OpenSSL 'EVP_PKEY_verify_recover()' Invalid Return Value Security Bypass Vulnerability

Bugtraq ID: 40503
Class: Unknown
CVE: CVE-2010-1633
Remote: Yes
Local: No
Published: Jun 01 2010 12:00AM
Updated: Mar 17 2014 12:34AM
Credit: Peter-Michael Hager
Vulnerable: VooDoo cIRCle XTelnet 0.4.5
VooDoo cIRCle 1.1.39
Red Hat Fedora 13
Red Hat Fedora 12
OpenSSL Project OpenSSL 1.0.2
OpenSSL Project OpenSSL 1.0 beta3
OpenSSL Project OpenSSL 1.0 Beta2
OpenSSL Project OpenSSL 1.0 beta1
OpenSSL Project OpenSSL 1.0
OpenSSL Project OpenSSL 1.0.0 Beta5
OpenSSL Project OpenSSL 1.0.0 Beta4
Kolab Kolab Groupware Server 2.2.3
Kolab Kolab Groupware Server 2.2.2
Kolab Kolab Groupware Server 2.2
Kolab Kolab Groupware Server 2.2-rc3
Kolab Kolab Groupware Server 2.2-rc1
Kolab Kolab Groupware Server 2.2 beta3
Kolab Kolab Groupware Server 2.2 beta1
Kolab Kolab Groupware Server 2.2 -rc2
Not Vulnerable: VooDoo cIRCle XTelnet 0.4.6
VooDoo cIRCle 1.1.40
OpenSSL Project OpenSSL 1.0.0a
Kolab Kolab Groupware Server 2.2.4


 

Privacy Statement
Copyright 2010, SecurityFocus