10
CVE-2006-3738
- EPSS 48.58%
- Veröffentlicht 28.09.2006 18:07:00
- Zuletzt bearbeitet 16.06.2026 22:27:41
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 48.58% | 0.987 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://secunia.com/advisories/23794
http://securitytracker.com/id?1017522
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
http://www.securityfocus.com/bid/22083
http://marc.info/?l=bugtraq&m=130497311408250&w=2
http://secunia.com/advisories/23680
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
http://secunia.com/advisories/31492
http://www.redhat.com/support/errata/RHSA-2008-0629.html
http://openvpn.net/changelog.html
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
http://secunia.com/advisories/23280
http://secunia.com/advisories/23340
http://secunia.com/advisories/23915
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
http://www.vupen.com/english/advisories/2007/0343
http://docs.info.apple.com/article.html?artnum=304829
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
http://secunia.com/advisories/23155
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
http://www.vupen.com/english/advisories/2006/4750
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
http://secunia.com/advisories/22487
http://www.securityfocus.com/archive/1/456546/100/200/threaded
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
http://secunia.com/advisories/26329
http://www.vupen.com/english/advisories/2007/2783
http://secunia.com/advisories/22259
http://secunia.com/advisories/22260
http://secunia.com/advisories/22284
http://secunia.com/advisories/22758
http://secunia.com/advisories/22799
http://secunia.com/advisories/24930
http://secunia.com/advisories/24950
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
http://www.serv-u.com/releasenotes/
http://www.vupen.com/english/advisories/2006/3936
http://www.vupen.com/english/advisories/2006/4417
http://www.vupen.com/english/advisories/2007/1401
http://www.vupen.com/english/advisories/2007/2315
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
http://secunia.com/advisories/22298
http://www.novell.com/linux/security/advisories/2006_24_sr.html
http://secunia.com/advisories/22116
http://secunia.com/advisories/23038
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
http://www.trustix.org/errata/2006/0054
http://www.vupen.com/english/advisories/2006/4401
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc
http://issues.rpath.com/browse/RPL-613
http://kolab.org/security/kolab-vendor-notice-11.txt
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html
http://openbsd.org/errata.html#openssl2
http://secunia.com/advisories/22094
http://secunia.com/advisories/22130
http://secunia.com/advisories/22165
http://secunia.com/advisories/22166
http://secunia.com/advisories/22172
http://secunia.com/advisories/22186
http://secunia.com/advisories/22193
http://secunia.com/advisories/22207
http://secunia.com/advisories/22212
http://secunia.com/advisories/22216
http://secunia.com/advisories/22220
http://secunia.com/advisories/22240
http://secunia.com/advisories/22330
http://secunia.com/advisories/22385
http://secunia.com/advisories/22460
http://secunia.com/advisories/22544
http://secunia.com/advisories/22626
http://secunia.com/advisories/22772
http://secunia.com/advisories/23309
http://secunia.com/advisories/25889
http://secunia.com/advisories/30124
http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc
http://security.gentoo.org/glsa/glsa-200610-11.xml
http://securitytracker.com/id?1016943
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1
http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm
http://www.debian.org/security/2006/dsa-1185
http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:172
http://www.novell.com/linux/security/advisories/2006_58_openssl.html
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html
http://www.openssl.org/news/secadv_20060928.txt
http://www.redhat.com/support/errata/RHSA-2006-0695.html
http://www.securityfocus.com/archive/1/447318/100/0/threaded
http://www.securityfocus.com/archive/1/447393/100/0/threaded
http://www.ubuntu.com/usn/usn-353-1
http://www.vupen.com/english/advisories/2006/3820
http://www.vupen.com/english/advisories/2006/3860
http://www.vupen.com/english/advisories/2006/3869
http://www.vupen.com/english/advisories/2006/3902
http://www.vupen.com/english/advisories/2006/4036
http://www.vupen.com/english/advisories/2006/4264
http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf
http://secunia.com/advisories/22500
http://www.debian.org/security/2006/dsa-1195
http://secunia.com/advisories/22633
http://secunia.com/advisories/22654
http://secunia.com/advisories/22791
http://secunia.com/advisories/30161
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://www.kb.cert.org/vuls/id/547300
http://www.osvdb.org/29262
http://www.securityfocus.com/archive/1/470460/100/0/threaded
http://www.securityfocus.com/bid/20249
http://www.vupen.com/english/advisories/2006/4314
http://www.vupen.com/english/advisories/2006/4443
http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=498093&RenditionID=&poid=8881
https://exchange.xforce.ibmcloud.com/vulnerabilities/29237
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4256
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9370