CVE-2008-0891

EPSS 11.3%

openssl - multiple vulnerabilities

發布日:2008/5/29修改日:2026/4/28

描述

Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.

受影響套件(2)

Debian/opensslfrom 0, < 0.9.8g-10.1
Debian/opensslfrom 0, < 0.9.8g-10+lenny1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-0891