Vulnerability & Exploit Database

Back to search

Amazon Linux AMI: Security patch for openssl098e (ALAS-2016-682) (multiple CVEs)

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:N/I:N/A:P) March 19, 2015 April 07, 2016 March 21, 2018

Description

The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

amazon-linux-upgrade-openssl098e

Related Vulnerabilities