CVE-2007-5135

NameCVE-2007-5135
DescriptionOff-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1379-1
NVD severitymedium (attack range: remote)
Debian Bugs444435

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
openssl (PTS)wheezy1.0.1e-2+deb7u20fixed
wheezy (security)1.0.1t-1+deb7u3fixed
jessie (security), jessie1.0.1t-1+deb8u7fixed
stretch (security), stretch1.1.0f-3+deb9u1fixed
buster, sid1.1.0g-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
opensslsource(unstable)0.9.8e-9low444435
opensslsourceetch0.9.8c-4etch1mediumDSA-1379-1
opensslsourcesarge0.9.7e-3sarge5medium
openssl096sourcesarge0.9.6m-1sarge5mediumDSA-1379-1
openssl097sourceetch0.9.7k-3.1etch1mediumDSA-1379-1

Search for package or bug name: Reporting problems