CVE-2011-0014
19.02.2011, 01:00
ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."Enginsight
Vendor | Product | Version |
---|---|---|
openssl | openssl | 0.9.8h:h |
openssl | openssl | 0.9.8i:i |
openssl | openssl | 0.9.8j:j |
openssl | openssl | 0.9.8k:k |
openssl | openssl | 0.9.8l:l |
openssl | openssl | 0.9.8m:m |
openssl | openssl | 0.9.8n:n |
openssl | openssl | 0.9.8o:o |
openssl | openssl | 0.9.8p:p |
openssl | openssl | 0.9.8q:q |
openssl | openssl | 1.0.0 |
openssl | openssl | 1.0.0:beta1 |
openssl | openssl | 1.0.0:beta2 |
openssl | openssl | 1.0.0:beta3 |
openssl | openssl | 1.0.0:beta4 |
openssl | openssl | 1.0.0:beta5 |
openssl | openssl | 1.0.0a:a |
openssl | openssl | 1.0.0b:b |
openssl | openssl | 1.0.0c:c |
𝑥
= Vulnerable software versions

Debian Releases

Ubuntu Releases
Common Weakness Enumeration
References