Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openssl | Openssl | 0.9.7 | 0.9.7 |
Openssl | Openssl | 0.9.7 | 0.9.7 |
Openssl | Openssl | 0.9.7 | 0.9.7 |
Openssl | Openssl | 0.9.7 | 0.9.7 |
Openssl | Openssl | 0.9.7 | 0.9.7 |
Openssl | Openssl | 0.9.7 | 0.9.7 |
Openssl | Openssl | 0.9.7 | 0.9.7 |
Openssl | Openssl | 0.9.7a | 0.9.7a |
Openssl | Openssl | 0.9.7b | 0.9.7b |
Openssl | Openssl | 0.9.7c | 0.9.7c |
Openssl | Openssl | 0.9.7d | 0.9.7d |
Openssl | Openssl | 0.9.7e | 0.9.7e |
Openssl | Openssl | 0.9.7f | 0.9.7f |
Openssl | Openssl | 0.9.7g | 0.9.7g |
Openssl | Openssl | 0.9.7h | 0.9.7h |
Openssl | Openssl | 0.9.7i | 0.9.7i |
Openssl | Openssl | 0.9.7j | 0.9.7j |
Openssl | Openssl | 0.9.7k | 0.9.7k |
Openssl | Openssl | 0.9.7l | 0.9.7l |
Openssl | Openssl | 0.9.8 | 0.9.8 |
Openssl | Openssl | 0.9.8a | 0.9.8a |
Openssl | Openssl | 0.9.8b | 0.9.8b |
Openssl | Openssl | 0.9.8c | 0.9.8c |
Openssl | Openssl | 0.9.8d | 0.9.8d |
Openssl | Openssl | 0.9.8e | 0.9.8e |
Openssl | Openssl | 0.9.8f | 0.9.8f |
Red Hat Enterprise Linux 2.1 | RedHat | openssl-0:0.9.6b-48 | * |
Red Hat Enterprise Linux 3 | RedHat | openssl-0:0.9.7a-33.24 | * |
Red Hat Enterprise Linux 4 | RedHat | openssl-0:0.9.7a-43.17.el4_6.1 | * |
Red Hat Enterprise Linux 5 | RedHat | openssl-0:0.9.8b-8.3.el5_0.2 | * |
Openssl | Ubuntu | dapper | * |
Openssl | Ubuntu | devel | * |
Openssl | Ubuntu | edgy | * |
Openssl | Ubuntu | feisty | * |
Openssl | Ubuntu | gutsy | * |
Openssl | Ubuntu | hardy | * |
Openssl | Ubuntu | intrepid | * |
Openssl | Ubuntu | jaunty | * |
Openssl | Ubuntu | karmic | * |
Openssl | Ubuntu | upstream | * |
Openssl097 | Ubuntu | dapper | * |
Openssl097 | Ubuntu | edgy | * |
Openssl097 | Ubuntu | feisty | * |