QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-5135

Back to search

CVE-2007-5135

Published: Sep 27, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.

VendorProductVersions

n/a

n/a

affected
n/a

References

HPSBUX02292
vendor-advisory
x_refsource_HP
oval:org.mitre.oval:def:5337
vdb-entry
signature
x_refsource_OVAL
27205
third-party-advisory
x_refsource_SECUNIA
27097
third-party-advisory
x_refsource_SECUNIA
ADV-2008-2362
vdb-entry
x_refsource_VUPEN
1018755
vdb-entry
x_refsource_SECTRACK
31489
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2008-07-31
vendor-advisory
x_refsource_APPLE
FEDORA-2007-725
vendor-advisory
x_refsource_FEDORA
RHSA-2007:1003
vendor-advisory
x_refsource_REDHAT
29242
third-party-advisory
x_refsource_SECUNIA
MDKSA-2007:193
vendor-advisory
x_refsource_MANDRIVA
27186
third-party-advisory
x_refsource_SECUNIA
27851
third-party-advisory
x_refsource_SECUNIA
ADV-2008-2268
vdb-entry
x_refsource_VUPEN
30124
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2008:005
vendor-advisory
x_refsource_SUSE
27394
third-party-advisory
x_refsource_SECUNIA
[4.1] 011: SECURITY FIX: October 10, 2007
vendor-advisory
x_refsource_OPENBSD
oval:org.mitre.oval:def:10904
vdb-entry
signature
x_refsource_OVAL
31308
third-party-advisory
x_refsource_SECUNIA
22130
third-party-advisory
x_refsource_SECUNIA
27031
third-party-advisory
x_refsource_SECUNIA
ADV-2007-3625
vdb-entry
x_refsource_VUPEN
FreeBSD-SA-07:08
vendor-advisory
x_refsource_FREEBSD
USN-522-1
vendor-advisory
x_refsource_UBUNTU
ADV-2008-2361
vdb-entry
x_refsource_VUPEN
27217
third-party-advisory
x_refsource_SECUNIA
31467
third-party-advisory
x_refsource_SECUNIA
27961
third-party-advisory
x_refsource_SECUNIA
RHSA-2007:0964
vendor-advisory
x_refsource_REDHAT
27870
third-party-advisory
x_refsource_SECUNIA
25831
vdb-entry
x_refsource_BID
DSA-1379
vendor-advisory
x_refsource_DEBIAN
ADV-2007-4042
vdb-entry
x_refsource_VUPEN
27330
third-party-advisory
x_refsource_SECUNIA
30161
third-party-advisory
x_refsource_SECUNIA
GLSA-200805-07
vendor-advisory
x_refsource_GENTOO
28368
third-party-advisory
x_refsource_SECUNIA
27012
third-party-advisory
x_refsource_SECUNIA
3179
third-party-advisory
x_refsource_SREASON
27229
third-party-advisory
x_refsource_SECUNIA
27051
third-party-advisory
x_refsource_SECUNIA
31326
third-party-advisory
x_refsource_SECUNIA
27078
third-party-advisory
x_refsource_SECUNIA
GLSA-200710-06
vendor-advisory
x_refsource_GENTOO
SSRT071499
vendor-advisory
x_refsource_HP
200858
vendor-advisory
x_refsource_SUNALERT
[4.0] 017: SECURITY FIX: October 10, 2007
vendor-advisory
x_refsource_OPENBSD
[4.2] 002: SECURITY FIX: October 10, 2007
vendor-advisory
x_refsource_OPENBSD
openssl-sslgetshared-bo(36837)
vdb-entry
x_refsource_XF
RHSA-2007:0813
vendor-advisory
x_refsource_REDHAT
SUSE-SR:2007:020
vendor-advisory
x_refsource_SUSE
ADV-2007-3325
vdb-entry
x_refsource_VUPEN
ADV-2007-4144
vdb-entry
x_refsource_VUPEN
ADV-2008-0064
vdb-entry
x_refsource_VUPEN
27021
third-party-advisory
x_refsource_SECUNIA
103130
vendor-advisory
x_refsource_SUNALERT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now