« List of all CVEs

CVE-2015-0293

Published: 3/19/2015 Last updated: 8/6/2024 Reserved: 11/18/2014

The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (6)

conf-libcurl conf-libssl conf-mingw-w64-openssl-i686 conf-mingw-w64-openssl-x86_64 conf-openssl conf-srt-openssl

Products affected (2)

Product Vendor Version
n/a n/a < ae3054f6fbccc90f14ecd6cf9b2c09a2401c64fd
n/a n/a < 0d1792c98351b7c8ebdc53d052918e77d1e512c3

References (220)