{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T05:17:24.172","vulnerabilities":[{"cve":{"id":"CVE-2008-0891","sourceIdentifier":"secalert@redhat.com","published":"2008-05-29T16:32:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet.  NOTE: some of these details are obtained from third party information."},{"lang":"es","value":"Vulnerabilidad de doble liberación en OpenSSL 0.9.8f y 0.9.8g, cuando las extensiones de nombre de servidor TLS están habilitadas, permite a atacantes remotos provocar una denegación de servicio (caída) a través de un paquete manipulado. NOTA: Algunos de estos detalles se han obtenido de fuentes de terceros."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-189"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","matchCriteriaId":"2BB38AEA-BAF0-4920-9A71-747C24444770"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","matchCriteriaId":"1F33EA2B-DE15-4695-A383-7A337AC38908"}]}]}],"references":[{"url":"http://cert.fi/haavoittuvuudet/2008/advisory-openssl.html","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/30405","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/30460","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/30825","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/30852","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/30868","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/31228","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/31288","source":"secalert@redhat.com"},{"url":"http://security.gentoo.org/glsa/glsa-200806-08.xml","source":"secalert@redhat.com"},{"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.562004","source":"secalert@redhat.com"},{"url":"http://sourceforge.net/project/shownotes.php?release_id=615606","source":"secalert@redhat.com"},{"url":"http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=738400","source":"secalert@redhat.com"},{"url":"http://www.kb.cert.org/vuls/id/661475","source":"secalert@redhat.com","tags":["US Government Resource"]},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:107","source":"secalert@redhat.com"},{"url":"http://www.openssl.org/news/secadv_20080528.txt","source":"secalert@redhat.com"},{"url":"http://www.securityfocus.com/bid/29405","source":"secalert@redhat.com","tags":["Patch"]},{"url":"http://www.securitytracker.com/id?1020121","source":"secalert@redhat.com"},{"url":"http://www.ubuntu.com/usn/usn-620-1","source":"secalert@redhat.com"},{"url":"http://www.vupen.com/english/advisories/2008/1680","source":"secalert@redhat.com"},{"url":"http://www.vupen.com/english/advisories/2008/1937/references","source":"secalert@redhat.com"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42666","source":"secalert@redhat.com"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01029.html","source":"secalert@redhat.com"},{"url":"http://cert.fi/haavoittuvuudet/2008/advisory-openssl.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/30405","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/30460","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/30825","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/30852","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/30868","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/31228","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/31288","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://security.gentoo.org/glsa/glsa-200806-08.xml","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.562004","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://sourceforge.net/project/shownotes.php?release_id=615606","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=738400","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.kb.cert.org/vuls/id/661475","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:107","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openssl.org/news/secadv_20080528.txt","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/29405","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://www.securitytracker.com/id?1020121","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.ubuntu.com/usn/usn-620-1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2008/1680","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2008/1937/references","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42666","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01029.html","source":"af854a3a-2127-422b-91ae-364da2661108"}],"vendorComments":[{"organization":"Red Hat","comment":"Not vulnerable. This issue did not affect the versions of OpenSSL as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.","lastModified":"2008-05-30T00:00:00"}]}}]}