CVE-2014-3512

Priority
Description
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation
in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of
service (application crash) or possibly have unspecified other impact via
an invalid SRP (1) g, (2) A, or (3) B parameter.
Assigned-to
mdeslaur
Package
Upstream:not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
More Information

Updated: 2019-03-19 12:14:47 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)