OpenSSL 'EVP_PKEY_verify_recover()' Invalid Return Value Security Bypass Vulnerability

Bugtraq ID: 40503
Class: Unknown
CVE: CVE-2010-1633
Remote: Yes
Local: No
Published: Jun 01 2010 12:00AM
Updated: Apr 13 2015 09:42PM
Credit: Peter-Michael Hager
Vulnerable: VooDoo cIRCle XTelnet 0.4.5
VooDoo cIRCle 1.1.39
OpenSSL Project OpenSSL 1.0.2
OpenSSL Project OpenSSL 1.0 beta3
OpenSSL Project OpenSSL 1.0 Beta2
OpenSSL Project OpenSSL 1.0 beta1
OpenSSL Project OpenSSL 1.0
OpenSSL Project OpenSSL 1.0.0 Beta5
OpenSSL Project OpenSSL 1.0.0 Beta4
Kolab Kolab Groupware Server 2.2.3
Kolab Kolab Groupware Server 2.2.2
Kolab Kolab Groupware Server 2.2
Kolab Kolab Groupware Server 2.2-rc3
Kolab Kolab Groupware Server 2.2-rc1
Kolab Kolab Groupware Server 2.2 beta3
Kolab Kolab Groupware Server 2.2 beta1
Kolab Kolab Groupware Server 2.2 -rc2
IBM Tivoli Remote Control 5.1.2
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP9
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP8
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP7
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP6
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP5
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP4
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP3
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP2
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP13
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP12
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP11
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP10
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP1
IBM Tivoli Endpoint Manager for Remote Control 9.0
IBM Tivoli Endpoint Manager for Remote Control 8.2.1
IBM Tivoli Composite Application Manager for Transactions 7.3.0.1
IBM Tivoli Composite Application Manager for Transactions 7.3.0
IBM Tivoli Composite Application Manager for Transactions 7.2.0.2
IBM Tivoli Composite Application Manager for Transactions 7.2.0.1
IBM Tivoli Composite Application Manager for Transactions 7.2.0
IBM Tivoli Composite Application Manager for Transactions 7.1.0.2
IBM Tivoli Composite Application Manager for Transactions 7.1.0.1
IBM Tivoli Composite Application Manager for Transactions 7.1.0
IBM Sterling Connect:Express for UNIX 1.5.0
IBM Sterling Connect:Express for UNIX 1.4.6
IBM Sterling Connect:Enterprise for UNIX 2.5
IBM Sterling Connect:Enterprise for UNIX 2.4 4
IBM Service Delivery Manager 7.2.4
IBM Service Delivery Manager 7.2.2
IBM Service Delivery Manager 7.2.1
IBM Hardware Management Console (HMC) 7R7.3.0
IBM Hardware Management Console (HMC) 7R7.2.0 SP2
IBM Hardware Management Console (HMC) 7R7.2.0 SP1
IBM Hardware Management Console (HMC) 7R7.2.0
IBM Hardware Management Console (HMC) 7R7.1.0 SP4
IBM Hardware Management Console (HMC) 7R7.1.0 SP3
IBM Hardware Management Console (HMC) 7R7.1.0
IBM DS8870 7.1
IBM DS8870 7.0
IBM Cloudburst 2.1.1
IBM Cloudburst 2.1
IBM Cloudburst 1.2
Not Vulnerable: VooDoo cIRCle XTelnet 0.4.6
VooDoo cIRCle 1.1.40
OpenSSL Project OpenSSL 1.0.0a
Kolab Kolab Groupware Server 2.2.4
IBM Hardware Management Console (HMC) 7R7.7.0
IBM DS8870 7.2


 

Privacy Statement
Copyright 2010, SecurityFocus