Archiv verlassen und diese Seite im Standarddesign anzeigen : Debian Security Advisory 2454-1

21.04.2012, 01:34
Debian Linux Security Advisory 2454-1 - Multiple vulnerabilities have been found in OpenSSL. Ivan Nestlerode discovered a weakness in the CMS and PKCS #7 implementations that could allow an attacker to decrypt data via a Million Message Attack (MMA). It was discovered that a NULL pointer could be dereferenced when parsing certain S/MIME messages, leading to denial of service. Tavis Ormandy, Google Security Team, discovered a vulnerability in the way DER-encoded ASN.1 data is parsed that can result in a heap overflow.

Weiterlesen... (http://packetstormsecurity.org/files/112033/dsa-2454-1.txt)