MidnightBSD

Advisories for ssleay

CVE-1999-0007 MEDIUM

Information from SSL-encrypted sessions via PKCS #1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,

Products Affected

Vendor Product Version
c2net stonghold_web_server 2.0.1
netscape fasttrack_server 3.01b
microsoft site_server 3.0
netscape proxy_server 3.5.1
netscape enterprise_server 3.0.1b
netscape enterprise_server 3.5.1
netscape directory_server 1.3
c2net stonghold_web_server 2.2
netscape directory_server 3.1
netscape directory_server 3.12
ssleay ssleay 0.8.1
ssleay ssleay 0.6.6
hp open_market_secure_webserver 2.1
netscape certificate_server 1.0
c2net stonghold_web_server 2.3
microsoft internet_information_server 3.0
netscape enterprise_server 2.0
ssleay ssleay 0.9
netscape messaging_server 3.54
microsoft exchange_server 5.5
microsoft internet_information_server 4.0
netscape collabra_server 3.5.2
CVE-2001-1141 MEDIUM

The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
openssl openssl 0.9.6
ssleay ssleay 0.9
openssl openssl 0.9.1c
openssl openssl 0.9.4
openssl openssl 0.9.3
openssl openssl 0.9.2b
ssleay ssleay 0.8.1
ssleay ssleay 0.9.1
openssl openssl 0.9.5
openssl openssl 0.9.6a