CVE-2015-0205

NONECVSS 0.0

0.0

The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support.

🔗 References (72)

secalert@redhathttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10679
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/147938.html
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/148363.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
secalert@redhathttp://marc.info/?l=bugtraq&m=142721102728110&w=2
secalert@redhathttp://marc.info/?l=bugtraq&m=143748090628601&w=2
secalert@redhathttp://marc.info/?l=bugtraq&m=144050155601375&w=2
secalert@redhathttp://marc.info/?l=bugtraq&m=144050205101530&w=2
secalert@redhathttp://marc.info/?l=bugtraq&m=144050254401665&w=2
secalert@redhathttp://marc.info/?l=bugtraq&m=144050297101809&w=2
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2015-0066.html
secalert@redhathttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl

Is Your Infrastructure Affected by CVE-2015-0205?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2015-0205

📅 Published

🔄 Last Modified

🔗 References (72)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2015-0205?