ID CVE-2003-0851
Summary OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.
References
Vulnerable Configurations
  • Cisco IOS 12.1 (11)E
    cpe:2.3:o:cisco:ios:12.1%2811%29e
  • Cisco IOS 12.1 (11b)E
    cpe:2.3:o:cisco:ios:12.1%2811b%29e
  • Cisco IOS 12.2SX
    cpe:2.3:o:cisco:ios:12.2sx
  • Cisco IOS 12.2SY
    cpe:2.3:o:cisco:ios:12.2sy
  • cpe:2.3:a:cisco:css11000_content_services_switch
    cpe:2.3:a:cisco:css11000_content_services_switch
  • cpe:2.3:a:cisco:pix_firewall:6.2.2_.111
    cpe:2.3:a:cisco:pix_firewall:6.2.2_.111
  • OpenSSL Project OpenSSL 0.9.6
    cpe:2.3:a:openssl:openssl:0.9.6
  • OpenSSL Project OpenSSL 0.9.6a
    cpe:2.3:a:openssl:openssl:0.9.6a
  • OpenSSL Project OpenSSL 0.9.6b
    cpe:2.3:a:openssl:openssl:0.9.6b
  • OpenSSL Project OpenSSL 0.9.6c
    cpe:2.3:a:openssl:openssl:0.9.6c
  • OpenSSL Project OpenSSL 0.9.6d
    cpe:2.3:a:openssl:openssl:0.9.6d
  • OpenSSL Project OpenSSL 0.9.6e
    cpe:2.3:a:openssl:openssl:0.9.6e
  • OpenSSL Project OpenSSL 0.9.6f
    cpe:2.3:a:openssl:openssl:0.9.6f
  • OpenSSL Project OpenSSL 0.9.6g
    cpe:2.3:a:openssl:openssl:0.9.6g
  • OpenSSL Project OpenSSL 0.9.6h
    cpe:2.3:a:openssl:openssl:0.9.6h
  • OpenSSL Project OpenSSL 0.9.6i
    cpe:2.3:a:openssl:openssl:0.9.6i
  • OpenSSL Project OpenSSL 0.9.6j
    cpe:2.3:a:openssl:openssl:0.9.6j
  • OpenSSL Project OpenSSL 0.9.6k
    cpe:2.3:a:openssl:openssl:0.9.6k
  • OpenSSL Project OpenSSL 0.9.7
    cpe:2.3:a:openssl:openssl:0.9.7
  • OpenSSL Project OpenSSL 0.9.7a
    cpe:2.3:a:openssl:openssl:0.9.7a
  • OpenSSL Project OpenSSL 0.9.7b
    cpe:2.3:a:openssl:openssl:0.9.7b
  • Cisco PIX Firewall Software 6.0
    cpe:2.3:o:cisco:pix_firewall_software:6.0
  • Cisco PIX Firewall Software 6.0(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%281%29
  • Cisco PIX Firewall Software 6.0(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%282%29
  • Cisco PIX Firewall Software 6.0(3)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%283%29
  • Cisco PIX Firewall Software 6.0(4)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%284%29
  • Cisco PIX Firewall Software 6.0(4.101)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%284.101%29
  • Cisco PIX Firewall Software 6.1
    cpe:2.3:o:cisco:pix_firewall_software:6.1
  • Cisco PIX Firewall Software 6.1(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%281%29
  • Cisco PIX Firewall Software 6.1(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%282%29
  • Cisco PIX Firewall Software 6.1(3)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%283%29
  • Cisco PIX Firewall Software 6.1(4)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%284%29
  • Cisco PIX Firewall Software 6.1(5)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%285%29
  • Cisco PIX Firewall Software 6.2
    cpe:2.3:o:cisco:pix_firewall_software:6.2
  • Cisco PIX Firewall Software 6.2(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%281%29
  • Cisco PIX Firewall Software 6.2(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%282%29
  • Cisco PIX Firewall Software 6.2(3)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%283%29
  • Cisco PIX Firewall Software 6.3(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.3%281%29
  • Cisco PIX Firewall Software 6.3(3.102)
    cpe:2.3:o:cisco:pix_firewall_software:6.3%283.102%29
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Web Servers
    NASL id OPENSSL_0_9_6L.NASL
    description According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.6l. A remote attacker can trigger a denial of service by using an invalid client certificate.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 17749
    published 2012-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17749
    title OpenSSL < 0.9.6l Denial of Service
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD20031219.NASL
    description The remote host is missing Security Update 2003-12-19. This security update includes the following components : - AFP Server - cd9600.util - Directory Services - fetchmail - fs_usage - rsync - System Initialization For MacOS X 10.3, it also includes : - ASN.1 Decoding for PKI This update contains various fixes which may allow an attacker to execute arbitrary code on the remote host.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 12516
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12516
    title Mac OS X Multiple Vulnerabilities (Security Update 2003-12-19)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2005-1042.NASL
    description CVE-2004-0079, a remote crasher, was originally believed to only affect versions of OpenSSL after 0.9.6b verified with Codenomicon test suite (see pkt539.c). However we've had a customer report that this affects 0.9.6b via a different reproducer. This therefore affects the openssl096b compat packages as shipped with FC-3. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20114
    published 2005-11-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20114
    title Fedora Core 3 : openssl096b-0.9.6b-21.42 (2005-1042)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-119.NASL
    description Updated OpenSSL packages that fix a remote denial of service vulnerability are now available for Red Hat Enterprise Linux 2.1. OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a bug in older versions of OpenSSL 0.9.6 prior to 0.9.6d that can lead to a denial of service attack (infinite loop). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0081 to this issue. Testing performed by Novell using a test suite provided by NISCC uncovered an issue in the ASN.1 parser in versions of OpenSSL 0.9.6 prior to 0.9.6l which could cause large recursion and possibly lead to a denial of service attack if used where stack space is limited. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0851 to this issue. These updated packages contain patches provided by the OpenSSL group that protect against these issues. NOTE: Because server applications are affected by this issue, users are advised to either restart all services using OpenSSL functionality or restart their system after installing these updated packages.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12479
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12479
    title RHEL 2.1 : openssl (RHSA-2004:119)
oval via4
accepted 2008-09-08T04:00:26.119-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.
family ios
id oval:org.mitre.oval:def:5528
status accepted
submitted 2008-05-02T11:06:36.000-04:00
title OpenSSL 0.9.6k ASN.1 DoS Vulnerability
version 4
redhat via4
advisories
rhsa
id RHSA-2004:119
refmap via4
bid 8970
bugtraq
  • 20031104 [OpenSSL Advisory] Denial of Service in ASN.1 parsing
  • 20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability
cert-vn VU#412478
cisco 20030930 SSL Implementation Vulnerabilities
confirm http://www.openssl.org/news/secadv_20031104.txt
engarde ESA-20031104-029
fedora FEDORA-2005-1042
netbsd NetBSD-SA2004-003
secunia 17381
sgi 20040304-01-U
Last major update 17-10-2016 - 22:38
Published 01-12-2003 - 00:00
Last modified 30-10-2018 - 12:26
Back to Top