OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability

Exploit code that appears to be function has been discovered in the wild. Also, this code may be part of an "auto-hacking" utility or worm with peer-to-peer and distributed denial-of-service capabilities. There are two reported intrusions in Europe.

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

The following exploit code is available:


 

Privacy Statement
Copyright 2010, SecurityFocus