SA-2006-0001 Remotely exploitable buffer overflow in openssl

redpig.dataspill.org » SA-2006-0001 Remotely exploitable buffer overflow in openssl

thoughts — code — findings

Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.

Temporarily just giving the CVE summary: CVE-2006-3738

2006-07-20

tags: findings - openssl

this page does not necessarily reflect the views of my employer or anyone i'm associated with.
redpig@dataspill.org