← back
CVE-2006-2937

CVE-2006-2937

EPSS 10.4%
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.ascftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.aschttp://docs.info.apple.com/article.html?artnum=304829http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771http://issues.rpath.com/browse/RPL-613http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540http://kolab.org/security/kolab-vendor-notice-11.txthttp://lists.apple.com/archives/security-announce/2006/Nov/msg00001.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.htmlhttp://lists.vmware.com/pipermail/security-announce/2008/000008.htmlhttp://marc.info/?l=bind-announce&m=116253119512445&w=2