5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.185 Low
EPSS
Percentile
96.2%
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s
and 1.x before 1.0.0f does not properly handle handshake restarts, which
allows remote attackers to cause a denial of service (CPU consumption) via
unspecified vectors.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | openssl | <ย 0.9.8g-4ubuntu3.15 | UNKNOWN |
ubuntu | 10.04 | noarch | openssl | <ย 0.9.8k-7ubuntu8.8 | UNKNOWN |
ubuntu | 10.10 | noarch | openssl | <ย 0.9.8o-1ubuntu4.6 | UNKNOWN |
ubuntu | 11.04 | noarch | openssl | <ย 0.9.8o-5ubuntu1.2 | UNKNOWN |
ubuntu | 11.10 | noarch | openssl | <ย 1.0.0e-2ubuntu4.2 | UNKNOWN |
ubuntu | 11.10 | noarch | openssl098 | <ย 0.9.8o-7ubuntu1.2 | UNKNOWN |