CVE-2014-3512

Priority
Description
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation
in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of
service (application crash) or possibly have unspecified other impact via
an invalid SRP (1) g, (2) A, or (3) B parameter.
Assigned-to
mdeslaur
Notes
Package
Upstream:not-affected
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected)
More Information

Updated: 2020-01-29 19:49:41 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)