat Enterprise Linux 3 | RedHat | openssl096b-0:0.9.6b-16.46 | * |
Red Hat Enterprise Linux 4 | RedHat | openssl-0:0.9.7a-43.14 | * |
Red Hat Enterprise Linux 4 | RedHat | openssl096b-0:0.9.6b-22.46 | * |
Red Hat Network Satellite Server v 4.2 | RedHat | rhn-solaris-bootstrap-0:5.0.2-3 | * |
Red Hat Network Satellite Server v 4.2 | RedHat | rhn_solaris_bootstrap_5_0_2_3-0:1-0 | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | rhn-solaris-bootstrap-0:5.0.2-3 | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | rhn_solaris_bootstrap_5_0_2_3-0:1-0 | * |
Red Hat Network Satellite Server v 5.0 | RedHat | rhn-solaris-bootstrap-0:5.0.2-3 | * |
Red Hat Network Satellite Server v 5.0 | RedHat | rhn_solaris_bootstrap_5_0_2_3-0:1-0 | * |
Red Hat Network Satellite Server v 5.1 | RedHat | rhn-solaris-bootstrap-0:5.1.1-3 | * |
Red Hat Network Satellite Server v 5.1 | RedHat | rhn_solaris_bootstrap_5_1_1_3-0:1-0 | * |
Openssl | Ubuntu | dapper | * |
Openssl | Ubuntu | devel | * |
Openssl | Ubuntu | edgy | * |
Openssl | Ubuntu | feisty | * |
Openssl097 | Ubuntu | dapper | * |
Openssl097 | Ubuntu | devel | * |
Openssl097 | Ubuntu | edgy | * |
Openssl097 | Ubuntu | feisty | * |