[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247621

 
 

909

 
 

194512

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-4343Date: (C)2006-09-28   (M)2023-12-22


The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1016943
SECTRACK-1017522
SUNALERT-102668
SUNALERT-102711
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html
http://www.securityfocus.com/archive/1/447318/100/0/threaded
http://www.securityfocus.com/archive/1/447393/100/0/threaded
20061001-01-P
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
http://www.securityfocus.com/archive/1/456546/100/200/threaded
http://www.securityfocus.com/archive/1/489739/100/0/threaded
SUNALERT-201531
BID-20246
BID-22083
SECUNIA-22094
SECUNIA-22116
SECUNIA-22130
SECUNIA-22165
SECUNIA-22166
SECUNIA-22172
SECUNIA-22186
SECUNIA-22193
SECUNIA-22207
SECUNIA-22212
SECUNIA-22216
SECUNIA-22220
SECUNIA-22240
SECUNIA-22259
SECUNIA-22260
SECUNIA-22284
SECUNIA-22298
SECUNIA-22330
SECUNIA-22385
SECUNIA-22460
SECUNIA-22487
SECUNIA-22500
SECUNIA-22544
SECUNIA-22626
SECUNIA-22758
SECUNIA-22772
SECUNIA-22791
SECUNIA-22799
SECUNIA-23038
SECUNIA-23155
SECUNIA-23280
SECUNIA-23309
SECUNIA-23340
SECUNIA-23680
SECUNIA-23794
SECUNIA-23915
SECUNIA-24950
SECUNIA-25420
SECUNIA-25889
SECUNIA-26329
BID-28276
OSVDB-29263
SECUNIA-30124
SECUNIA-31492
EXPLOIT-DB-4773
ADV-2006-3820
ADV-2006-3860
ADV-2006-3869
ADV-2006-3902
ADV-2006-3936
ADV-2006-4036
ADV-2006-4264
ADV-2006-4401
ADV-2006-4417
ADV-2006-4443
ADV-2006-4750
ADV-2007-0343
ADV-2007-1401
ADV-2007-1973
ADV-2007-2783
ADV-2008-0905
APPLE-SA-2006-11-28
DSA-1185
DSA-1195
FreeBSD-SA-06:23.openssl
GLSA-200610-11
GLSA-200612-11
HPSBMA02250
HPSBOV02683
HPSBTU02207
HPSBUX02174
HPSBUX02186
MDKSA-2006:172
MDKSA-2006:177
MDKSA-2006:178
NetBSD-SA2008-007
OpenPKG-SA-2006.021
RHSA-2006:0695
RHSA-2008:0629
SSA:2006-272-01
SSRT061213
SSRT061239
SSRT061275
SSRT071299
SSRT071304
SSRT090208
SUSE-SA:2006:058
SUSE-SR:2006:024
TA06-333A
USN-353-1
VU#386964
http://openbsd.org/errata.html#openssl2
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
http://docs.info.apple.com/article.html?artnum=304829
http://issues.rpath.com/browse/RPL-613
http://kolab.org/security/kolab-vendor-notice-11.txt
http://openvpn.net/changelog.html
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
http://www.ingate.com/relnote-452.php
http://www.openssl.org/news/secadv_20060928.txt
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
http://www.serv-u.com/releasenotes/
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
http://www.vmware.com/support/player/doc/releasenotes_player.html
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://www.vmware.com/support/server/doc/releasenotes_server.html
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf
openssl-sslv2-client-dos(29240)

CPE    20
cpe:/a:openssl:openssl:0.9.7f
cpe:/a:openssl:openssl:0.9.7g
cpe:/a:openssl:openssl:0.9.7h
cpe:/a:openssl:openssl:0.9.7i
...
CWE    1
CWE-476

© SecPod Technologies