Description
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2014-0454 Vulnerability (CVE-2014-0454)
ProjectSend Improper Privilege Management Vulnerability (CVE-2020-28874)
Oracle Database Server Other Vulnerability (CVE-2001-0831)
MySQL CVE-2016-3492 Vulnerability (CVE-2016-3492)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-0214)