[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250039

 
 

909

 
 

195882

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2002-0656Date: (C)2002-08-12   (M)2023-12-22


Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-5362
BID-5363
CA-2002-23
CLA-2002:513
CSSA-2002-033.0
CSSA-2002-033.1
FreeBSD-SA-02:33
MDKSA-2002:046
VU#102795
VU#258555
openssl-ssl2-masterkey-bo(9714)
openssl-ssl3-sessionid-bo(9716)

CPE    34
cpe:/a:openssl:openssl:0.9.1c
cpe:/a:oracle:corporate_time_outlook_connector:3.1
cpe:/a:oracle:corporate_time_outlook_connector:3.3
cpe:/a:openssl:openssl:0.9.5a
...

© SecPod Technologies