OpenSSL.Get.Shared.Ciphers.Buffer.Overflow
Description
This indicates an attempt to exploit a Buffer Overflow vulnerability in OpenSSL.
The vulnerability is a result of errors in the "SSL_get_shared_ciphers()" function. An attacker with the ability to supply a specially crafted list of ciphers can execute code in the context of the application using the vulnerable function.
Affected Products
OpenSSL 0.9.7 before 0.9.7l
OpenSSL 0.9.8 before 0.9.8d, and earlier versions.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to OpenSSL 0.9.8d or 0.9.7l, or to the most recent version.
http://www.openssl.org/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-11-22 | 15.729 | Name:Openssl. Get. Shared. Ciphers. Buffer. Overflow:OpenSSL. Get. Shared. Ciphers. Buffer. Overflow |
2019-05-23 | 14.619 | Sig Added |