Description

The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.

Remediation

References

CVE-2015-0293

Related Vulnerabilities

WordPress Plugin Client Invoicing by Sprout Invoices-Easy Estimates and Invoices for WordPress Security Bypass (9.3)

WordPress 5.0.x Prototype Pollution (5.0 - 5.0.15)

WordPress Plugin Ultimate Coming Soon, Maintenance Mode for WordPress-Everest Coming Soon Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.0)

WordPress Plugin WP ERP-Complete WordPress Business Manager with HR, CRM & Accounting Systems for Small Businesses Cross-Site Request Forgery (1.7.4)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-0145)

Severity

Medium

Classification

CVE-2015-0293 CWE-20

Tags

Missing Update Known Vulnerabilities