CVE-2006-3738
EPSS 53.7%
Description
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.
How to fix CVE-2006-3738
To remediate CVE-2006-3738, upgrade the affected package to a fixed version below.
- Debian/openssl—upgrade to 0.9.8c-2 or later
Is CVE-2006-3738 being exploited?
Likely — EPSS is 53.7%, placing CVE-2006-3738 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (1)
- from 0, < 0.9.8c-2