LibreSSL Memory leakage Vulnerability (CVE-2015-5333)

LibreSSL Memory leakage Vulnerability (CVE-2015-5333)
LibreSSL Memory leakage Vulnerability (CVE-2015-5333)

Release date:
Updated on:

Affected Systems:

LibreSSL 2.0.0-2.3.0

Description:

CVE (CAN) ID: CVE-2015-5333

LibreSSL is a branch of the OpenSSL encryption software library and is an open source Implementation of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.

LibreSSL's OBJ_obj2txt () function has a memory leakage vulnerability. Remote attackers exploit this vulnerability to exhaust the memory, resulting in denial of service or buffer overflow.

<* Source: LibreSSL

Link: http://www.securityfocus.com/archive/1/536692
*>

Suggestion:

Vendor patch:

LibreSSL
--------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.libressl.org/

OpenSSL TLS heartbeat read remote information leakage (CVE-2014-0160)

Severe OpenSSL bug allows attackers to read 64 KB of memory, fixed in half an hour in Debian

OpenSSL "heartbleed" Security Vulnerability

Provides FTP + SSL/TLS authentication through OpenSSL and implements secure data transmission.

LibreSSL details: click here
LibreSSL: click here

This article permanently updates the link address: