CVE-2008-7128

Name of the Vulnerable Software and Affected Versions XySSL versions prior to 0.9

Description The issue concerns the ssl parse client key exchange function, which does not protect against certain Bleichenbacher attacks using chosen ciphertext. This allows remote attackers to recover keys via unspecified vectors.

Recommendations For versions prior to 0.9, update to version 0.9 or later to resolve the issue.