Openssl: >> Openssl Security Vulnerabilities
Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key.
CVSS Score
7.5
EPSS Score
0.054
Published
2002-08-12
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.
CVSS Score
5.0
EPSS Score
0.095
Published
2002-08-12
The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers.
CVSS Score
5.0
EPSS Score
0.014
Published
2001-07-10
OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.
CVSS Score
5.0
EPSS Score
0.004
Published
2000-06-12
OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
CVSS Score
7.5
EPSS Score
0.001
Published
1999-03-22
Page 26