CVE-2008-0227
10.01.2008, 23:46
yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.Enginsight
Vendor | Product | Version |
---|---|---|
yassl | yassl | 𝑥 ≤ 1.7.5 |
𝑥
= Vulnerable software versions

Ubuntu Releases
Ubuntu Product | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
mysql-dfsg-4.1 |
| ||||||||||||||||
mysql-dfsg-5.0 |
|
Common Weakness Enumeration
References