ID de Prueba:	1.3.6.1.4.1.25623.1.0.152251
Categoría:	Denial of Service
Título:	OpenSSL DoS Vulnerability (20240516) - Windows
Resumen:	OpenSSL is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: OpenSSL is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Checking excessively long DSA keys or parameters may be very slow. Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Vulnerability Impact: Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. Affected Software/OS: OpenSSL versions 3.0, 3.1, 3.2 and 3.3. Solution: Update to version 3.0.14, 3.1.6, 3.2.2, 3.3.1 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-4603 3.0.14 git commit https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397 3.1.6 git commit https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d 3.2.2 git commit https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740 3.3.1 git commit https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e OpenSSL Advisory https://www.openssl.org/news/secadv/20240516.txt http://www.openwall.com/lists/oss-security/2024/05/16/2
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.