ID:3727 - Exploit for Input validation error in OpenSSL - CVE-2010-2939

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:3727 - Exploit for Input validation error in OpenSSL - CVE-2010-2939

ID:3727 - Exploit for Input validation error in OpenSSL - CVE-2010-2939

Published: August 4, 2020


Vulnerability identifier: #VU33336
Vulnerability risk: Medium
CVE-ID: CVE-2010-2939
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
OpenSSL

Link to public exploit:


Vulnerability description

The vulnerability allows context-dependent attackers to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime.


Remediation

Update to version 1.0.0b.