CVE-2007-4995 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-4995
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-4995

Description: Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/37185 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-534-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html ST 1018810 SAID Secunia Advisory: SA27271 Secunia Advisory: SA27217 Secunia Advisory: SA27205 Secunia Advisory: SA25878 Secunia Advisory: SA27363 Secunia Advisory: SA27434 Secunia Advisory: SA27933 Secunia Advisory: SA28084 Secunia Advisory: SA30161 Secunia Advisory: SA30220 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0964.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:237 HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01299773 GENTOO http://security.gentoo.org/glsa/glsa-200710-30.xml http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1571 CONFIRM http://www.openssl.org/news/secadv_20071012.txt http://bugs.gentoo.org/show_bug.cgi?id=195634 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/482167/100/0/threaded BID 26055

Return to the previous page.