[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249982

 
 

909

 
 

195748

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2004-0081Date: (C)2004-11-23   (M)2023-12-22


OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECUNIA-11139
2004-0012
20040304-01-U
http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml
http://marc.info/?l=bugtraq&m=107955049331965&w=2
http://marc.info/?l=bugtraq&m=108403850228012&w=2
SUNALERT-57524
BID-9899
CLA-2004:834
DSA-465
ESA-20040317-003
FEDORA-2004-095
GLSA-200403-03
RHSA-2004:119
RHSA-2004:120
RHSA-2004:121
RHSA-2004:139
SCOSA-2004.10
TA04-078A
VU#465542
http://www.uniras.gov.uk/vuls/2004/224012/index.htm
openssl-tls-dos(15509)
oval:org.mitre.oval:def:11755
oval:org.mitre.oval:def:871
oval:org.mitre.oval:def:902

CPE    106
cpe:/h:sun:crypto_accelerator_4000:1.0
cpe:/o:apple:mac_os_x_server:10.3.3
cpe:/a:hp:wbem:a.02.00.01
cpe:/a:hp:wbem:a.02.00.00
...

© SecPod Technologies