ubuntu openssl evp.h‘EVP_DecodeUpdate’函数整数溢出漏洞(CVE-2015-0292),这种系统漏洞怎么处理,
点击联系发帖人
时间:2016-11-06 04:49
常用的openssl函数
base64解编码
依次调用EVP_DecodeInit(), EVP_DecodeUpdate(), EVP_DecodeFinal(),与md5和sha1类似,适用于数据量特别大时,分段解码,通过多次调用EVP_DecodeUpdate()实现。
调用int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);这两个函数都是一次性使用的,注意下返回值是解码后的结果长度,因此返回值大于等于0时,解编码成功。
bool base64Decode(const string& strSrc, string& strDest)
char* szBuffer = new char[strSrc.length()];
if (EVP_DecodeBlock((unsigned char*)szBuffer, (const unsigned char*)strSrc.c_str(), strSrc.length()) &= 0)
return false;
strDest = szB
delete[] szB
szBuffer = NULL;
参考知识库
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
访问:11349次
排名:千里之外
原创:27篇
(2)(2)(2)(2)(1)(1)(2)(2)(4)(9)OpenSSL BN_GF2m_mod_inv函数拒绝服务漏洞(CVE-)_Linux安全_Linux公社-Linux系统门户网站
你好,游客
OpenSSL BN_GF2m_mod_inv函数拒绝服务漏洞(CVE-)
来源:Linux社区&
作者:Linux
OpenSSL BN_GF2m_mod_inv函数拒绝服务漏洞(CVE-)
发布日期:更新日期:受影响系统:
OpenSSL Project OpenSSL & 1.0.2bOpenSSL Project OpenSSL & 1.0.1nOpenSSL Project OpenSSL & 1.0.0eOpenSSL Project OpenSSL & 0.9.8s
CVE(CAN) ID: OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。OpenSSL 0.9.8s、1.0.0e、1.0.1n、1.0.2b之前版本,crypto/bn/bn_gf2m.c内的函数BN_GF2m_mod_inv没有正确处理ECParameters结构,远程攻击者通过使用Elliptic Curve算法的会话,利用此漏洞可造成拒绝服务(无限循环)。&*来源:Joseph Birr-Pixton& & 链接:*&建议:
厂商补丁:OpenSSL Project---------------OpenSSL Project已经为此发布了一个安全公告(secadv_)以及相应补丁:secadv_:OpenSSL Security Advisory [11 Jun 2015]链接:
本文永久更新链接地址:
相关资讯 & & &
& (12/02/:52)
& (11/03/:54)
& (12/02/:42)
& (12/02/:05)
& (10/19/:16)
同意评论声明
发表
尊重网上道德,遵守中华人民共和国的各项有关法律法规
承担一切因您的行为而直接或间接导致的民事或刑事法律责任
本站管理人员有权保留或删除其管辖留言中的任意内容
本站有权在网站内转载或引用您的评论
参与本评论即表明您已经阅读并接受上述条款Openssl EVP(high-level cryptographic functions[1])Openssl/EVP
1base64BIO
4reliable BIO
&&&&& EVPcrypto/evp.h
struct evp_pkey_st
#ifndef OPENSSL_NO_RSA
struct rsa_st *
#ifndef OPENSSL_NO_DSA
struct dsa_st *
#ifndef OPENSSL_NO_DH
struct dh_st *
#ifndef OPENSSL_NO_EC
struct ec_key_st *
STACK_OF(X509_ATTRIBUTE) * /* [ 0 ] */
RSADSADHECCptrattributes
struct env_md_st
unsigned long
int (*init)(EVP_MD_CTX *ctx);
int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count);
int (*final)(EVP_MD_CTX *ctx,unsigned char *md);
int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from);
int (*cleanup)(EVP_MD_CTX *ctx);
int (*sign)(int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigret, unsigned int *siglen, void *key);
int (*verify)(int type, const unsigned char *m, unsigned int m_length,
const unsigned char *sigbuf, unsigned int siglen,
void *key);
int required_pkey_type[5];
int block_
int ctx_ /* how big does the ctx-&md_data need to be */
&&&&&&&&& typeNID
&&&&&&&&& pkey_typeNID
&&&&&&&&& md_size
&&&&&&&&& flags
&&&&&&&&& init
&&&&&&&&& update
&&&&&&&&& final
&&&&&&&&& copy
&&&&&&&&& cleanup
&&&&&&&&& signkey
&&&&&&&&& verifykey
&&&&&&&&& opensslcypto/evpm_Openssl
struct evp_cipher_st
int block_
unsigned long
int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl);
int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *);
int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *);
int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr);
void *app_
&&&&&&&&& nidnid
&&&&&&&&& block_size
&&&&&&&&& key_len
&&&&&&&&& iv_len
&&&&&&&&& flags
&&&&&&&&& initctxkeyivencctx
&&&&&&&&& do_cipher
&&&&&&&&& cleanup
&&&&&&&&& set_asn1_parameters
&&&&&&&&& get_asn1_parameters
&&&&&&&&& ctrl
&&&&&&&&& app_data
&&&&&&&&& opensslcypto/evpe_Openssl
struct evp_cipher_ctx_st
const EVP_CIPHER *
unsigned char
oiv[EVP_MAX_IV_LENGTH];
unsigned char
iv[EVP_MAX_IV_LENGTH];
unsigned char
buf[EVP_MAX_BLOCK_LENGTH];
/* 其他 */
unsigned char final[EVP_MAX_BLOCK_LENGTH];
&&&&&&&&& Updateblock_size
&&&&&&&&& cipher
&&&&&&&&& engine
&&&&&&&&& encrypt00
&&&&&&&&& buf buf_len
&&&&&&&&& oiv
&&&&&&&&&& finalFinal
evpcrypto/evp
c_allc.cc_alld.cc_all.cnames.copensslOpenSSL_add_all_digestsOpenSSL_add_all_ciphersOpenSSL_add_all_algorithms()EVP_add_digestEVP_add_cipher
bio_b64.cbio_enc.cbio_md.cbio_ok.cBIO_METHODbase64
digest.cEVP_MDm_xxx.c
evp_enc.cUpdateEVP_CIPHERe_xxx.ce_xxx.cblock_sizeevp_enc.ce_xxx.c
?EVP_CIPHER
?EVP_CIPHERinitiv
?do_cipherblock_size
p_p_enc.cp_dec.cp_lib.cp_sign.cp_verify.cp_seal.cp_open.c
p5_crpt2.cp5_crpt.cevp_pbe.c
1& EVP_md5
&&&&&& md5EVP_MD
2) & EVP_sha1
&&&&&& sha1EVP_MD
3) & EVP_sha256
&&&&&& sha256EVP_MD
4& EVP_DigestInit
&& & EVP_MD
5& EVP_DigestUpdateEVP_DigestInit_ex
&&&&&& Update
6& EVP_DigestFinalEVP_DigestFinal_ex
&&&&&& Final
7& EVP_Digest
对称加解密函数
1& EVP_CIPHER_CTX_init
2& EVP_CIPHER_CTX_cleanup
&&&&&& 3& EVP_des_ede3_ecb
&&&&&& &&&&&& EVP_CIPHER
&&&&&& 4)&&& EVP_EncryptInitEVP_EncryptInit_ex
initkeyivctx
&&&&&& 5& EVP_EncryptUpdate
&&&&&& &&&&&& do_cipher
&&&&&& 6& EVP_EncryptFinalEVP_EncryptFinal_ex
&&&&&& &&&&&& do_cipher
&&&&&& 7& EVP_DecryptInitEVP_DecryptInit_ex
&&&&&& &&&&&&
&&&&&& 8& EVP_DecryptUpdate
&&&&&& &&&&&& do_cipher
&&&&&& 9& EVP_DecryptFinalEVP_DecryptFinal_ex
&&&&&& &&&&&& do_cipher
&&&&&& 10EVP_BytesToKey
&&&&&& 11PKCS5_PBE_keyivgenPKCS5_v2_PBE_keyivgen
&&&&&& &&&&&& PKCS5
&&&&&& 12PKCS5_PBE_add
&&&&&& &&&&&& openssl
&&&&&& 13EVP_PBE_alg_add
&&&&&& &&&&&& PBE
非对称函数
1 EVP_PKEY_encrypt
2)&& EVP_PKEY_decrypt
3)&& EVP_PKEY_assign
4)&& EVP_PKEY_assign_RSA/ EVP_PKEY_set1_RSA
EVP_PKEYRSARSA
5)&& EVP_PKEY_get1_RSA
EVP_PKEYRSA
6)&& EVP_SignFinal
(EVP_PKEY)
7)&& EVP_VerifyFinal
(EVP_PKEY)
8)&& int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,const unsigned char *ek, int ekl, const unsigned char *iv,EVP_PKEY *priv)
&&&&&& 9)&&&
&&& 做解密运算。
10)& EVP_OpenFinal
11)&& int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
12)EVP_SealUpdate
&&& 做加密运算。
EVP_SealFinal
编解码函数
1)&& EVP_EncodeInit
2)&& EVP_EncodeUpdate
3)&& EVP_EncodeFinal
4)&& EVP_DecodeInit
5)&& EVP_DecodeUpdate
&&&&& &&&&&& 80BASE64
6)&& EVP_DecodeFinal
&&&&&& 7EVP_EncodeBlock
&&&&&& &&&&&& BASE64
8EVP_DecodeBlock
&&&&&& 1& EVP_add_cipher
&&&&&& 2& EVP_add_digest
3)&&& EVP_CIPHER_CTX_ctrl
4)&&& EVP_CIPHER_CTX_set_key_length
5)&&& EVP_CIPHER_CTX_set_padding
6)&&& EVP_CIPHER_get_asn1_iv
ivASN1_TYPE
7)&&& EVP_CIPHER_param_to_asn1
ASN1_TYPEset_asn1_parameters
8)&&& EVP_CIPHER_type
9& EVP_CipherInit/EVP_CipherInit_ex
(/)_exengingeEVP_EncryptInitEVP_DecryptInit
10)& EVP_CipherUpdate
/EVP_EncryptUpdateEVP_DecryptUpdate
11&&&&&& EVP_CipherFinal/EVP_CipherFinal_ex
(/)EVP_EncryptFinal_exEVP_DecryptFinal(_ex
12EVP_cleanup
13)& EVP_get_cipherbyname
(EVP_CIPHER)
14)& EVP_get_digestbyname
15)& EVP_get_pw_prompt
16int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
&&&&&& &&&& ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
PBE/EVP_CipherUpdateEVP_CipherFinal_excrypto/p12_decr.cPKCS12_pbe_crypt.
17)& EVP_PBE_cleanup
18EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
PKCS8_PRIV_KEY_INFO(x509.h)EVP_PKEY
19)& EVP_PKEY2PKCS8/EVP_PKEY2PKCS8_broken
EVP_PKEYPKCS8_PRIV_KEY_INFO
20)& EVP_PKEY_bits
21)& EVP_PKEY_cmp_parameters
22EVP_PKEY_copy_parameters
23EVP_PKEY_free
24)& EVP_PKEY_get1_DH/EVP_PKEY_set1_DH
/EVP_PKEYDH
25)& EVP_PKEY_get1_DSA/EVP_PKEY_set1_DSA
/EVP_PKEYDSA
26EVP_PKEY_get1_RSA/EVP_PKEY_set1_RSA
/EVP_PKEYRSA
27)& EVP_PKEY_missing_parameters
28)& EVP_PKEY_new
29)& EVP_PKEY_size
30)& EVP_PKEY_type
31int&& EVP_read_pw_string(char *buf,int length,const char *prompt,int verify)
buflengthbufpromptverify00
32)& EVP_set_pw_prompt
对称加密过程
&&&&&& &&&
1& EVP_EncryptInit
buf_len0buf
2& EVP_EncryptUpdate
ctxbufEVP_EncryptUpdatebuf_lenbuf_len0bufbuf_len0buf
&&&&&& 3& EVP_ EncryptFinal
EVP_EncryptUpdate
#include &string.h&
#include &openssl/evp.h&
ret,which=1;
EVP_CIPHER_CTX
const EVP_CIPHER
unsigned char
key[24],iv[8],in[100],out[108],de[100];
i,len,inl,outl,total=0;
for(i=0;i&24;i++)
memset(&key[i],i,1);
for(i=0;i&8;i++)
memset(&iv[i],i,1);
for(i=0;i&100;i++)
memset(&in[i],i,1);
EVP_CIPHER_CTX_init(&ctx);
printf("please select :\n");
printf("1: EVP_des_ede3_ofb\n");
printf("2: EVP_des_ede3_cbc\n");
scanf("%d",&which);
if(which==1)
cipher=EVP_des_ede3_ofb();
cipher=EVP_des_ede3_cbc();
ret=EVP_EncryptInit_ex(&ctx,cipher,NULL,key,iv);
if(ret!=1)
printf("EVP_EncryptInit_ex err1!\n");
return -1;
EVP_EncryptUpdate(&ctx,out+len,&outl,in,inl);
EVP_EncryptUpdate(&ctx,out+len,&outl,in+50,inl);
EVP_EncryptFinal_ex(&ctx,out+len,&outl);
printf("加密结果长度:%d\n",len);
/* 解密 */
EVP_CIPHER_CTX_cleanup(&ctx);
EVP_CIPHER_CTX_init(&ctx);
ret=EVP_DecryptInit_ex(&ctx,cipher,NULL,key,iv);
if(ret!=1)
printf("EVP_DecryptInit_ex err1!\n");
return -1;
EVP_DecryptUpdate(&ctx,de+total,&outl,out,44);
EVP_DecryptUpdate(&ctx,de+total,&outl,out+44,len-44);
ret=EVP_DecryptFinal_ex(&ctx,de+total,&outl);
if(ret!=1)
EVP_CIPHER_CTX_cleanup(&ctx);
printf("EVP_DecryptFinal_ex err\n");
return -1;
if((total!=100) || (memcmp(de,in,100)))
printf("err!\n");
return -1;
EVP_CIPHER_CTX_cleanup(&ctx);
printf("test ok!\n");
&&&&&& please select :
&&&&&& 1: EVP_des_ede3_ofb
&&&&&& 2: EVP_des_ede3_cbc
&&&&&& 100
&&&&&& test ok!
&&&&&& please select :
&&&&&& 1: EVP_des_ede3_ofb
&&&&&& 2: EVP_des_ede3_cbc
&&&&&& 104
&&&&&& test ok!
#include &string.h&
#include &openssl/evp.h&
cnid,ret,i,msize,
mpktype,cbsize,mnid,
const EVP_CIPHER
const EVP_MD
datal,count,keyl,
unsigned char
salt[20],data[100],*key,*
type=EVP_des_ecb();
cnid=EVP_CIPHER_nid(type);
cname=EVP_CIPHER_name(type);
cbsize=EVP_CIPHER_block_size(type);
printf("encrypto nid : %d\n",cnid);
printf("encrypto name: %s\n",cname);
printf("encrypto bock size : %d\n",cbsize);
md=EVP_md5();
mtype=EVP_MD_type(md);
mnid=EVP_MD_nid(md);
mname=EVP_MD_name(md);
mpktype=EVP_MD_pkey_type(md);
msize=EVP_MD_size(md);
mbsize=EVP_MD_block_size(md);
printf("md info : \n");
printf("md type
: %d\n",mtype);
printf("md nid
: %d\n",mnid);
printf("md name : %s\n",mname);
printf("md pkey type : %d\n",mpktype);
printf("md size : %d\n",msize);
printf("md block size : %d\n",mbsize);
keyl=EVP_CIPHER_key_length(type);
key=(unsigned char *)malloc(keyl);
ivl=EVP_CIPHER_iv_length(type);
iv=(unsigned char *)malloc(ivl);
for(i=0;i&100;i++)
memset(&data[i],i,1);
for(i=0;i&20;i++)
memset(&salt[i],i,1);
datal=100;
ret=EVP_BytesToKey(type,md,salt,data,datal,count,key,iv);
printf("generate key value: \n");
for(i=0;i&i++)
printf("%x ",*(key+i));
printf("\n");
printf("generate iv value: \n");
for(i=0;i&i++)
printf("%x ",*(iv+i));
printf("\n");
&&&&&& EVP_BytesToKeysaltdatakeyiv
&&&&&& encrypto nid : 29
&&&&&& encrypto name: DES-ECB
&&&&&& encrypto bock size : 8
&&&&&& md info :
&&&&&& md type& : 4
&&&&&& md nid& : 4
&&&&&& md name : MD5
&&&&&& md pkey type : 8
&&&&&& md size : 16
&&&&&& md block size : 64
&&&&&& generate key value:
&&&&&& 54 0 b1 24 18 42 8d dd
&&&&&& generate iv value:
&&&&&& ba 7d c3 97 a0 c9 e0 70
#include &openssl/evp.h&
#include &openssl/rsa.h&
ret,inlen,outlen=0;
unsigned long e=RSA_3;
data[100],out[500];
EVP_MD_CTX
md_ctx,md_ctx2;
/* 待签名数据*/
strcpy(data,"openssl 编程作者:赵春平");
inlen=strlen(data);
/* 生成RSA密钥*/
bne=BN_new();
ret=BN_set_word(bne,e);
rkey=RSA_new();
ret=RSA_generate_key_ex(rkey,1024,bne,NULL);
if(ret!=1)
pkey=EVP_PKEY_new();
EVP_PKEY_assign_RSA(pkey,rkey);
/* 初始化*/
EVP_MD_CTX_init(&md_ctx);
ret=EVP_SignInit_ex(&md_ctx,EVP_md5(), NULL);
if(ret!=1) goto
ret=EVP_SignUpdate(&md_ctx,data,inlen);
if(ret!=1) goto
ret=EVP_SignFinal(&md_ctx,out,&outlen,pkey);
/* 验证签名*/
EVP_MD_CTX_init(&md_ctx2);
ret=EVP_VerifyInit_ex(&md_ctx2,EVP_md5(), NULL);
if(ret!=1) goto
ret=EVP_VerifyUpdate(&md_ctx2,data,inlen);
if(ret!=1) goto
ret=EVP_VerifyFinal(&md_ctx2,out,outlen,pkey);
if(ret==1)
printf("验证成功\n");
printf("验证错误\n");
RSA_free(rkey);
BN_free(bne);
#include &openssl/evp.h&
#include &openssl/rsa.h&
ret,ekl[2],npubk,inl,outl,total=0,total2=0;
unsigned long e=RSA_3;
*ek[2],iv[8],in[100],out[500],de[500];
EVP_CIPHER_CTX
EVP_CIPHER
*pubkey[2];
/* 生成RSA密钥*/
bne=BN_new();
ret=BN_set_word(bne,e);
rkey=RSA_new();
ret=RSA_generate_key_ex(rkey,1024,bne,NULL);
pubkey[0]=EVP_PKEY_new();
EVP_PKEY_assign_RSA(pubkey[0],rkey);
type=EVP_des_cbc();
EVP_CIPHER_CTX_init(&ctx);
ek[0]=malloc(500);
ek[1]=malloc(500);
ret=EVP_SealInit(&ctx,type,ek,ekl,iv,pubkey,1); /* 只有一个公钥*/
if(ret!=1) goto
strcpy(in,"openssl 编程");
inl=strlen(in);
ret=EVP_SealUpdate(&ctx,out,&outl,in,inl);
if(ret!=1) goto
ret=EVP_SealFinal(&ctx,out+outl,&outl);
if(ret!=1) goto
memset(de,0,500);
EVP_CIPHER_CTX_init(&ctx2);
ret=EVP_OpenInit(&ctx2,EVP_des_cbc(),ek[0],ekl[0],iv,pubkey[0]);
if(ret!=1) goto
ret=EVP_OpenUpdate(&ctx2,de,&outl,out,total);
ret=EVP_OpenFinal(&ctx2,de+outl,&outl);
de[total2]=0;
printf("%s\n",de);
free(ek[0]);
free(ek[1]);
EVP_PKEY_free(pubkey[0]);
BN_free(bne);
getchar();
[1] http://www.openssl.org/docs/crypto/evp.html#NAME
此条目发表在分类目录,贴了, , 标签。将加入收藏夹。
2014年四月
78910111213
1415161920CVE-漏洞详情 - SCAP中文社区
CVE&&通用漏洞与披露Common Vulnerabilities and Exposures
发布时间&: 21:59:01
修订时间&: 21:59:13
[原文]ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.
[CNNVD]CNNVD数据暂缺。
[机译]Google 翻译(企业版):
CVSS (基础分值)
[中等(MEDIUM)]
机密性影响:
[很可能造成信息泄露]
完整性影响:
[不会对系统完整性产生影响]
可用性影响:
[对系统可用性无影响]
攻击复杂度:
[漏洞利用存在一定的访问条件]
[攻击者不需要获取内网访问权或本地访问权]
[漏洞利用无需身份认证]
CWE (弱点类目)
CPE (受影响的平台与产品)
cpe:/a:oracle:exalogic_infrastructure:1.0cpe:/a:oracle:oss_support_tools:8.11.16.3.8cpe:/a:oracle:tuxedo:12.1.1.0cpe:/a:openssl:openssl:1.0.1OpenSSL Project OpenSSL 1.0.1cpe:/a:openssl:openssl:1.0.2cpe:/a:openssl:openssl:1.0.1aOpenSSL Project OpenSSL 1.0.1acpe:/a:openssl:openssl:1.0.1bOpenSSL Project OpenSSL 1.0.1bcpe:/a:openssl:openssl:1.0.1cOpenSSL Project OpenSSL 1.0.1ccpe:/a:openssl:openssl:1.0.1dOpenSSL Project OpenSSL 1.0.1dcpe:/a:openssl:openssl:1.0.1ecpe:/a:oracle:vm_virtualbox:5.0.16cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.53cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.54cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.55cpe:/a:openssl:openssl:1.0.1ncpe:/a:openssl:openssl:1.0.1ocpe:/a:openssl:openssl:1.0.1pcpe:/a:openssl:openssl:1.0.1qcpe:/a:openssl:openssl:1.0.2acpe:/a:openssl:openssl:1.0.2bcpe:/a:openssl:openssl:1.0.2ccpe:/a:openssl:openssl:1.0.2dcpe:/a:openssl:openssl:1.0.2ecpe:/a:openssl:openssl:1.0.1fcpe:/a:openssl:openssl:1.0.1gcpe:/a:openssl:openssl:1.0.2:beta3cpe:/a:openssl:openssl:1.0.1hcpe:/a:openssl:openssl:1.0.2:beta2cpe:/a:openssl:openssl:1.0.1icpe:/a:openssl:openssl:1.0.1:beta3OpenSSL Project OpenSSL 1.0.1 Beta3cpe:/a:openssl:openssl:1.0.2:beta1cpe:/a:openssl:openssl:1.0.1jcpe:/a:openssl:openssl:1.0.1:beta2OpenSSL Project OpenSSL 1.0.1 Beta2cpe:/a:oracle:exalogic_infrastructure:2.0cpe:/a:openssl:openssl:1.0.1kcpe:/a:openssl:openssl:1.0.1:beta1OpenSSL Project OpenSSL 1.0.1 Beta1cpe:/a:openssl:openssl:1.0.1lcpe:/a:openssl:openssl:1.0.1m
OVAL (用于检测的技术细节)
未找到相关OVAL定义
官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
其它链接及资源
(UNKNOWN) &CONFIRM &http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
(UNKNOWN) &FEDORA &FEDORA-d2ff
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(VENDOR_ADVISORY) &CONFIRM &http://www.openssl.org/news/secadv/.txt
(PATCH) &CONFIRM &/technetwork/security-advisory/cpuapr5753.html
(UNKNOWN) &CONFIRM &/technetwork/security-advisory/cpujul.html
(UNKNOWN) &CONFIRM &/technetwork/security-advisory/cpuoct.html
(UNKNOWN) &CONFIRM &/technetwork/topics/security/bulletinjan.html
(UNKNOWN) &CONFIRM &/technetwork/topics/security/linuxbulletinjan.html
(UNKNOWN) &CONFIRM &/technetwork/topics/security/ovmbulletinjul.html
(UNKNOWN) &BID &82237
(UNKNOWN) &BID &91787
(UNKNOWN) &SECTRACK &1034849
(UNKNOWN) &CONFIRM &https://git.openssl.org/?p=openssl.a=h=d81ac2bdccda7efad3cc7a87d6245
(UNKNOWN) &GENTOO &GLSA-
(UNKNOWN) &CERT-VN &VU#257823
漏洞信息 (F141101)
受影响的程序版本
关于SCAP中文社区
SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[。
CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在。}
base64解编码
依次调用EVP_DecodeInit(), EVP_DecodeUpdate(), EVP_DecodeFinal(),与md5和sha1类似,适用于数据量特别大时,分段解码,通过多次调用EVP_DecodeUpdate()实现。
调用int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);这两个函数都是一次性使用的,注意下返回值是解码后的结果长度,因此返回值大于等于0时,解编码成功。
bool base64Decode(const string& strSrc, string& strDest)
char* szBuffer = new char[strSrc.length()];
if (EVP_DecodeBlock((unsigned char*)szBuffer, (const unsigned char*)strSrc.c_str(), strSrc.length()) &= 0)
return false;
strDest = szB
delete[] szB
szBuffer = NULL;
参考知识库
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
访问:11349次
排名:千里之外
原创:27篇
(2)(2)(2)(2)(1)(1)(2)(2)(4)(9)OpenSSL BN_GF2m_mod_inv函数拒绝服务漏洞(CVE-)_Linux安全_Linux公社-Linux系统门户网站
你好,游客
OpenSSL BN_GF2m_mod_inv函数拒绝服务漏洞(CVE-)
来源:Linux社区&
作者:Linux
OpenSSL BN_GF2m_mod_inv函数拒绝服务漏洞(CVE-)
发布日期:更新日期:受影响系统:
OpenSSL Project OpenSSL & 1.0.2bOpenSSL Project OpenSSL & 1.0.1nOpenSSL Project OpenSSL & 1.0.0eOpenSSL Project OpenSSL & 0.9.8s
CVE(CAN) ID: OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。OpenSSL 0.9.8s、1.0.0e、1.0.1n、1.0.2b之前版本,crypto/bn/bn_gf2m.c内的函数BN_GF2m_mod_inv没有正确处理ECParameters结构,远程攻击者通过使用Elliptic Curve算法的会话,利用此漏洞可造成拒绝服务(无限循环)。&*来源:Joseph Birr-Pixton& & 链接:*&建议:
厂商补丁:OpenSSL Project---------------OpenSSL Project已经为此发布了一个安全公告(secadv_)以及相应补丁:secadv_:OpenSSL Security Advisory [11 Jun 2015]链接:
本文永久更新链接地址:
相关资讯 & & &
& (12/02/:52)
& (11/03/:54)
& (12/02/:42)
& (12/02/:05)
& (10/19/:16)
同意评论声明
发表
尊重网上道德,遵守中华人民共和国的各项有关法律法规
承担一切因您的行为而直接或间接导致的民事或刑事法律责任
本站管理人员有权保留或删除其管辖留言中的任意内容
本站有权在网站内转载或引用您的评论
参与本评论即表明您已经阅读并接受上述条款Openssl EVP(high-level cryptographic functions[1])Openssl/EVP
1base64BIO
4reliable BIO
&&&&& EVPcrypto/evp.h
struct evp_pkey_st
#ifndef OPENSSL_NO_RSA
struct rsa_st *
#ifndef OPENSSL_NO_DSA
struct dsa_st *
#ifndef OPENSSL_NO_DH
struct dh_st *
#ifndef OPENSSL_NO_EC
struct ec_key_st *
STACK_OF(X509_ATTRIBUTE) * /* [ 0 ] */
RSADSADHECCptrattributes
struct env_md_st
unsigned long
int (*init)(EVP_MD_CTX *ctx);
int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count);
int (*final)(EVP_MD_CTX *ctx,unsigned char *md);
int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from);
int (*cleanup)(EVP_MD_CTX *ctx);
int (*sign)(int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigret, unsigned int *siglen, void *key);
int (*verify)(int type, const unsigned char *m, unsigned int m_length,
const unsigned char *sigbuf, unsigned int siglen,
void *key);
int required_pkey_type[5];
int block_
int ctx_ /* how big does the ctx-&md_data need to be */
&&&&&&&&& typeNID
&&&&&&&&& pkey_typeNID
&&&&&&&&& md_size
&&&&&&&&& flags
&&&&&&&&& init
&&&&&&&&& update
&&&&&&&&& final
&&&&&&&&& copy
&&&&&&&&& cleanup
&&&&&&&&& signkey
&&&&&&&&& verifykey
&&&&&&&&& opensslcypto/evpm_Openssl
struct evp_cipher_st
int block_
unsigned long
int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl);
int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *);
int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *);
int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr);
void *app_
&&&&&&&&& nidnid
&&&&&&&&& block_size
&&&&&&&&& key_len
&&&&&&&&& iv_len
&&&&&&&&& flags
&&&&&&&&& initctxkeyivencctx
&&&&&&&&& do_cipher
&&&&&&&&& cleanup
&&&&&&&&& set_asn1_parameters
&&&&&&&&& get_asn1_parameters
&&&&&&&&& ctrl
&&&&&&&&& app_data
&&&&&&&&& opensslcypto/evpe_Openssl
struct evp_cipher_ctx_st
const EVP_CIPHER *
unsigned char
oiv[EVP_MAX_IV_LENGTH];
unsigned char
iv[EVP_MAX_IV_LENGTH];
unsigned char
buf[EVP_MAX_BLOCK_LENGTH];
/* 其他 */
unsigned char final[EVP_MAX_BLOCK_LENGTH];
&&&&&&&&& Updateblock_size
&&&&&&&&& cipher
&&&&&&&&& engine
&&&&&&&&& encrypt00
&&&&&&&&& buf buf_len
&&&&&&&&& oiv
&&&&&&&&&& finalFinal
evpcrypto/evp
c_allc.cc_alld.cc_all.cnames.copensslOpenSSL_add_all_digestsOpenSSL_add_all_ciphersOpenSSL_add_all_algorithms()EVP_add_digestEVP_add_cipher
bio_b64.cbio_enc.cbio_md.cbio_ok.cBIO_METHODbase64
digest.cEVP_MDm_xxx.c
evp_enc.cUpdateEVP_CIPHERe_xxx.ce_xxx.cblock_sizeevp_enc.ce_xxx.c
?EVP_CIPHER
?EVP_CIPHERinitiv
?do_cipherblock_size
p_p_enc.cp_dec.cp_lib.cp_sign.cp_verify.cp_seal.cp_open.c
p5_crpt2.cp5_crpt.cevp_pbe.c
1& EVP_md5
&&&&&& md5EVP_MD
2) & EVP_sha1
&&&&&& sha1EVP_MD
3) & EVP_sha256
&&&&&& sha256EVP_MD
4& EVP_DigestInit
&& & EVP_MD
5& EVP_DigestUpdateEVP_DigestInit_ex
&&&&&& Update
6& EVP_DigestFinalEVP_DigestFinal_ex
&&&&&& Final
7& EVP_Digest
对称加解密函数
1& EVP_CIPHER_CTX_init
2& EVP_CIPHER_CTX_cleanup
&&&&&& 3& EVP_des_ede3_ecb
&&&&&& &&&&&& EVP_CIPHER
&&&&&& 4)&&& EVP_EncryptInitEVP_EncryptInit_ex
initkeyivctx
&&&&&& 5& EVP_EncryptUpdate
&&&&&& &&&&&& do_cipher
&&&&&& 6& EVP_EncryptFinalEVP_EncryptFinal_ex
&&&&&& &&&&&& do_cipher
&&&&&& 7& EVP_DecryptInitEVP_DecryptInit_ex
&&&&&& &&&&&&
&&&&&& 8& EVP_DecryptUpdate
&&&&&& &&&&&& do_cipher
&&&&&& 9& EVP_DecryptFinalEVP_DecryptFinal_ex
&&&&&& &&&&&& do_cipher
&&&&&& 10EVP_BytesToKey
&&&&&& 11PKCS5_PBE_keyivgenPKCS5_v2_PBE_keyivgen
&&&&&& &&&&&& PKCS5
&&&&&& 12PKCS5_PBE_add
&&&&&& &&&&&& openssl
&&&&&& 13EVP_PBE_alg_add
&&&&&& &&&&&& PBE
非对称函数
1 EVP_PKEY_encrypt
2)&& EVP_PKEY_decrypt
3)&& EVP_PKEY_assign
4)&& EVP_PKEY_assign_RSA/ EVP_PKEY_set1_RSA
EVP_PKEYRSARSA
5)&& EVP_PKEY_get1_RSA
EVP_PKEYRSA
6)&& EVP_SignFinal
(EVP_PKEY)
7)&& EVP_VerifyFinal
(EVP_PKEY)
8)&& int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,const unsigned char *ek, int ekl, const unsigned char *iv,EVP_PKEY *priv)
&&&&&& 9)&&&
&&& 做解密运算。
10)& EVP_OpenFinal
11)&& int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
12)EVP_SealUpdate
&&& 做加密运算。
EVP_SealFinal
编解码函数
1)&& EVP_EncodeInit
2)&& EVP_EncodeUpdate
3)&& EVP_EncodeFinal
4)&& EVP_DecodeInit
5)&& EVP_DecodeUpdate
&&&&& &&&&&& 80BASE64
6)&& EVP_DecodeFinal
&&&&&& 7EVP_EncodeBlock
&&&&&& &&&&&& BASE64
8EVP_DecodeBlock
&&&&&& 1& EVP_add_cipher
&&&&&& 2& EVP_add_digest
3)&&& EVP_CIPHER_CTX_ctrl
4)&&& EVP_CIPHER_CTX_set_key_length
5)&&& EVP_CIPHER_CTX_set_padding
6)&&& EVP_CIPHER_get_asn1_iv
ivASN1_TYPE
7)&&& EVP_CIPHER_param_to_asn1
ASN1_TYPEset_asn1_parameters
8)&&& EVP_CIPHER_type
9& EVP_CipherInit/EVP_CipherInit_ex
(/)_exengingeEVP_EncryptInitEVP_DecryptInit
10)& EVP_CipherUpdate
/EVP_EncryptUpdateEVP_DecryptUpdate
11&&&&&& EVP_CipherFinal/EVP_CipherFinal_ex
(/)EVP_EncryptFinal_exEVP_DecryptFinal(_ex
12EVP_cleanup
13)& EVP_get_cipherbyname
(EVP_CIPHER)
14)& EVP_get_digestbyname
15)& EVP_get_pw_prompt
16int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
&&&&&& &&&& ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
PBE/EVP_CipherUpdateEVP_CipherFinal_excrypto/p12_decr.cPKCS12_pbe_crypt.
17)& EVP_PBE_cleanup
18EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
PKCS8_PRIV_KEY_INFO(x509.h)EVP_PKEY
19)& EVP_PKEY2PKCS8/EVP_PKEY2PKCS8_broken
EVP_PKEYPKCS8_PRIV_KEY_INFO
20)& EVP_PKEY_bits
21)& EVP_PKEY_cmp_parameters
22EVP_PKEY_copy_parameters
23EVP_PKEY_free
24)& EVP_PKEY_get1_DH/EVP_PKEY_set1_DH
/EVP_PKEYDH
25)& EVP_PKEY_get1_DSA/EVP_PKEY_set1_DSA
/EVP_PKEYDSA
26EVP_PKEY_get1_RSA/EVP_PKEY_set1_RSA
/EVP_PKEYRSA
27)& EVP_PKEY_missing_parameters
28)& EVP_PKEY_new
29)& EVP_PKEY_size
30)& EVP_PKEY_type
31int&& EVP_read_pw_string(char *buf,int length,const char *prompt,int verify)
buflengthbufpromptverify00
32)& EVP_set_pw_prompt
对称加密过程
&&&&&& &&&
1& EVP_EncryptInit
buf_len0buf
2& EVP_EncryptUpdate
ctxbufEVP_EncryptUpdatebuf_lenbuf_len0bufbuf_len0buf
&&&&&& 3& EVP_ EncryptFinal
EVP_EncryptUpdate
#include &string.h&
#include &openssl/evp.h&
ret,which=1;
EVP_CIPHER_CTX
const EVP_CIPHER
unsigned char
key[24],iv[8],in[100],out[108],de[100];
i,len,inl,outl,total=0;
for(i=0;i&24;i++)
memset(&key[i],i,1);
for(i=0;i&8;i++)
memset(&iv[i],i,1);
for(i=0;i&100;i++)
memset(&in[i],i,1);
EVP_CIPHER_CTX_init(&ctx);
printf("please select :\n");
printf("1: EVP_des_ede3_ofb\n");
printf("2: EVP_des_ede3_cbc\n");
scanf("%d",&which);
if(which==1)
cipher=EVP_des_ede3_ofb();
cipher=EVP_des_ede3_cbc();
ret=EVP_EncryptInit_ex(&ctx,cipher,NULL,key,iv);
if(ret!=1)
printf("EVP_EncryptInit_ex err1!\n");
return -1;
EVP_EncryptUpdate(&ctx,out+len,&outl,in,inl);
EVP_EncryptUpdate(&ctx,out+len,&outl,in+50,inl);
EVP_EncryptFinal_ex(&ctx,out+len,&outl);
printf("加密结果长度:%d\n",len);
/* 解密 */
EVP_CIPHER_CTX_cleanup(&ctx);
EVP_CIPHER_CTX_init(&ctx);
ret=EVP_DecryptInit_ex(&ctx,cipher,NULL,key,iv);
if(ret!=1)
printf("EVP_DecryptInit_ex err1!\n");
return -1;
EVP_DecryptUpdate(&ctx,de+total,&outl,out,44);
EVP_DecryptUpdate(&ctx,de+total,&outl,out+44,len-44);
ret=EVP_DecryptFinal_ex(&ctx,de+total,&outl);
if(ret!=1)
EVP_CIPHER_CTX_cleanup(&ctx);
printf("EVP_DecryptFinal_ex err\n");
return -1;
if((total!=100) || (memcmp(de,in,100)))
printf("err!\n");
return -1;
EVP_CIPHER_CTX_cleanup(&ctx);
printf("test ok!\n");
&&&&&& please select :
&&&&&& 1: EVP_des_ede3_ofb
&&&&&& 2: EVP_des_ede3_cbc
&&&&&& 100
&&&&&& test ok!
&&&&&& please select :
&&&&&& 1: EVP_des_ede3_ofb
&&&&&& 2: EVP_des_ede3_cbc
&&&&&& 104
&&&&&& test ok!
#include &string.h&
#include &openssl/evp.h&
cnid,ret,i,msize,
mpktype,cbsize,mnid,
const EVP_CIPHER
const EVP_MD
datal,count,keyl,
unsigned char
salt[20],data[100],*key,*
type=EVP_des_ecb();
cnid=EVP_CIPHER_nid(type);
cname=EVP_CIPHER_name(type);
cbsize=EVP_CIPHER_block_size(type);
printf("encrypto nid : %d\n",cnid);
printf("encrypto name: %s\n",cname);
printf("encrypto bock size : %d\n",cbsize);
md=EVP_md5();
mtype=EVP_MD_type(md);
mnid=EVP_MD_nid(md);
mname=EVP_MD_name(md);
mpktype=EVP_MD_pkey_type(md);
msize=EVP_MD_size(md);
mbsize=EVP_MD_block_size(md);
printf("md info : \n");
printf("md type
: %d\n",mtype);
printf("md nid
: %d\n",mnid);
printf("md name : %s\n",mname);
printf("md pkey type : %d\n",mpktype);
printf("md size : %d\n",msize);
printf("md block size : %d\n",mbsize);
keyl=EVP_CIPHER_key_length(type);
key=(unsigned char *)malloc(keyl);
ivl=EVP_CIPHER_iv_length(type);
iv=(unsigned char *)malloc(ivl);
for(i=0;i&100;i++)
memset(&data[i],i,1);
for(i=0;i&20;i++)
memset(&salt[i],i,1);
datal=100;
ret=EVP_BytesToKey(type,md,salt,data,datal,count,key,iv);
printf("generate key value: \n");
for(i=0;i&i++)
printf("%x ",*(key+i));
printf("\n");
printf("generate iv value: \n");
for(i=0;i&i++)
printf("%x ",*(iv+i));
printf("\n");
&&&&&& EVP_BytesToKeysaltdatakeyiv
&&&&&& encrypto nid : 29
&&&&&& encrypto name: DES-ECB
&&&&&& encrypto bock size : 8
&&&&&& md info :
&&&&&& md type& : 4
&&&&&& md nid& : 4
&&&&&& md name : MD5
&&&&&& md pkey type : 8
&&&&&& md size : 16
&&&&&& md block size : 64
&&&&&& generate key value:
&&&&&& 54 0 b1 24 18 42 8d dd
&&&&&& generate iv value:
&&&&&& ba 7d c3 97 a0 c9 e0 70
#include &openssl/evp.h&
#include &openssl/rsa.h&
ret,inlen,outlen=0;
unsigned long e=RSA_3;
data[100],out[500];
EVP_MD_CTX
md_ctx,md_ctx2;
/* 待签名数据*/
strcpy(data,"openssl 编程作者:赵春平");
inlen=strlen(data);
/* 生成RSA密钥*/
bne=BN_new();
ret=BN_set_word(bne,e);
rkey=RSA_new();
ret=RSA_generate_key_ex(rkey,1024,bne,NULL);
if(ret!=1)
pkey=EVP_PKEY_new();
EVP_PKEY_assign_RSA(pkey,rkey);
/* 初始化*/
EVP_MD_CTX_init(&md_ctx);
ret=EVP_SignInit_ex(&md_ctx,EVP_md5(), NULL);
if(ret!=1) goto
ret=EVP_SignUpdate(&md_ctx,data,inlen);
if(ret!=1) goto
ret=EVP_SignFinal(&md_ctx,out,&outlen,pkey);
/* 验证签名*/
EVP_MD_CTX_init(&md_ctx2);
ret=EVP_VerifyInit_ex(&md_ctx2,EVP_md5(), NULL);
if(ret!=1) goto
ret=EVP_VerifyUpdate(&md_ctx2,data,inlen);
if(ret!=1) goto
ret=EVP_VerifyFinal(&md_ctx2,out,outlen,pkey);
if(ret==1)
printf("验证成功\n");
printf("验证错误\n");
RSA_free(rkey);
BN_free(bne);
#include &openssl/evp.h&
#include &openssl/rsa.h&
ret,ekl[2],npubk,inl,outl,total=0,total2=0;
unsigned long e=RSA_3;
*ek[2],iv[8],in[100],out[500],de[500];
EVP_CIPHER_CTX
EVP_CIPHER
*pubkey[2];
/* 生成RSA密钥*/
bne=BN_new();
ret=BN_set_word(bne,e);
rkey=RSA_new();
ret=RSA_generate_key_ex(rkey,1024,bne,NULL);
pubkey[0]=EVP_PKEY_new();
EVP_PKEY_assign_RSA(pubkey[0],rkey);
type=EVP_des_cbc();
EVP_CIPHER_CTX_init(&ctx);
ek[0]=malloc(500);
ek[1]=malloc(500);
ret=EVP_SealInit(&ctx,type,ek,ekl,iv,pubkey,1); /* 只有一个公钥*/
if(ret!=1) goto
strcpy(in,"openssl 编程");
inl=strlen(in);
ret=EVP_SealUpdate(&ctx,out,&outl,in,inl);
if(ret!=1) goto
ret=EVP_SealFinal(&ctx,out+outl,&outl);
if(ret!=1) goto
memset(de,0,500);
EVP_CIPHER_CTX_init(&ctx2);
ret=EVP_OpenInit(&ctx2,EVP_des_cbc(),ek[0],ekl[0],iv,pubkey[0]);
if(ret!=1) goto
ret=EVP_OpenUpdate(&ctx2,de,&outl,out,total);
ret=EVP_OpenFinal(&ctx2,de+outl,&outl);
de[total2]=0;
printf("%s\n",de);
free(ek[0]);
free(ek[1]);
EVP_PKEY_free(pubkey[0]);
BN_free(bne);
getchar();
[1] http://www.openssl.org/docs/crypto/evp.html#NAME
此条目发表在分类目录,贴了, , 标签。将加入收藏夹。
2014年四月
78910111213
1415161920CVE-漏洞详情 - SCAP中文社区
CVE&&通用漏洞与披露Common Vulnerabilities and Exposures
发布时间&: 21:59:01
修订时间&: 21:59:13
[原文]ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.
[CNNVD]CNNVD数据暂缺。
[机译]Google 翻译(企业版):
CVSS (基础分值)
[中等(MEDIUM)]
机密性影响:
[很可能造成信息泄露]
完整性影响:
[不会对系统完整性产生影响]
可用性影响:
[对系统可用性无影响]
攻击复杂度:
[漏洞利用存在一定的访问条件]
[攻击者不需要获取内网访问权或本地访问权]
[漏洞利用无需身份认证]
CWE (弱点类目)
CPE (受影响的平台与产品)
cpe:/a:oracle:exalogic_infrastructure:1.0cpe:/a:oracle:oss_support_tools:8.11.16.3.8cpe:/a:oracle:tuxedo:12.1.1.0cpe:/a:openssl:openssl:1.0.1OpenSSL Project OpenSSL 1.0.1cpe:/a:openssl:openssl:1.0.2cpe:/a:openssl:openssl:1.0.1aOpenSSL Project OpenSSL 1.0.1acpe:/a:openssl:openssl:1.0.1bOpenSSL Project OpenSSL 1.0.1bcpe:/a:openssl:openssl:1.0.1cOpenSSL Project OpenSSL 1.0.1ccpe:/a:openssl:openssl:1.0.1dOpenSSL Project OpenSSL 1.0.1dcpe:/a:openssl:openssl:1.0.1ecpe:/a:oracle:vm_virtualbox:5.0.16cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.53cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.54cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.55cpe:/a:openssl:openssl:1.0.1ncpe:/a:openssl:openssl:1.0.1ocpe:/a:openssl:openssl:1.0.1pcpe:/a:openssl:openssl:1.0.1qcpe:/a:openssl:openssl:1.0.2acpe:/a:openssl:openssl:1.0.2bcpe:/a:openssl:openssl:1.0.2ccpe:/a:openssl:openssl:1.0.2dcpe:/a:openssl:openssl:1.0.2ecpe:/a:openssl:openssl:1.0.1fcpe:/a:openssl:openssl:1.0.1gcpe:/a:openssl:openssl:1.0.2:beta3cpe:/a:openssl:openssl:1.0.1hcpe:/a:openssl:openssl:1.0.2:beta2cpe:/a:openssl:openssl:1.0.1icpe:/a:openssl:openssl:1.0.1:beta3OpenSSL Project OpenSSL 1.0.1 Beta3cpe:/a:openssl:openssl:1.0.2:beta1cpe:/a:openssl:openssl:1.0.1jcpe:/a:openssl:openssl:1.0.1:beta2OpenSSL Project OpenSSL 1.0.1 Beta2cpe:/a:oracle:exalogic_infrastructure:2.0cpe:/a:openssl:openssl:1.0.1kcpe:/a:openssl:openssl:1.0.1:beta1OpenSSL Project OpenSSL 1.0.1 Beta1cpe:/a:openssl:openssl:1.0.1lcpe:/a:openssl:openssl:1.0.1m
OVAL (用于检测的技术细节)
未找到相关OVAL定义
官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
其它链接及资源
(UNKNOWN) &CONFIRM &http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
(UNKNOWN) &FEDORA &FEDORA-d2ff
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &SUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(UNKNOWN) &SUSE &openSUSE-SU-
(VENDOR_ADVISORY) &CONFIRM &http://www.openssl.org/news/secadv/.txt
(PATCH) &CONFIRM &/technetwork/security-advisory/cpuapr5753.html
(UNKNOWN) &CONFIRM &/technetwork/security-advisory/cpujul.html
(UNKNOWN) &CONFIRM &/technetwork/security-advisory/cpuoct.html
(UNKNOWN) &CONFIRM &/technetwork/topics/security/bulletinjan.html
(UNKNOWN) &CONFIRM &/technetwork/topics/security/linuxbulletinjan.html
(UNKNOWN) &CONFIRM &/technetwork/topics/security/ovmbulletinjul.html
(UNKNOWN) &BID &82237
(UNKNOWN) &BID &91787
(UNKNOWN) &SECTRACK &1034849
(UNKNOWN) &CONFIRM &https://git.openssl.org/?p=openssl.a=h=d81ac2bdccda7efad3cc7a87d6245
(UNKNOWN) &GENTOO &GLSA-
(UNKNOWN) &CERT-VN &VU#257823
漏洞信息 (F141101)
受影响的程序版本
关于SCAP中文社区
SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[。
CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在。}
我要回帖
更多关于 openssl aes128 evp 的文章
更多推荐
- ·晋城博润微创外晋城肛门专科医院哪家最好上厕所便秘会流血肛门裂开般痛苦难忍,怎么办?
- ·国美买的东西是正品吗淘物中国 这个是不是真的网址,求网友辨别
- ·刚刚在抖音上看了几个视频,对方取消关注你后还可以刷到你吗了几个人,但是明明已经对方取消关注你后还可以刷到你吗上了,返回去看又没对方取消关注你后还可以刷到你吗上?
- ·虎扑和毒的鉴定准确吗的评分准吗
- ·给感谢信妈妈100字左右的一封信
- ·ios10浏览器怎么ios拦截网页的浏览器广告
- ·求助,利用UDP发送一个类的对象,男人找不到对象的原因相关的方法
- ·请问目前cpu最大cpu功耗是什么意思(TDP)是多少
- ·什么交友软件可以约到好约妹子的社交软件
- ·苹果AIR用播放器看.mkv格式的蓝光原盘和mkv的差别的视频一卡一卡的,求解决
- ·搜狐社区为什么注册了,但是登录总是说用户不存在,还说停止运行,怎么回事?
- ·游戏陪玩都有那些网站
- ·微信切换手机号以后怎么找不到原来的自己了呢
- ·一次清空微信零钱明细解除了银行卡绑定红包零钱没了是怎么回事
- ·大家觉得罗技吧G310这货怎么样
- ·求助:捉妖记mp4下载格式百度云。注:我没钱
- ·用一维数组存放四个数(88.91.80.79),求平均值,要dos窗口的运行图片,求大神指教
- ·谁知道用专业音频测试软件年龄的软件吗?谢谢
- ·荣耀畅玩6X#畅玩5c全网通高配版版和尊享版有什么区别
- ·这俩狗机子和什么一起开哪个是猫俩狗机子和什么一起开还用连一起嘛?
- ·ubuntu openssl evp.h‘EVP_DecodeUpdate’函数整数溢出漏洞(CVE-2015-0292),这种系统漏洞怎么处理,
- ·足球胜负彩50014场16169期奖金是多少
- ·灌篮高手宫城良田田在SD中到底是什么水准的后卫
- ·如何使用腹肌发力走路图解
- ·我们周末也经常不运动会怎么样运动
- ·足球职位介绍主踢是什么职位
- ·如何训练用大脚插件跂内侧使力
- ·乒乓球拍粘胶皮视频胶皮的样式图文详解,谢谢
- ·房子背靠医院风水好吗游泳馆的门面风水怎样
- ·如果运球完毕,再运球会一龙踢飞犯规泰拳王吗
- ·有谁每天早上起来脚底板疼踩到地上时感觉脚底板疼的
- ·詹姆斯戴夫弗兰科下面好大弟弟
- ·健身房用力过猛会头痛时太用力,哪些脏器容易受伤
- ·去健身房月瘦20斤计划表能减肥吗?
