CVE-2006-3738— OpenSSL 'SSL_get_shared_ciphers()'函数缓冲区错误漏洞

EPSS 53.74% · P98 更新日 2026-02-27

新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2006-3738の基本情報

脆弱性情報

脆弱性についてご質問がありますか？Shenlongの分析が参考になるかご確認ください！

Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル

N/A

ソース: NVD (National Vulnerability Database)

脆弱性説明

Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.

ソース: NVD (National Vulnerability Database)

CVSS情報

N/A

ソース: NVD (National Vulnerability Database)

脆弱性タイプ

N/A

ソース: NVD (National Vulnerability Database)

脆弱性タイトル

OpenSSL 'SSL_get_shared_ciphers()'函数缓冲区错误漏洞

ソース: CNNVD (China National Vulnerability Database)

脆弱性説明

OpenSSL是OpenSSL团队开发的一个开源的能够实现安全套接层（SSL v2/v3）和安全传输层（TLS v1）协议的通用加密库，它支持多种加密算法，包括对称密码、哈希算法、安全散列算法等。 OpenSSL的SSL_get_shared_ciphers()函数在处理共享密码列表的长度时存在缓冲区溢出漏洞，远程攻击者可以向使用这个函数的应用程序发送密码列表来触发这个漏洞，导致执行任意代码。

ソース: CNNVD (China National Vulnerability Database)

CVSS情報

N/A

ソース: CNNVD (China National Vulnerability Database)

脆弱性タイプ

N/A

ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダー	プロダクト	影響を受けるバージョン	CPE	購読
-	n/a	n/a	-

II. CVE-2006-3738の公開POC

#	POC説明	ソースリンク	Shenlongリンク

AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2006-3738のインテリジェンス情報

お願いしますログインより多くのインテリジェンス情報を見る

http://www.openssl.org/news/secadv_20060928.txtx_refsource_CONFIRM
http://kolab.org/security/kolab-vendor-notice-11.txtx_refsource_CONFIRM
http://issues.rpath.com/browse/RPL-613x_refsource_CONFIRM
http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=498093&RenditionID=&poid=8881x_refsource_CONFIRM
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.htmlx_refsource_CONFIRM
http://openvpn.net/changelog.htmlx_refsource_CONFIRM
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.htmlx_refsource_CONFIRM
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htmx_refsource_CONFIRM
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.htmlx_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.htmlx_refsource_CONFIRM
http://docs.info.apple.com/article.html?artnum=304829x_refsource_CONFIRM
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.htmlx_refsource_CONFIRM
http://www.serv-u.com/releasenotes/x_refsource_CONFIRM
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227x_refsource_CONFIRM
http://support.avaya.com/elmodocs2/security/ASA-2006-220.htmx_refsource_CONFIRM
http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdfx_refsource_CONFIRM
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.htmlx_refsource_CONFIRM
http://secunia.com/advisories/22772third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23340third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/20249vdb-entryx_refsource_BID
http://secunia.com/advisories/23915third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22240third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22172third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22799third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22298third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/24930third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22094third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22193third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/25889third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/24950third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22259third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/29262vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/23680third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22487third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22220third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/22083vdb-entryx_refsource_BID
http://secunia.com/advisories/23155third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22544third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22791third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/26329third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22186third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22212third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30161third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23794third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23280third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22284third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23309third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22166third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22260third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22130third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31492third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22116third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22165third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22385third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23038third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30124third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22207third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22216third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22626third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22758third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22654third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22633third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/22330third-party-advisoryx_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1vendor-advisoryx_refsource_SUNALERT
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1vendor-advisoryx_refsource_SUNALERT
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1vendor-advisoryx_refsource_SUNALERT
http://securitytracker.com/id?1016943vdb-entryx_refsource_SECTRACK
http://securitytracker.com/id?1017522vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2006/dsa-1185vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2006/dsa-1195vendor-advisoryx_refsource_DEBIAN
http://www.trustix.org/errata/2006/0054vendor-advisoryx_refsource_TRUSTIX
http://www.us-cert.gov/cas/techalerts/TA06-333A.htmlthird-party-advisoryx_refsource_CERT
http://www.ubuntu.com/usn/usn-353-1vendor-advisoryx_refsource_UBUNTU
http://www.kb.cert.org/vuls/id/547300third-party-advisoryx_refsource_CERT-VN
'[security bulletin] HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Ap' - MARCvendor-advisoryx_refsource_HP
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144vendor-advisoryx_refsource_HP
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540vendor-advisoryx_refsource_HP
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100vendor-advisoryx_refsource_HP
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771vendor-advisoryx_refsource_HP
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.ascvendor-advisoryx_refsource_SGI
http://www.vupen.com/english/advisories/2006/4314vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/3820vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/4417vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/4750vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/2315vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/4443vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/3860vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/4036vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/0343vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/1401vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/4401vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/4264vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/2783vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/3869vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/3902vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/3936vdb-entryx_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2006-0695.htmlvendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177vendor-advisoryx_refsource_MANDRIVA
http://security.gentoo.org/glsa/glsa-200610-11.xmlvendor-advisoryx_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178vendor-advisoryx_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2008-0629.htmlvendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:172vendor-advisoryx_refsource_MANDRIVA
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xmlvendor-advisoryx_refsource_GENTOO
http://www.gentoo.org/security/en/glsa/glsa-200612-11.xmlvendor-advisoryx_refsource_GENTOO
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946vendor-advisoryx_refsource_SLACKWARE
http://www.novell.com/linux/security/advisories/2006_24_sr.htmlvendor-advisoryx_refsource_SUSE
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.ascvendor-advisoryx_refsource_NETBSD
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.htmlvendor-advisoryx_refsource_OPENPKG
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.htmlvendor-advisoryx_refsource_APPLE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4256vdb-entrysignaturex_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9370vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/archive/1/470460/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/29237vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/456546/100/200/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/447393/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/447318/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://openbsd.org/errata.html#openssl2vendor-advisoryx_refsource_OPENBSD
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.htmlvendor-advisoryx_refsource_CISCO
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtmlvendor-advisoryx_refsource_CISCO
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.htmlmailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2006-3738

Same Patch Batch · n/a · 2006-09-28 · 23 CVEs total

CVE-2006-5061		Advanced-Clan-Script 'mcf.php' PHP远程文件包含漏洞
CVE-2006-5071		eyeOS 多个跨站脚本攻击漏洞
CVE-2006-5070		faceStones Personal 'fsl2/objects/fs_form_links.php'PHP远程文件包含漏洞
CVE-2006-5069		Typo3 'class.tx_indexedsearch.php' 跨站脚本攻击漏洞
CVE-2006-5068		Brudaswen BrudaNews和BrudaGB 'admin/index.php'PHP远程文件包含漏洞
CVE-2006-5067		PHP System Administration Toolkit 'loader.php'任意PHP代码执行漏洞
CVE-2006-5066		DanPHPSupport 多个跨站脚本攻击漏洞
CVE-2006-5065		ZoomStats 'libs/dbmax/mysql.php'PHP远程文件包含漏洞
CVE-2006-5064		BirdBlog 多个跨站脚本攻击漏洞
CVE-2006-5063		Elog 跨站脚本攻击漏洞
CVE-2006-5062		PBLang (PBL) 'templates/pb/language/lang_nl.php'PHP远程文件包含漏洞
CVE-2006-2937		OpenSSL 拒绝服务漏洞
CVE-2006-5060		Jamroom 'login.php' 跨站脚本攻击漏洞
CVE-2006-5059		WWWthreads 多个跨站脚本攻击漏洞
CVE-2006-5058		Call of Duty 缓冲区溢出漏洞
CVE-2006-5057		Ktools.net PhotoStore 多个跨站脚本攻击漏洞
CVE-2006-5056		Opial Audio/Video Download Management 'index.php'跨站脚本攻击漏洞
CVE-2006-5055		syntaxCMS'admin/testing/tests/0004_init_urls.php'PHP远程文件包含漏洞
CVE-2006-5054		iyzi Forum 'uye/uye_ayrinti.asp' SQL注入漏洞
CVE-2006-5053		Web-News 'webnews/template.php' PHP远程文件包含漏洞

Showing 20 of 23 CVEs. View all on vendor page →

IV. 関連脆弱性

同じ製品: n/a

同じベンダー: n/a

V. CVE-2006-3738へのコメント

まだコメントはありません

目標達成すべての支援者に感謝 — 100%達成しました！

CVE-2006-3738— OpenSSL 'SSL_get_shared_ciphers()'函数缓冲区错误漏洞

I. CVE-2006-3738の基本情報

脆弱性情報

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

影響を受ける製品

II. CVE-2006-3738の公開POC

III. CVE-2006-3738のインテリジェンス情報

Same Patch Batch · n/a · 2006-09-28 · 23 CVEs total

IV. 関連脆弱性

V. CVE-2006-3738へのコメント

コメントを残す

目標達成 すべての支援者に感謝 — 100%達成しました！

CVE-2006-3738— OpenSSL 'SSL_get_shared_ciphers()'函数缓冲区错误漏洞

I. CVE-2006-3738の基本情報

脆弱性情報

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

影響を受ける製品

II. CVE-2006-3738の公開POC

III. CVE-2006-3738のインテリジェンス情報

Same Patch Batch · n/a · 2006-09-28 · 23 CVEs total

IV. 関連脆弱性

V. CVE-2006-3738へのコメント

コメントを残す

目標達成すべての支援者に感謝 — 100%達成しました！