Back to search
CVE-2008-5410
Published: Dec 10, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The PK11_SESSION cache in the OpenSSL PKCS#11 engine in Sun Solaris 10 does not maintain reference counts for operations with asymmetric keys, which allows context-dependent attackers to cause a denial of service (failed cryptographic operations) via unspecified vectors, related to the (1) RSA_sign and (2) RSA_verify functions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://sunsolve.sun.com/search/document.do?assetkey=1-21-138863-02-1
x_refsource_CONFIRM
solaris-openssl-pkcs11engine-dos(47137)
vdb-entry
x_refsource_XF
32671
vdb-entry
x_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-21-139459-01-1
x_refsource_CONFIRM
ADV-2008-3372
vdb-entry
x_refsource_VUPEN
33050
third-party-advisory
x_refsource_SECUNIA
246846
vendor-advisory
x_refsource_SUNALERT
1021358
vdb-entry
x_refsource_SECTRACK
oval:org.mitre.oval:def:5914
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now