The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openssl | Openssl | * | 0.9.8r (including) |
Openssl | Openssl | 0.9.1c (including) | 0.9.1c (including) |
Openssl | Openssl | 0.9.2b (including) | 0.9.2b (including) |
Openssl | Openssl | 0.9.4 (including) | 0.9.4 (including) |
Openssl | Openssl | 0.9.5 (including) | 0.9.5 (including) |
Openssl | Openssl | 0.9.5a (including) | 0.9.5a (including) |
Openssl | Openssl | 0.9.6 (including) | 0.9.6 (including) |
Openssl | Openssl | 0.9.6a (including) | 0.9.6a (including) |
Openssl | Openssl | 0.9.6b (including) | 0.9.6b (including) |
Openssl | Openssl | 0.9.6c (including) | 0.9.6c (including) |
Openssl | Openssl | 0.9.6d (including) | 0.9.6d (including) |
Openssl | Openssl | 0.9.6e (including) | 0.9.6e (including) |
Openssl | Openssl | 0.9.6f (including) | 0.9.6f (including) |
Openssl | Openssl | 0.9.6g (including) | 0.9.6g (including) |
Openssl | Openssl | 0.9.6h (including) | 0.9.6h (including) |
Openssl | Openssl | 0.9.6h-bogus (including) | 0.9.6h-bogus (including) |
Openssl | Openssl | 0.9.6i (including) | 0.9.6i (including) |
Openssl | Openssl | 0.9.6j (including) | 0.9.6j (including) |
Openssl | Openssl | 0.9.6k (including) | 0.9.6k (including) |
Openssl | Openssl | 0.9.6l (including) | 0.9.6l (including) |
Openssl | Openssl | 0.9.6m (including) | 0.9.6m (including) |
Openssl | Openssl | 0.9.7 (including) | 0.9.7 (including) |
Openssl | Openssl | 0.9.7a (including) | 0.9.7a (including) |
Openssl | Openssl | 0.9.7b (including) | 0.9.7b (including) |
Openssl | Openssl | 0.9.7c (including) | 0.9.7c (including) |
Openssl | Openssl | 0.9.7d (including) | 0.9.7d (including) |
Openssl | Openssl | 0.9.7e (including) | 0.9.7e (including) |
Openssl | Openssl | 0.9.7f (including) | 0.9.7f (including) |
Openssl | Openssl | 0.9.7g (including) | 0.9.7g (including) |
Openssl | Openssl | 0.9.7h (including) | 0.9.7h (including) |
Openssl | Openssl | 0.9.7i (including) | 0.9.7i (including) |
Openssl | Openssl | 0.9.7j (including) | 0.9.7j (including) |
Openssl | Openssl | 0.9.7k (including) | 0.9.7k (including) |
Openssl | Openssl | 0.9.7l (including) | 0.9.7l (including) |
Openssl | Openssl | 0.9.7m (including) | 0.9.7m (including) |
Openssl | Openssl | 0.9.8 (including) | 0.9.8 (including) |
Openssl | Openssl | 0.9.8a (including) | 0.9.8a (including) |
Openssl | Openssl | 0.9.8b (including) | 0.9.8b (including) |
Openssl | Openssl | 0.9.8c (including) | 0.9.8c (including) |
Openssl | Openssl | 0.9.8d (including) | 0.9.8d (including) |
Openssl | Openssl | 0.9.8e (including) | 0.9.8e (including) |
Openssl | Openssl | 0.9.8f (including) | 0.9.8f (including) |
Openssl | Openssl | 0.9.8g (including) | 0.9.8g (including) |
Openssl | Openssl | 0.9.8h (including) | 0.9.8h (including) |
Openssl | Openssl | 0.9.8i (including) | 0.9.8i (including) |
Openssl | Openssl | 0.9.8j (including) | 0.9.8j (including) |
Openssl | Openssl | 0.9.8k (including) | 0.9.8k (including) |
Openssl | Openssl | 0.9.8l (including) | 0.9.8l (including) |
Openssl | Openssl | 0.9.8m (including) | 0.9.8m (including) |
Openssl | Openssl | 0.9.8n (including) | 0.9.8n (including) |
Openssl | Openssl | 0.9.8o (including) | 0.9.8o (including) |
Openssl | Openssl | 0.9.8p (including) | 0.9.8p (including) |
Openssl | Openssl | 0.9.8q (including) | 0.9.8q (including) |
Red Hat Enterprise Linux 4 | RedHat | openssl-0:0.9.7a-43.18.el4 | * |
Red Hat Enterprise Linux 5 | RedHat | openssl-0:0.9.8e-20.el5_7.1 | * |
Red Hat Enterprise Linux 6 | RedHat | openssl-0:1.0.0-20.el6_2.1 | * |
Red Hat JBoss Enterprise Application Platform 5.1 | RedHat | * | |
Red Hat JBoss Enterprise Application Platform 6.0 | RedHat | * | |
Red Hat JBoss Web Server 1.0 | RedHat | * | |
RHEV 3.X Hypervisor and Agents for RHEL-6 | RedHat | rhev-hypervisor6-0:6.2-20120209.0.el6_2 | * |
Openssl | Ubuntu | hardy | * |
Openssl | Ubuntu | lucid | * |
Openssl | Ubuntu | maverick | * |
Openssl | Ubuntu | natty | * |
Openssl | Ubuntu | oneiric | * |
Openssl | Ubuntu | upstream | * |
Openssl098 | Ubuntu | devel | * |
Openssl098 | Ubuntu | oneiric | * |
Openssl098 | Ubuntu | upstream | * |