OpenSSL Vulnerabilities 

Friday, March 27, 2009 at 11:51PM
drStrangeP0rk in OpenSSL Vulnerabilitites, Potential Vulnerabilities, Privacy

What are considered moderate vulnerabilities in SSL/TLS which e-commerce sites and other sites using OpenSSL it is possible to cause a DoS attack by causing OpenSSL to crash. 

 

1. ASN1 Printing Crash- CVE-2009-0590
2. Incorrect Error Checking During CMS verification- CVE-2009-0591
3. Invalid ASN1 clearing check- CVE-2009-00789

 

Article originally appeared on magmatic.com (http://www.magmatic.com/).