The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-08-31T10:00:00
Updated: 2024-08-07T11:56:14.250Z
Reserved: 2009-08-31T00:00:00
Link: CVE-2008-7128
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-08-31T10:30:01.217
Modified: 2017-08-17T01:29:50.427
Link: CVE-2008-7128
Redhat
No data.