CVE-2009-4355 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-4355 Interim 1 35 2023-07-05T01:42:28Z current 2021-05-30T12:49:33Z 2023-07-05T01:42:28Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-4355 Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html E-Mail link for SUSE-SA:2010:008 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Enterprise Storage 7.1 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Point of Service 11 SP3 SUSE Linux Enterprise Real Time 15 SP3 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP4 LTSS SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Server Business Critical Linux 15 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 compat-openssl098 libopenssl-devel libopenssl-devel-0.9.8j-0.70.1 libopenssl0_9_8 libopenssl0_9_8-0.9.8h-30.18.1 libopenssl0_9_8-0.9.8h-30.27.11 libopenssl0_9_8-0.9.8j-0.26.1 libopenssl0_9_8-0.9.8j-0.50.1 libopenssl0_9_8-0.9.8j-0.70.1 libopenssl0_9_8-0.9.8j-102.1 libopenssl0_9_8-0.9.8j-105.1 libopenssl0_9_8-0.9.8j-106.6.1 libopenssl0_9_8-0.9.8j-59.11 libopenssl0_9_8-0.9.8j-81.1 libopenssl0_9_8-32bit libopenssl0_9_8-32bit-0.9.8h-30.18.1 libopenssl0_9_8-32bit-0.9.8h-30.27.11 libopenssl0_9_8-32bit-0.9.8j-0.26.1 libopenssl0_9_8-32bit-0.9.8j-0.50.1 libopenssl0_9_8-32bit-0.9.8j-0.70.1 libopenssl0_9_8-32bit-0.9.8j-102.1 libopenssl0_9_8-32bit-0.9.8j-105.1 libopenssl0_9_8-32bit-0.9.8j-106.6.1 libopenssl0_9_8-32bit-0.9.8j-59.11 libopenssl0_9_8-32bit-0.9.8j-81.1 libopenssl0_9_8-hmac-0.9.8j-0.50.1 libopenssl0_9_8-hmac-0.9.8j-0.70.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.50.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.70.1 libopenssl0_9_8-x86-0.9.8h-30.18.1 libopenssl0_9_8-x86-0.9.8h-30.27.11 libopenssl0_9_8-x86-0.9.8j-0.26.1 libopenssl0_9_8-x86-0.9.8j-0.50.1 libopenssl0_9_8-x86-0.9.8j-0.70.1 openssl openssl-0.9.8h-30.18.1 openssl-0.9.8h-30.27.11 openssl-0.9.8j-0.26.1 openssl-0.9.8j-0.50.1 openssl-0.9.8j-0.70.1 openssl-doc-0.9.8h-30.18.1 openssl-doc-0.9.8h-30.27.11 openssl-doc-0.9.8j-0.26.1 openssl-doc-0.9.8j-0.50.1 openssl-doc-0.9.8j-0.70.1 libopenssl0_9_8-0.9.8j-59.11 as a component of SUSE Linux Enterprise Desktop 12 libopenssl0_9_8-32bit-0.9.8j-59.11 as a component of SUSE Linux Enterprise Desktop 12 libopenssl0_9_8-0.9.8j-81.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 libopenssl0_9_8-32bit-0.9.8j-81.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 libopenssl0_9_8-0.9.8j-102.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 libopenssl0_9_8-32bit-0.9.8j-102.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 libopenssl0_9_8-0.9.8j-105.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 libopenssl0_9_8-32bit-0.9.8j-105.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 libopenssl0_9_8-0.9.8j-106.6.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libopenssl0_9_8-32bit-0.9.8j-106.6.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libopenssl0_9_8-0.9.8j-59.11 as a component of SUSE Linux Enterprise Module for Legacy 12 libopenssl0_9_8-32bit-0.9.8j-59.11 as a component of SUSE Linux Enterprise Module for Legacy 12 libopenssl0_9_8-0.9.8h-30.18.1 as a component of SUSE Linux Enterprise Server 11 libopenssl0_9_8-32bit-0.9.8h-30.18.1 as a component of SUSE Linux Enterprise Server 11 libopenssl0_9_8-x86-0.9.8h-30.18.1 as a component of SUSE Linux Enterprise Server 11 openssl-0.9.8h-30.18.1 as a component of SUSE Linux Enterprise Server 11 openssl-doc-0.9.8h-30.18.1 as a component of SUSE Linux Enterprise Server 11 libopenssl0_9_8-0.9.8h-30.27.11 as a component of SUSE Linux Enterprise Server 11 SP1 libopenssl0_9_8-32bit-0.9.8h-30.27.11 as a component of SUSE Linux Enterprise Server 11 SP1 libopenssl0_9_8-x86-0.9.8h-30.27.11 as a component of SUSE Linux Enterprise Server 11 SP1 openssl-0.9.8h-30.27.11 as a component of SUSE Linux Enterprise Server 11 SP1 openssl-doc-0.9.8h-30.27.11 as a component of SUSE Linux Enterprise Server 11 SP1 libopenssl0_9_8-0.9.8j-0.26.1 as a component of SUSE Linux Enterprise Server 11 SP2 libopenssl0_9_8-32bit-0.9.8j-0.26.1 as a component of SUSE Linux Enterprise Server 11 SP2 libopenssl0_9_8-x86-0.9.8j-0.26.1 as a component of SUSE Linux Enterprise Server 11 SP2 openssl-0.9.8j-0.26.1 as a component of SUSE Linux Enterprise Server 11 SP2 openssl-doc-0.9.8j-0.26.1 as a component of SUSE Linux Enterprise Server 11 SP2 libopenssl0_9_8-0.9.8j-0.50.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-32bit-0.9.8j-0.50.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-hmac-0.9.8j-0.50.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-hmac-32bit-0.9.8j-0.50.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-x86-0.9.8j-0.50.1 as a component of SUSE Linux Enterprise Server 11 SP3 openssl-0.9.8j-0.50.1 as a component of SUSE Linux Enterprise Server 11 SP3 openssl-doc-0.9.8j-0.50.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-0.9.8j-0.70.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopenssl0_9_8-32bit-0.9.8j-0.70.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopenssl0_9_8-hmac-0.9.8j-0.70.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopenssl0_9_8-hmac-32bit-0.9.8j-0.70.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopenssl0_9_8-x86-0.9.8j-0.70.1 as a component of SUSE Linux Enterprise Server 11 SP4 openssl-0.9.8j-0.70.1 as a component of SUSE Linux Enterprise Server 11 SP4 openssl-doc-0.9.8j-0.70.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopenssl0_9_8-0.9.8h-30.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libopenssl0_9_8-32bit-0.9.8h-30.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libopenssl0_9_8-x86-0.9.8h-30.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 openssl-0.9.8h-30.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 openssl-doc-0.9.8h-30.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libopenssl-devel-0.9.8j-0.70.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libopenssl-devel as a component of SUSE Enterprise Storage 7.1 openssl as a component of SUSE Enterprise Storage 7.1 libopenssl-devel as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS openssl as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS libopenssl-devel as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS openssl as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS openssl as a component of SUSE Linux Enterprise Micro 5.3 openssl as a component of SUSE Linux Enterprise Micro 5.4 libopenssl-devel as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 openssl as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 libopenssl0_9_8 as a component of SUSE Linux Enterprise Module for Legacy 12 libopenssl0_9_8-32bit as a component of SUSE Linux Enterprise Module for Legacy 12 compat-openssl098 as a component of SUSE Linux Enterprise Module for Legacy 12 openssl as a component of SUSE Linux Enterprise Point of Service 11 SP3 libopenssl-devel as a component of SUSE Linux Enterprise Real Time 15 SP3 openssl as a component of SUSE Linux Enterprise Real Time 15 SP3 openssl as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata openssl as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata openssl as a component of SUSE Linux Enterprise Server 11 SP4 LTSS openssl as a component of SUSE Linux Enterprise Server Business Critical Linux 15 SP3 libopenssl0_9_8 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 compat-openssl098 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libopenssl0_9_8 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 compat-openssl098 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libopenssl0_9_8 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 compat-openssl098 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libopenssl-devel as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 openssl as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 libopenssl-devel as a component of SUSE Manager Proxy 4.2 openssl as a component of SUSE Manager Proxy 4.2 libopenssl-devel as a component of SUSE Manager Retail Branch Server 4.2 openssl as a component of SUSE Manager Retail Branch Server 4.2 libopenssl-devel as a component of SUSE Manager Server 4.2 openssl as a component of SUSE Manager Server 4.2 Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. CVE-2009-4355 SUSE Linux Enterprise Desktop 12:libopenssl0_9_8-0.9.8j-59.11 SUSE Linux Enterprise Desktop 12:libopenssl0_9_8-32bit-0.9.8j-59.11 SUSE Linux Enterprise Desktop 12 SP1:libopenssl0_9_8-0.9.8j-81.1 SUSE Linux Enterprise Desktop 12 SP1:libopenssl0_9_8-32bit-0.9.8j-81.1 SUSE Linux Enterprise Desktop 12 SP2:libopenssl0_9_8-0.9.8j-102.1 SUSE Linux Enterprise Desktop 12 SP2:libopenssl0_9_8-32bit-0.9.8j-102.1 SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-0.9.8j-105.1 SUSE Linux Enterprise Desktop 12 SP3:libopenssl0_9_8-32bit-0.9.8j-105.1 SUSE Linux Enterprise Desktop 12 SP4:libopenssl0_9_8-0.9.8j-106.6.1 SUSE Linux Enterprise Desktop 12 SP4:libopenssl0_9_8-32bit-0.9.8j-106.6.1 SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-0.9.8j-59.11 SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit-0.9.8j-59.11 SUSE Linux Enterprise Server 11:libopenssl0_9_8-0.9.8h-30.18.1 SUSE Linux Enterprise Server 11:libopenssl0_9_8-32bit-0.9.8h-30.18.1 SUSE Linux Enterprise Server 11:libopenssl0_9_8-x86-0.9.8h-30.18.1 SUSE Linux Enterprise Server 11:openssl-0.9.8h-30.18.1 SUSE Linux Enterprise Server 11:openssl-doc-0.9.8h-30.18.1 SUSE Linux Enterprise Server 11 SP1:libopenssl0_9_8-0.9.8h-30.27.11 SUSE Linux Enterprise Server 11 SP1:libopenssl0_9_8-32bit-0.9.8h-30.27.11 SUSE Linux Enterprise Server 11 SP1:libopenssl0_9_8-x86-0.9.8h-30.27.11 SUSE Linux Enterprise Server 11 SP1:openssl-0.9.8h-30.27.11 SUSE Linux Enterprise Server 11 SP1:openssl-doc-0.9.8h-30.27.11 SUSE Linux Enterprise Server 11 SP2:libopenssl0_9_8-0.9.8j-0.26.1 SUSE Linux Enterprise Server 11 SP2:libopenssl0_9_8-32bit-0.9.8j-0.26.1 SUSE Linux Enterprise Server 11 SP2:libopenssl0_9_8-x86-0.9.8j-0.26.1 SUSE Linux Enterprise Server 11 SP2:openssl-0.9.8j-0.26.1 SUSE Linux Enterprise Server 11 SP2:openssl-doc-0.9.8j-0.26.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.50.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.50.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.50.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.50.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.50.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.50.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.50.1 SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-0.9.8j-0.70.1 SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-32bit-0.9.8j-0.70.1 SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-0.9.8j-0.70.1 SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-hmac-32bit-0.9.8j-0.70.1 SUSE Linux Enterprise Server 11 SP4:libopenssl0_9_8-x86-0.9.8j-0.70.1 SUSE Linux Enterprise Server 11 SP4:openssl-0.9.8j-0.70.1 SUSE Linux Enterprise Server 11 SP4:openssl-doc-0.9.8j-0.70.1 SUSE Linux Enterprise Server for SAP Applications 11:libopenssl0_9_8-0.9.8h-30.18.1 SUSE Linux Enterprise Server for SAP Applications 11:libopenssl0_9_8-32bit-0.9.8h-30.18.1 SUSE Linux Enterprise Server for SAP Applications 11:libopenssl0_9_8-x86-0.9.8h-30.18.1 SUSE Linux Enterprise Server for SAP Applications 11:openssl-0.9.8h-30.18.1 SUSE Linux Enterprise Server for SAP Applications 11:openssl-doc-0.9.8h-30.18.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libopenssl-devel-0.9.8j-0.70.1 SUSE Enterprise Storage 7.1:libopenssl-devel SUSE Enterprise Storage 7.1:openssl SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:libopenssl-devel SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:openssl SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl-devel SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:openssl SUSE Linux Enterprise Micro 5.3:openssl SUSE Linux Enterprise Micro 5.4:openssl SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-devel SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl SUSE Linux Enterprise Module for Legacy 12:compat-openssl098 SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8 SUSE Linux Enterprise Module for Legacy 12:libopenssl0_9_8-32bit SUSE Linux Enterprise Point of Service 11 SP3:openssl SUSE Linux Enterprise Real Time 15 SP3:libopenssl-devel SUSE Linux Enterprise Real Time 15 SP3:openssl SUSE Linux Enterprise Server 11 SP1 for Teradata:openssl SUSE Linux Enterprise Server 11 SP3 for Teradata:openssl SUSE Linux Enterprise Server 11 SP4 LTSS:openssl SUSE Linux Enterprise Server Business Critical Linux 15 SP3:openssl SUSE Linux Enterprise Server for SAP Applications 12 SP3:compat-openssl098 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libopenssl0_9_8 SUSE Linux Enterprise Server for SAP Applications 12 SP4:compat-openssl098 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libopenssl0_9_8 SUSE Linux Enterprise Server for SAP Applications 12 SP5:compat-openssl098 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libopenssl0_9_8 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl-devel SUSE Linux Enterprise Server for SAP Applications 15 SP3:openssl SUSE Manager Proxy 4.2:libopenssl-devel SUSE Manager Proxy 4.2:openssl SUSE Manager Retail Branch Server 4.2:libopenssl-devel SUSE Manager Retail Branch Server 4.2:openssl SUSE Manager Server 4.2:libopenssl-devel SUSE Manager Server 4.2:openssl moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P