[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2006-3738

Date: (C)2006-09-28   (M)2017-10-12
 
CVSS Score: 10.0Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.

Reference:
SECTRACK-1016943
SECTRACK-1017522
SUNALERT-102668
SUNALERT-102711
2006-0054
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html
http://www.securityfocus.com/archive/1/archive/1/447318/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/447393/100/0/threaded
20061001-01-P
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
http://www.securityfocus.com/archive/1/archive/1/456546/100/200/threaded
http://www.securityfocus.com/archive/1/archive/1/470460/100/0/threaded
SUNALERT-201531
BID-20249
BID-22083
SECUNIA-22094
SECUNIA-22116
SECUNIA-22130
SECUNIA-22165
SECUNIA-22166
SECUNIA-22172
SECUNIA-22186
SECUNIA-22193
SECUNIA-22207
SECUNIA-22212
SECUNIA-22216
SECUNIA-22220
SECUNIA-22240
SECUNIA-22259
SECUNIA-22260
SECUNIA-22284
SECUNIA-22298
SECUNIA-22330
SECUNIA-22385
SECUNIA-22460
SECUNIA-22487
SECUNIA-22500
SECUNIA-22544
SECUNIA-22626
SECUNIA-22633
SECUNIA-22654
SECUNIA-22758
SECUNIA-22772
SECUNIA-22791
SECUNIA-22799
SECUNIA-23038
SECUNIA-23155
SECUNIA-23280
SECUNIA-23309
SECUNIA-23340
SECUNIA-23680
SECUNIA-23794
SECUNIA-23915
SECUNIA-24930
SECUNIA-24950
SECUNIA-25889
SECUNIA-26329
OSVDB-29262
SECUNIA-30124
SECUNIA-30161
SECUNIA-31492
ADV-2006-3820
ADV-2006-3860
ADV-2006-3869
ADV-2006-3902
ADV-2006-3936
ADV-2006-4036
ADV-2006-4264
ADV-2006-4314
ADV-2006-4401
ADV-2006-4417
ADV-2006-4443
ADV-2006-4750
ADV-2007-0343
ADV-2007-1401
ADV-2007-2315
ADV-2007-2783
APPLE-SA-2006-11-28
DSA-1185
DSA-1195
FreeBSD-SA-06:23
GLSA-200610-11
GLSA-200612-11
GLSA-200805-07
HPSBMA02250
HPSBOV02683
HPSBTU02207
HPSBUX02174
HPSBUX02186
MDKSA-2006:172
MDKSA-2006:177
MDKSA-2006:178
NetBSD-SA2008-007
OpenPKG-SA-2006.021
RHSA-2006:0695
RHSA-2008:0629
SSA:2006-272-01
SSRT061213
SSRT061239
SSRT061275
SSRT071299
SSRT071304
SSRT090208
SUSE-SA:2006:058
SUSE-SR:2006:024
TA06-333A
USN-353-1
VU#547300
http://openbsd.org/errata.html#openssl2
http://docs.info.apple.com/article.html?artnum=304829
http://issues.rpath.com/browse/RPL-613
http://kolab.org/security/kolab-vendor-notice-11.txt
http://openvpn.net/changelog.html
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
http://www.openssl.org/news/secadv_20060928.txt
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
http://www.serv-u.com/releasenotes/
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf
http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=498093&RenditionID=&poid=8881
openssl-sslgetsharedciphers-bo(29237)

CPE    16
cpe:/a:openssl:openssl:0.9.7j
cpe:/a:openssl:openssl:0.9.7k
cpe:/a:openssl:openssl:0.9.8a
cpe:/a:openssl:openssl:0.9.8b
...
CWE    1
CWE-119

© 2013 SecPod Technologies