QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2008-1678

Back to search

CVE-2008-1678

Published: Jul 10, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.

VendorProductVersions

n/a

n/a

affected
n/a

References

RHSA-2009:1075
vendor-advisory
x_refsource_REDHAT
42724
third-party-advisory
x_refsource_SECUNIA
34219
third-party-advisory
x_refsource_SECUNIA
openssl-libssl-dos(43948)
vdb-entry
x_refsource_XF
31026
third-party-advisory
x_refsource_SECUNIA
SSA:2010-060-02
vendor-advisory
x_refsource_SLACKWARE
31692
vdb-entry
x_refsource_BID
SUSE-SR:2008:024
vendor-advisory
x_refsource_SUSE
oval:org.mitre.oval:def:9754
vdb-entry
signature
x_refsource_OVAL
31681
vdb-entry
x_refsource_BID
38761
third-party-advisory
x_refsource_SECUNIA
31416
third-party-advisory
x_refsource_SECUNIA
44183
third-party-advisory
x_refsource_SECUNIA
USN-731-1
vendor-advisory
x_refsource_UBUNTU
32222
third-party-advisory
x_refsource_SECUNIA
35264
third-party-advisory
x_refsource_SECUNIA
MDVSA-2009:124
vendor-advisory
x_refsource_MANDRIVA
FEDORA-2008-6393
vendor-advisory
x_refsource_FEDORA
GLSA-200807-06
vendor-advisory
x_refsource_GENTOO
ADV-2008-2780
vdb-entry
x_refsource_VUPEN
3981
third-party-advisory
x_refsource_SREASON
APPLE-SA-2008-10-09
vendor-advisory
x_refsource_APPLE
42733
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now