CVE-2008-0226

Name of the Vulnerable Software and Affected Versions yaSSL versions 1.7.5 and earlier

Description The issue is related to multiple buffer overflows that can be exploited by remote attackers to execute arbitrary code. This can be achieved through the ProcessOldClientHello function in handshake.cpp or the input buffer& operator>> in yassl imp.cpp.

Recommendations For yaSSL versions 1.7.5 and earlier, consider updating to a version later than 1.7.5 to resolve the issue. As a temporary workaround, restrict access to the ProcessOldClientHello function and the input buffer& operator>> to minimize the risk of exploitation.