CVE-2008-1672 in OpenSSLinfo

Summary

OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

04/03/2008

Disclosure

05/29/2008

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-287 (Confirmed)

CVSS

5.3

EPSS

0.18966

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-1672
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-1672
CVE Details	https://www.cvedetails.com/cve/CVE-2008-1672/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!