CVE-2010-2939
CVE-2010-2939
Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime. NOTE: some sources refer to this as a use-after-free issue.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/34427unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.htmlhttp://marc.info/?l=bugtraq&m=130331363227777&w=2http://seclists.org/fulldisclosure/2010/Aug/84http://secunia.com/advisories/40906http://secunia.com/advisories/41105http://secunia.com/advisories/42309http://secunia.com/advisories/42413http://secunia.com/advisories/43312http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.aschttp://securitytracker.com/id?1024296http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793http://www.debian.org/security/2010/dsa-2100