CVE-2015-1791


Severity : MEDIUM
Published : 2015-06-12
Modified : 2017-08-08
Base Score : 6.8
Details : Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier.
Product/Version : Pro 5.0  
Pro 4.x  
CGE 4.x  
Mobilinux 4.x  
Mobilinux 5.0.24  
MVL 5 Atom  
CGE 5.x  
Mobilinux 5.x  
Carrier Grade CGE 7.0  
Carrier Grade CGE 6.0  
 
 
 

CVE Vulnerabilities List CVE-2015

CVE-2015-0204 CVE-2015-0209 CVE-2015-0235 CVE-2015-0247
CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289
CVE-2015-0292 CVE-2015-0293 CVE-2015-1421 CVE-2015-1572
CVE-2015-1781 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790
CVE-2015-1791 CVE-2015-1792 CVE-2015-2922 CVE-2015-3195
CVE-2015-3339 CVE-2015-3405 CVE-2015-4000 CVE-2015-4022
CVE-2015-4024 CVE-2015-4047 CVE-2015-4643 CVE-2015-5312
CVE-2015-5477 CVE-2015-5600 CVE-2015-5722 CVE-2015-6563
CVE-2015-6564 CVE-2015-6565 CVE-2015-7497 CVE-2015-7498
CVE-2015-7499 CVE-2015-7500 CVE-2015-7691 CVE-2015-7692
CVE-2015-7701 CVE-2015-7702 CVE-2015-7704 CVE-2015-7852
CVE-2015-7941 CVE-2015-7942 CVE-2015-7981 CVE-2015-8126
CVE-2015-8158 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317
CVE-2015-8325 CVE-2015-8472 CVE-2015-8540 CVE-2015-8665
CVE-2015-8683 CVE-2015-8704 CVE-2015-8777 CVE-2015-8778
CVE-2015-8779 CVE-2015-8784