SSLv2.Openssl.Get.Shared.Ciphers.Overflow.Attempt

description-logoDescription

This indicates an attempt to exploit a buffer-overflow vulnerability in the SSL_get_shared_ciphers() function in OpenSSL.
An attacker with the ability to supply a specially crafted list of ciphers can execute code in the context of an application using the vulnerable function.

affected-products-logoAffected Products

OpenSSL 0.9.7 before 0.9.7l
OpenSSL 0.9.8 before 0.9.8d, and earlier versions.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to at least OpenSSL 0.9.8d or 0.9.7l.
http://www.openssl.org/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)