CVE-2018-0732

HIGH Year: 2018
CVSS v3 Score
7.5
High
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-320
View all →

Vulnerability Description

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).

Related Vulnerabilities

CVE-2015-0153

HIGH
CVSS:7.5(High)

D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the wireless key.

CWE-3202015

CVE-2015-1316

HIGH
CVSS:7.5(High)

Juju Core's Joyent provider before version 1.25.5 uploads the user's private ssh key.

CWE-3202015

CVE-2015-7503

HIGH
CVSS:7.5(High)

Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5.2 allows remote attackers to recover the RSA private key.

CWE-3202015

CVE-2016-6879

HIGH
CVSS:7.5(High)

The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value.

CWE-3202016

CVE-2016-6886

HIGH
CVSS:7.5(High)

The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key's modulus for the secret ke...

CWE-3202016

CVE-2017-13887

HIGH
CVSS:7.5(High)

In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management.

CWE-3202017