CVE
- Id
- 30344
- CVE No.
- CVE-2008-0227
- Status
- Candidate
- Description
- yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.
- Phase
- Assigned (20080110)
- Votes
- None (candidate not yet proposed)
- Comments
Related CVE References
| Id | CVE Id | CVE No. | Reference | Actions |
|---|---|---|---|---|
| 322011 | 30344 | CVE-2008-0227 | BUGTRAQ:20080104 Multiple vulnerabilities in yaSSL 1.7.5 | View |
| 322012 | 30344 | CVE-2008-0227 | URL:http://www.securityfocus.com/archive/1/archive/1/485810/100/0/threaded | View |
| 322013 | 30344 | CVE-2008-0227 | CONFIRM:http://bugs.mysql.com/33814 | View |
| 322014 | 30344 | CVE-2008-0227 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | View |
| 322015 | 30344 | CVE-2008-0227 | CONFIRM:http://support.apple.com/kb/HT3216 | View |
| 322016 | 30344 | CVE-2008-0227 | APPLE:APPLE-SA-2008-10-09 | View |
| 322017 | 30344 | CVE-2008-0227 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | View |
| 322018 | 30344 | CVE-2008-0227 | DEBIAN:DSA-1478 | View |
| 322019 | 30344 | CVE-2008-0227 | URL:http://www.debian.org/security/2008/dsa-1478 | View |
| 322020 | 30344 | CVE-2008-0227 | MANDRIVA:MDVSA-2008:150 | View |
| 322021 | 30344 | CVE-2008-0227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:150 | View |
| 322022 | 30344 | CVE-2008-0227 | UBUNTU:USN-588-1 | View |
| 322023 | 30344 | CVE-2008-0227 | URL:http://www.ubuntu.com/usn/usn-588-1 | View |
| 322024 | 30344 | CVE-2008-0227 | BID:27140 | View |
| 322025 | 30344 | CVE-2008-0227 | URL:http://www.securityfocus.com/bid/27140 | View |
| 322026 | 30344 | CVE-2008-0227 | BID:31681 | View |
| 322027 | 30344 | CVE-2008-0227 | URL:http://www.securityfocus.com/bid/31681 | View |
| 322028 | 30344 | CVE-2008-0227 | VUPEN:ADV-2008-0560 | View |
| 322029 | 30344 | CVE-2008-0227 | URL:http://www.vupen.com/english/advisories/2008/0560/references | View |
| 322030 | 30344 | CVE-2008-0227 | VUPEN:ADV-2008-2780 | View |
| 322031 | 30344 | CVE-2008-0227 | URL:http://www.vupen.com/english/advisories/2008/2780 | View |
| 322032 | 30344 | CVE-2008-0227 | SECUNIA:28324 | View |
| 322033 | 30344 | CVE-2008-0227 | URL:http://secunia.com/advisories/28324 | View |
| 322034 | 30344 | CVE-2008-0227 | SECUNIA:28597 | View |
| 322035 | 30344 | CVE-2008-0227 | URL:http://secunia.com/advisories/28597 | View |
| 322036 | 30344 | CVE-2008-0227 | SECUNIA:29443 | View |
| 322037 | 30344 | CVE-2008-0227 | URL:http://secunia.com/advisories/29443 | View |
| 322038 | 30344 | CVE-2008-0227 | SECUNIA:32222 | View |
| 322039 | 30344 | CVE-2008-0227 | URL:http://secunia.com/advisories/32222 | View |
| 322040 | 30344 | CVE-2008-0227 | SREASON:3531 | View |
| 322041 | 30344 | CVE-2008-0227 | URL:http://securityreason.com/securityalert/3531 | View |
| 322042 | 30344 | CVE-2008-0227 | XF:yassl-hashwithtransformupdate-dos(39433) | View |
Related JVN
| Id | JVN No. | Title | Summary | CVE No. | CVE Id | CVSS_v2 | CVSS_v3 | JVN URL | Actions |
|---|---|---|---|---|---|---|---|---|---|
| 50049 | JVNDB-2008-005359 | Tuned Studios Subwoofer などの Web ページテンプレートにおけるディレクトリトラバーサルの脆弱性 | Tuned Studios (1) Subwoofer、(2) Freeze Theme、(3) Orange Cutout、(4) Lonely Maple、(5) Endless、(6) Classic Theme、および (7) Music Theme の Web ページテンプレートの index.php には、ディレクトリトラバーサルの脆弱性が存在します。 | CVE-2008-0231 | 30344 | 7.5 | http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-005359.html | View |
