Description

The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support.

Remediation

References

CVE-2015-0205

Related Vulnerabilities

WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.2)

Magento Improper Input Validation Vulnerability (CVE-2022-42344)

WordPress Plugin CBX Bookmark & Favorite Cross-Site Scripting (1.6.8)

WordPress Plugin NextScripts:Social Networks Auto-Poster Unspecified Vulnerability (4.3.2)

Zope Web Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4924)

Severity

Medium

Classification

CVE-2015-0205

Tags

Missing Update Known Vulnerabilities