Security News

PoC Exploit Released for DoS Vulnerability in OpenSSL

2020-05-05 08:59

A proof-of-concept exploit has been made public for a recently patched vulnerability in OpenSSL that can be exploited for denial-of-service attacks. OpenSSL versions 1.1.1d, 1.1.1e and 1.1.1f are affected by a high-severity vulnerability that has been described as a segmentation fault in the SSl check chain function.

#DOS #exploit #openssl #POC #vulnerability #CVE-2020-1967

GCC 10 gets security bug trap. And look what just fell into it: OpenSSL and a prod-of-death flaw in servers and apps

2020-04-23 10:06

A static analysis feature set to appear in GCC 10, which will catch common programming errors that can lead to security vulnerabilities, has scored an early win - it snared an exploitable flaw in OpenSSL. Bernd Edlinger discovered CVE-2020-1967, a denial-of-service flaw deemed to be a high severity risk by the OpenSSL team. While the flaw is an irritation - it's not remote-code execution but it can potentially hose servers and apps - programmers may be more interested in how it was uncovered.

#openssl #security #server #CVE-2020-1967

High-Severity Vulnerability in OpenSSL Allows DoS Attacks

2020-04-21 14:01

An update released on Tuesday for OpenSSL patches a high-severity vulnerability that can be exploited for denial-of-service attacks. The vulnerability impacts OpenSSL versions 1.1.1d, 1.1.1e and 1.1.1f, and it has been patched with the release of version 1.1.1g. Older versions 1.0.2 and 1.1.0, which no longer receive security updates, are not impacted by the flaw.

#attack #DOS #openssl #vulnerability

Evolution of OpenSSL Security After Heartbleed

2019-12-26 13:28

OpenSSL has evolved a great deal in terms of security since the disclosure of the Heartbleed vulnerability back in 2014. read more

#heartbleed #openssl #security

Blue Cedar collaborates with OpenSSL, Akamai, NetApp, and VMware to develop FIPS module

2018-09-28 03:30

Blue Cedar has joined an industry initiative to develop the open-source FIPS 140-2 module for OpenSSL. Blue Cedar will collaborate with Open SSL, Akamai, NetApp, and VMware, in the effort to...

#akamai #bluecedar #fips #netapp #openssl #vmware

OpenSSL 1.1.1 Released With TLS 1.3, Security Improvements

2018-09-11 16:01

The OpenSSL Project on Tuesday announced the release of OpenSSL 1.1.1, the new Long Term Support (LTS) version of the cryptographic software library. read more

#openssl #security #TLS #tls1.3

May the May update be with you: OpenSSL key sniffed from radio signal

2018-08-14 09:29

'One and Done' attack patched in library's May 2018 release If you missed the OpenSSL update released in May, go back and get it: a Georgia Tech team recovered a 2048-bit RSA key from OpenSSL...

#openssl #signal

First OpenSSL Updates in 2018 Patch Three Flaws

2018-03-27 15:35

The first round of security updates released in 2018 for OpenSSL patch a total of three vulnerabilities, but none of them appears to be serious. OpenSSL versions 1.1.0h and 1.0.2o patch...

#openssl #patch #CVE-2018-0733 #CVE-2018-0739 #CVE-2017-3738

Two Vulnerabilities Patched in OpenSSL

2017-12-07 19:36

The OpenSSL Project announced on Thursday the availability of OpenSSL 1.0.2n, a version that patches two vulnerabilities discovered by a Google researcher. read more

#openssl #vulnerabilities

OpenSSL Patches Flaws Found With Google Fuzzer

2017-11-02 16:31

OpenSSL updates released on Thursday patch two low and medium severity vulnerabilities discovered using Google’s open source OSS-Fuzz fuzzing service. read more

#google #openssl

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News