BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). Dec 02 2013 08:31PM
ScripT setInterval\(function\(\){for\( \){alert\('fixme'\)} } 10\) /scRIpt (tytusromekiatomek inbox com)
General info:
=============
The bn (multiprecision integer arithmetics) part of the OpenSSL library is prone to null ptr deref, off-by-one and others resulting in DoS/crashes.
Versions tested were between 0.9.8k and 1.0.1e. We were too laz*cough* busy to prepare the fancy table, sorry guys.
Some PoC...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus