9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.9 High
AI Score
Confidence
High
0.177 Low
EPSS
Percentile
96.2%
Andy Polyakov discovered that the DTLS implementation in OpenSSL
was vulnerable. A remote attacker could send a specially crafted
connection request to services using DTLS and execute arbitrary code
with the serviceโs privileges. There are no known Ubuntu applications
that are currently using DTLS.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 7.10 | noarch | libssl0.9.8 | <ย 0.9.8e-5ubuntu3.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | libcrypto0.9.8-udeb | <ย 0.9.8e-5ubuntu3.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | libssl-dev | <ย 0.9.8e-5ubuntu3.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | libssl0.9.8-dbg | <ย 0.9.8e-5ubuntu3.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | openssl | <ย 0.9.8e-5ubuntu3.1 | UNKNOWN |
Ubuntu | 7.04 | noarch | libssl0.9.8 | <ย 0.9.8c-4ubuntu0.2 | UNKNOWN |
Ubuntu | 7.04 | noarch | libcrypto0.9.8-udeb | <ย 0.9.8c-4ubuntu0.2 | UNKNOWN |
Ubuntu | 7.04 | noarch | libssl-dev | <ย 0.9.8c-4ubuntu0.2 | UNKNOWN |
Ubuntu | 7.04 | noarch | libssl0.9.8-dbg | <ย 0.9.8c-4ubuntu0.2 | UNKNOWN |
Ubuntu | 7.04 | noarch | openssl | <ย 0.9.8c-4ubuntu0.2 | UNKNOWN |