CVEs-PoC/2017/CVE-2017-3735.md at 85a323cce4f0b83bb98e6fa48db102dee7fd734b

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-12 09:21:42 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

POC

Reference

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.tenable.com/security/tns-2017-14
https://www.tenable.com/security/tns-2017-15

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Live-Hack-CVE/CVE-2017-3735
https://github.com/chnzzh/OpenSSL-CVE-lib
https://github.com/hrbrmstr/internetdb
https://github.com/tlsresearch/TSI

1.3 KiB Raw Blame History

CVE-2017-3735

Description

POC

Reference

Github

1.3 KiB

Raw Blame History