The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2009-08-31 10:30
Updated : 2017-08-17 01:29
NVD link : CVE-2008-7128
Mitre link : CVE-2008-7128
CVE.ORG link : CVE-2008-7128
JSON object : View
Products Affected
xyssl
- xyssl
CWE
CWE-264
Permissions, Privileges, and Access Controls