Rapid7 Vulnerability & Exploit Database

Sun Patch: SunOS 5.10: openssl patch

Free InsightVM Trial No credit card necessary
Watch Demo See how it all works
Back to Search

Sun Patch: SunOS 5.10: openssl patch

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
03/19/2013
Created
07/25/2018
Added
03/21/2013
Modified
03/21/2018

Description

Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.

Solution(s)

  • sunpatch-solaris-148071

References

  • https://attackerkb.com/topics/cve-2013-0166
  • APPLE-SA-2013-09-12-1
  • APPLE-SA-2014-10-16-1
  • APPLE-SA-2014-10-16-3
  • APPLE-SA-2014-10-16-4
  • APPLE-SA-2014-10-20-1
  • APPLE-SA-2014-10-20-2
  • APPLE-SA-2015-01-27-4
  • APPLE-SA-2015-09-16-2
  • 57778
  • 69075
  • 69079
  • 70574
  • 70584
  • 70585
  • 70586
  • TA13-051A
  • TA14-290A
  • 577193
  • 737740
  • 978508
  • CVE - 2013-0166
  • CVE - 2013-0169
  • CVE - 2014-0224
  • CVE - 2014-3508
  • CVE - 2014-3511
  • CVE - 2014-3513
  • CVE - 2014-3566
  • CVE - 2014-3567
  • CVE - 2014-3568
  • DSA-2621
  • DSA-2622
  • DSA-2998
  • DSA-3053
  • DSA-3144
  • DSA-3147
  • DSA-3253
  • DSA-3489
  • Category I
  • V0052625
  • V0052641
  • V0052893
  • V0052901
  • V0052907
  • V0052909
  • V0052911
  • V0053319
  • V0053501
  • V0053505
  • V0053507
  • V0058213
  • V0058513
  • V0058515
  • V0058517
  • V0060737
  • V0061081
  • 2014-A-0115
  • 2014-B-0077
  • 2014-B-0079
  • 2014-B-0084
  • 2014-B-0088
  • 2014-B-0089
  • 2014-B-0091
  • 2014-B-0092
  • 2014-B-0097
  • 2014-B-0101
  • 2014-B-0102
  • 2015-A-0113
  • 2015-A-0154
  • 2015-B-0007
  • 2015-B-0012
  • 2015-B-0013
  • 2015-B-0014
  • NetBSD-SA2014-008
  • NetBSD-SA2014-015
  • OVAL18754
  • OVAL18841
  • OVAL19016
  • OVAL19081
  • OVAL19360
  • OVAL19424
  • OVAL19487
  • OVAL19540
  • OVAL19608
  • RHSA-2013:0587
  • RHSA-2013:0782
  • RHSA-2013:0783
  • RHSA-2013:0833
  • RHSA-2013:1455
  • RHSA-2013:1456
  • RHSA-2014:0624
  • RHSA-2014:0626
  • RHSA-2014:0627
  • RHSA-2014:0630
  • RHSA-2014:0631
  • RHSA-2014:0632
  • RHSA-2014:0633
  • RHSA-2014:0680
  • RHSA-2014:1256
  • RHSA-2014:1297
  • RHSA-2014:1652
  • RHSA-2014:1653
  • RHSA-2014:1692
  • RHSA-2014:1876
  • RHSA-2014:1877
  • RHSA-2014:1880
  • RHSA-2014:1881
  • RHSA-2014:1882
  • RHSA-2014:1920
  • RHSA-2014:1948
  • RHSA-2015:0068
  • RHSA-2015:0079
  • RHSA-2015:0080
  • RHSA-2015:0085
  • RHSA-2015:0086
  • RHSA-2015:0126
  • RHSA-2015:0197
  • RHSA-2015:0264
  • RHSA-2015:0698
  • RHSA-2015:1545
  • RHSA-2015:1546
  • 148071-18
  • 148071-19
  • 95162
  • 95165
  • 97037
View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;