ID CVE-2004-0081
Summary OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
References
Vulnerable Configurations
  • Cisco Firewall Services Module
    cpe:2.3:h:cisco:firewall_services_module
  • Cisco Firewall Services Module 1.1.2
    cpe:2.3:h:cisco:firewall_services_module:1.1.2
  • Cisco Firewall Services Module 1.1.3
    cpe:2.3:h:cisco:firewall_services_module:1.1.3
  • Cisco Firewall Services Module 1.1 (3.005)
    cpe:2.3:h:cisco:firewall_services_module:1.1_%283.005%29
  • Cisco Firewall Services Module 2.1 (0.208)
    cpe:2.3:h:cisco:firewall_services_module:2.1_%280.208%29
  • HP AAA Server
    cpe:2.3:h:hp:aaa_server
  • HP Apache-Based Web Server 2.0.43.00
    cpe:2.3:h:hp:apache-based_web_server:2.0.43.00
  • HP Apache-Based Web Server 2.0.43.04
    cpe:2.3:h:hp:apache-based_web_server:2.0.43.04
  • cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0
    cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0
  • Cisco CiscoWorks Common Management Foundation 2.1
    cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1
  • Cisco CiscoWorks Common Services 2.2
    cpe:2.3:a:cisco:ciscoworks_common_services:2.2
  • Avaya Converged Communications Server 2.0
    cpe:2.3:h:avaya:converged_communications_server:2.0
  • Avaya SG200 4.4
    cpe:2.3:h:avaya:sg200:4.4
  • cpe:2.3:h:avaya:sg200:4.31.29
    cpe:2.3:h:avaya:sg200:4.31.29
  • Avaya SG203 4.4
    cpe:2.3:h:avaya:sg203:4.4
  • cpe:2.3:h:avaya:sg203:4.31.29
    cpe:2.3:h:avaya:sg203:4.31.29
  • Avaya SG208
    cpe:2.3:h:avaya:sg208
  • Avaya SG208 4.4
    cpe:2.3:h:avaya:sg208:4.4
  • Avaya SG5 4.2
    cpe:2.3:h:avaya:sg5:4.2
  • Avaya SG5 4.3
    cpe:2.3:h:avaya:sg5:4.3
  • Avaya SG5 4.4
    cpe:2.3:h:avaya:sg5:4.4
  • Apple Mac OS X 10.3.3
    cpe:2.3:o:apple:mac_os_x:10.3.3
  • Apple Mac OS X Server 10.3.3
    cpe:2.3:o:apple:mac_os_x_server:10.3.3
  • FreeBSD 4.8
    cpe:2.3:o:freebsd:freebsd:4.8
  • cpe:2.3:o:freebsd:freebsd:4.8:releng
    cpe:2.3:o:freebsd:freebsd:4.8:releng
  • FreeBSD 4.9
    cpe:2.3:o:freebsd:freebsd:4.9
  • FreeBSD 5.1
    cpe:2.3:o:freebsd:freebsd:5.1
  • cpe:2.3:o:freebsd:freebsd:5.1:release
    cpe:2.3:o:freebsd:freebsd:5.1:release
  • cpe:2.3:o:freebsd:freebsd:5.1:releng
    cpe:2.3:o:freebsd:freebsd:5.1:releng
  • FreeBSD 5.2
    cpe:2.3:o:freebsd:freebsd:5.2
  • cpe:2.3:o:freebsd:freebsd:5.2.1:release
    cpe:2.3:o:freebsd:freebsd:5.2.1:release
  • HP HP-UX 8.5
    cpe:2.3:o:hp:hp-ux:8.05
  • HP-UX 11.00
    cpe:2.3:o:hp:hp-ux:11.00
  • HP-UX 11.11
    cpe:2.3:o:hp:hp-ux:11.11
  • HP-UX 11i v2
    cpe:2.3:o:hp:hp-ux:11.23
  • OpenBSD 3.3
    cpe:2.3:o:openbsd:openbsd:3.3
  • OpenBSD 3.4
    cpe:2.3:o:openbsd:openbsd:3.4
  • cpe:2.3:o:redhat:enterprise_linux:3.0:-:advanced_server
    cpe:2.3:o:redhat:enterprise_linux:3.0:-:advanced_server
  • cpe:2.3:o:redhat:enterprise_linux:3.0:-:enterprise_server
    cpe:2.3:o:redhat:enterprise_linux:3.0:-:enterprise_server
  • cpe:2.3:o:redhat:enterprise_linux:3.0:-:workstation_server
    cpe:2.3:o:redhat:enterprise_linux:3.0:-:workstation_server
  • Red Hat Desktop 3.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:3.0
  • Red Hat Linux 7.2
    cpe:2.3:o:redhat:linux:7.2
  • Red Hat Linux 7.3
    cpe:2.3:o:redhat:linux:7.3
  • Red Hat Linux 8.0
    cpe:2.3:o:redhat:linux:8.0
  • cpe:2.3:o:sco:openserver:5.0.6
    cpe:2.3:o:sco:openserver:5.0.6
  • cpe:2.3:o:sco:openserver:5.0.7
    cpe:2.3:o:sco:openserver:5.0.7
  • Cisco IOS 12.1 (11)E
    cpe:2.3:o:cisco:ios:12.1%2811%29e
  • Cisco IOS 12.1 (11b)E
    cpe:2.3:o:cisco:ios:12.1%2811b%29e
  • Cisco IOS 12.1 (11b)E12
    cpe:2.3:o:cisco:ios:12.1%2811b%29e12
  • Cisco IOS 12.1 (11b)E14
    cpe:2.3:o:cisco:ios:12.1%2811b%29e14
  • Cisco IOS 12.1(13)E9
    cpe:2.3:o:cisco:ios:12.1%2813%29e9
  • Cisco IOS 12.1(19)E1
    cpe:2.3:o:cisco:ios:12.1%2819%29e1
  • Cisco IOS 12.2 (14)SY
    cpe:2.3:o:cisco:ios:12.2%2814%29sy
  • Cisco IOS 12.2 (14)SY1
    cpe:2.3:o:cisco:ios:12.2%2814%29sy1
  • Cisco IOS 12.2SY
    cpe:2.3:o:cisco:ios:12.2sy
  • Cisco IOS 12.2ZA
    cpe:2.3:o:cisco:ios:12.2za
  • cpe:2.3:a:4d:webstar:4.0
    cpe:2.3:a:4d:webstar:4.0
  • cpe:2.3:a:4d:webstar:5.2
    cpe:2.3:a:4d:webstar:5.2
  • cpe:2.3:a:4d:webstar:5.2.1
    cpe:2.3:a:4d:webstar:5.2.1
  • cpe:2.3:a:4d:webstar:5.2.2
    cpe:2.3:a:4d:webstar:5.2.2
  • cpe:2.3:a:4d:webstar:5.2.3
    cpe:2.3:a:4d:webstar:5.2.3
  • cpe:2.3:a:4d:webstar:5.2.4
    cpe:2.3:a:4d:webstar:5.2.4
  • cpe:2.3:a:4d:webstar:5.3
    cpe:2.3:a:4d:webstar:5.3
  • cpe:2.3:a:4d:webstar:5.3.1
    cpe:2.3:a:4d:webstar:5.3.1
  • cpe:2.3:a:avaya:intuity_audix:-:lx
    cpe:2.3:a:avaya:intuity_audix:-:lx
  • Avaya Intuity R5 R5.1.46
    cpe:2.3:a:avaya:intuity_audix:5.1.46
  • cpe:2.3:a:avaya:intuity_audix:s3210
    cpe:2.3:a:avaya:intuity_audix:s3210
  • cpe:2.3:a:avaya:intuity_audix:s3400
    cpe:2.3:a:avaya:intuity_audix:s3400
  • cpe:2.3:a:avaya:vsu:5
    cpe:2.3:a:avaya:vsu:5
  • cpe:2.3:a:avaya:vsu:5x
    cpe:2.3:a:avaya:vsu:5x
  • cpe:2.3:a:avaya:vsu:100_r2.0.1
    cpe:2.3:a:avaya:vsu:100_r2.0.1
  • cpe:2.3:a:avaya:vsu:500
    cpe:2.3:a:avaya:vsu:500
  • cpe:2.3:a:avaya:vsu:2000_r2.0.1
    cpe:2.3:a:avaya:vsu:2000_r2.0.1
  • cpe:2.3:a:avaya:vsu:5000_r2.0.1
    cpe:2.3:a:avaya:vsu:5000_r2.0.1
  • cpe:2.3:a:avaya:vsu:7500_r2.0.1
    cpe:2.3:a:avaya:vsu:7500_r2.0.1
  • cpe:2.3:a:avaya:vsu:10000_r2.0.1
    cpe:2.3:a:avaya:vsu:10000_r2.0.1
  • cpe:2.3:a:checkpoint:firewall-1:-:vsx-ng-ai
    cpe:2.3:a:checkpoint:firewall-1:-:vsx-ng-ai
  • cpe:2.3:a:checkpoint:firewall-1:2.0:-:gx
    cpe:2.3:a:checkpoint:firewall-1:2.0:-:gx
  • cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0
    cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0
  • cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1
    cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1
  • cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2
    cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2
  • Checkpoint Provider-1 4.1
    cpe:2.3:a:checkpoint:provider-1:4.1
  • Checkpoint Provider-1 4.1 SP1
    cpe:2.3:a:checkpoint:provider-1:4.1:sp1
  • Checkpoint Provider-1 4.1 SP2
    cpe:2.3:a:checkpoint:provider-1:4.1:sp2
  • Checkpoint Provider-1 4.1 SP3
    cpe:2.3:a:checkpoint:provider-1:4.1:sp3
  • Checkpoint Provider-1 4.1 SP4
    cpe:2.3:a:checkpoint:provider-1:4.1:sp4
  • cpe:2.3:a:checkpoint:vpn-1:next_generation
    cpe:2.3:a:checkpoint:vpn-1:next_generation
  • cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0
    cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0
  • cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1
    cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1
  • cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence
    cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence
  • Cisco Access Registrar
    cpe:2.3:a:cisco:access_registrar
  • Cisco Application and Content Networking Software
    cpe:2.3:a:cisco:application_and_content_networking_software
  • cpe:2.3:a:cisco:css11000_content_services_switch
    cpe:2.3:a:cisco:css11000_content_services_switch
  • cpe:2.3:a:cisco:css_secure_content_accelerator:1.0
    cpe:2.3:a:cisco:css_secure_content_accelerator:1.0
  • cpe:2.3:a:cisco:css_secure_content_accelerator:2.0
    cpe:2.3:a:cisco:css_secure_content_accelerator:2.0
  • Cisco Okena Stormwatch 3.2
    cpe:2.3:a:cisco:okena_stormwatch:3.2
  • cpe:2.3:a:cisco:pix_firewall:6.2.2_.111
    cpe:2.3:a:cisco:pix_firewall:6.2.2_.111
  • Cisco Threat Response
    cpe:2.3:a:cisco:threat_response
  • Cisco WebNS 6.10
    cpe:2.3:a:cisco:webns:6.10
  • Cisco WebNS 6.10 B4
    cpe:2.3:a:cisco:webns:6.10_b4
  • Cisco WebNS 7.1 0.1.02
    cpe:2.3:a:cisco:webns:7.1_0.1.02
  • Cisco WebNS 7.1 0.2.06
    cpe:2.3:a:cisco:webns:7.1_0.2.06
  • Cisco WebNS 7.2 0.0.03
    cpe:2.3:a:cisco:webns:7.2_0.0.03
  • Cisco WebNS 7.10
    cpe:2.3:a:cisco:webns:7.10
  • Cisco WebNS 7.10 .0.06s
    cpe:2.3:a:cisco:webns:7.10_.0.06s
  • HP WBEM A.01.05.08
    cpe:2.3:a:hp:wbem:a.01.05.08
  • HP WBEM A.02.00.00
    cpe:2.3:a:hp:wbem:a.02.00.00
  • HP WBEM A.02.00.01
    cpe:2.3:a:hp:wbem:a.02.00.01
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3
  • cpe:2.3:a:neoteris:instant_virtual_extranet:3.0
    cpe:2.3:a:neoteris:instant_virtual_extranet:3.0
  • cpe:2.3:a:neoteris:instant_virtual_extranet:3.1
    cpe:2.3:a:neoteris:instant_virtual_extranet:3.1
  • cpe:2.3:a:neoteris:instant_virtual_extranet:3.2
    cpe:2.3:a:neoteris:instant_virtual_extranet:3.2
  • cpe:2.3:a:neoteris:instant_virtual_extranet:3.3
    cpe:2.3:a:neoteris:instant_virtual_extranet:3.3
  • cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1
    cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1
  • Novell eDirectory 8.0
    cpe:2.3:a:novell:edirectory:8.0
  • Novell eDirectory 8.5
    cpe:2.3:a:novell:edirectory:8.5
  • Novell eDirectory 8.5.12a
    cpe:2.3:a:novell:edirectory:8.5.12a
  • Novell eDirectory 8.5.27
    cpe:2.3:a:novell:edirectory:8.5.27
  • Novell eDirectory 8.6.2
    cpe:2.3:a:novell:edirectory:8.6.2
  • Novell eDirectory 8.7
    cpe:2.3:a:novell:edirectory:8.7
  • Novell eDirectory 8.7.1
    cpe:2.3:a:novell:edirectory:8.7.1
  • Novell eDirectory 8.7.1 SU1
    cpe:2.3:a:novell:edirectory:8.7.1:sp1
  • Novell iManager 1.5
    cpe:2.3:a:novell:imanager:1.5
  • Novell iManager 2.0
    cpe:2.3:a:novell:imanager:2.0
  • OpenSSL Project OpenSSL 0.9.6c
    cpe:2.3:a:openssl:openssl:0.9.6c
  • OpenSSL Project OpenSSL 0.9.6d
    cpe:2.3:a:openssl:openssl:0.9.6d
  • OpenSSL Project OpenSSL 0.9.6e
    cpe:2.3:a:openssl:openssl:0.9.6e
  • OpenSSL Project OpenSSL 0.9.6f
    cpe:2.3:a:openssl:openssl:0.9.6f
  • OpenSSL Project OpenSSL 0.9.6g
    cpe:2.3:a:openssl:openssl:0.9.6g
  • OpenSSL Project OpenSSL 0.9.6h
    cpe:2.3:a:openssl:openssl:0.9.6h
  • OpenSSL Project OpenSSL 0.9.6i
    cpe:2.3:a:openssl:openssl:0.9.6i
  • OpenSSL Project OpenSSL 0.9.6j
    cpe:2.3:a:openssl:openssl:0.9.6j
  • OpenSSL Project OpenSSL 0.9.6k
    cpe:2.3:a:openssl:openssl:0.9.6k
  • OpenSSL Project OpenSSL 0.9.7
    cpe:2.3:a:openssl:openssl:0.9.7
  • OpenSSL Project OpenSSL 0.9.7 beta1
    cpe:2.3:a:openssl:openssl:0.9.7:beta1
  • OpenSSL Project OpenSSL 0.9.7 beta2
    cpe:2.3:a:openssl:openssl:0.9.7:beta2
  • OpenSSL Project OpenSSL 0.9.7 beta3
    cpe:2.3:a:openssl:openssl:0.9.7:beta3
  • OpenSSL Project OpenSSL 0.9.7a
    cpe:2.3:a:openssl:openssl:0.9.7a
  • OpenSSL Project OpenSSL 0.9.7b
    cpe:2.3:a:openssl:openssl:0.9.7b
  • OpenSSL Project OpenSSL 0.9.7c
    cpe:2.3:a:openssl:openssl:0.9.7c
  • cpe:2.3:a:redhat:openssl:0.9.6-15:-:i386
    cpe:2.3:a:redhat:openssl:0.9.6-15:-:i386
  • cpe:2.3:a:redhat:openssl:0.9.6b-3:-:i386
    cpe:2.3:a:redhat:openssl:0.9.6b-3:-:i386
  • cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386
    cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386
  • cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386_dev
    cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386_dev
  • cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386_perl
    cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386_perl
  • RSA BSAFE SSL-J SDK 3.0
    cpe:2.3:a:rsa:bsafe_ssl-j_sdk:3.0
  • RSA BSAFE SSL-J SDK 3.0.1
    cpe:2.3:a:rsa:bsafe_ssl-j_sdk:3.0.1
  • RSA BSAFE SSL-J SDK 3.1
    cpe:2.3:a:rsa:bsafe_ssl-j_sdk:3.1
  • SGI ProPack 2.3
    cpe:2.3:a:sgi:propack:2.3
  • SGI ProPack 2.4
    cpe:2.3:a:sgi:propack:2.4
  • SGI ProPack 3.0
    cpe:2.3:a:sgi:propack:3.0
  • cpe:2.3:a:stonesoft:servercluster:2.5
    cpe:2.3:a:stonesoft:servercluster:2.5
  • cpe:2.3:a:stonesoft:servercluster:2.5.2
    cpe:2.3:a:stonesoft:servercluster:2.5.2
  • cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0
    cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0
  • cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0
    cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0
  • cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0
    cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0
  • cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5
    cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5
  • cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0
    cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0
  • cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0
    cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0
  • cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5
    cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5
  • cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0
    cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0
  • cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5
    cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5
  • cpe:2.3:a:stonesoft:stonegate:1.5.17
    cpe:2.3:a:stonesoft:stonegate:1.5.17
  • cpe:2.3:a:stonesoft:stonegate:1.5.18
    cpe:2.3:a:stonesoft:stonegate:1.5.18
  • cpe:2.3:a:stonesoft:stonegate:1.6.2
    cpe:2.3:a:stonesoft:stonegate:1.6.2
  • cpe:2.3:a:stonesoft:stonegate:1.6.3
    cpe:2.3:a:stonesoft:stonegate:1.6.3
  • cpe:2.3:a:stonesoft:stonegate:1.7
    cpe:2.3:a:stonesoft:stonegate:1.7
  • cpe:2.3:a:stonesoft:stonegate:1.7.1
    cpe:2.3:a:stonesoft:stonegate:1.7.1
  • cpe:2.3:a:stonesoft:stonegate:1.7.2
    cpe:2.3:a:stonesoft:stonegate:1.7.2
  • cpe:2.3:a:stonesoft:stonegate:2.0.1
    cpe:2.3:a:stonesoft:stonegate:2.0.1
  • cpe:2.3:a:stonesoft:stonegate:2.0.4
    cpe:2.3:a:stonesoft:stonegate:2.0.4
  • cpe:2.3:a:stonesoft:stonegate:2.0.5
    cpe:2.3:a:stonesoft:stonegate:2.0.5
  • cpe:2.3:a:stonesoft:stonegate:2.0.6
    cpe:2.3:a:stonesoft:stonegate:2.0.6
  • cpe:2.3:a:stonesoft:stonegate:2.0.7
    cpe:2.3:a:stonesoft:stonegate:2.0.7
  • cpe:2.3:a:stonesoft:stonegate:2.0.8
    cpe:2.3:a:stonesoft:stonegate:2.0.8
  • cpe:2.3:a:stonesoft:stonegate:2.0.9
    cpe:2.3:a:stonesoft:stonegate:2.0.9
  • cpe:2.3:a:stonesoft:stonegate:2.1
    cpe:2.3:a:stonesoft:stonegate:2.1
  • cpe:2.3:a:stonesoft:stonegate:2.2
    cpe:2.3:a:stonesoft:stonegate:2.2
  • cpe:2.3:a:stonesoft:stonegate:2.2.1
    cpe:2.3:a:stonesoft:stonegate:2.2.1
  • cpe:2.3:a:stonesoft:stonegate:2.2.4
    cpe:2.3:a:stonesoft:stonegate:2.2.4
  • cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7
    cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7
  • cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2
    cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2
  • cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0
    cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0
  • cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7
    cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7
  • cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8
    cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8
  • cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9
    cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9
  • cpe:2.3:a:tarantella:tarantella_enterprise:3.20
    cpe:2.3:a:tarantella:tarantella_enterprise:3.20
  • cpe:2.3:a:tarantella:tarantella_enterprise:3.30
    cpe:2.3:a:tarantella:tarantella_enterprise:3.30
  • cpe:2.3:a:tarantella:tarantella_enterprise:3.40
    cpe:2.3:a:tarantella:tarantella_enterprise:3.40
  • VMWare GSX Server 2.0
    cpe:2.3:a:vmware:gsx_server:2.0
  • VMWare GSX Server 2.0.1 build 2129
    cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129
  • VMWare GSX Server 2.5.1
    cpe:2.3:a:vmware:gsx_server:2.5.1
  • VMWare GSX Server 2.5.1 build 5336
    cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336
  • VMWare GSX Server 3.0 build 7592
    cpe:2.3:a:vmware:gsx_server:3.0_build_7592
  • cpe:2.3:h:avaya:s8300:r2.0.0
    cpe:2.3:h:avaya:s8300:r2.0.0
  • cpe:2.3:h:avaya:s8300:r2.0.1
    cpe:2.3:h:avaya:s8300:r2.0.1
  • cpe:2.3:h:avaya:s8500:r2.0.0
    cpe:2.3:h:avaya:s8500:r2.0.0
  • cpe:2.3:h:avaya:s8500:r2.0.1
    cpe:2.3:h:avaya:s8500:r2.0.1
  • cpe:2.3:h:avaya:s8700:r2.0.0
    cpe:2.3:h:avaya:s8700:r2.0.0
  • cpe:2.3:h:avaya:s8700:r2.0.1
    cpe:2.3:h:avaya:s8700:r2.0.1
  • Blue Coat Systems ProxySG
    cpe:2.3:h:bluecoat:proxysg
  • Cisco Call Manager
    cpe:2.3:h:cisco:call_manager
  • Cisco Content Service Switch 11500
    cpe:2.3:h:cisco:content_services_switch_11500
  • Cisco GSS 4480 Global Site Selector
    cpe:2.3:h:cisco:gss_4480_global_site_selector
  • Cisco GSS 4490 Global Site Selector
    cpe:2.3:h:cisco:gss_4490_global_site_selector
  • Cisco MDS 9000
    cpe:2.3:h:cisco:mds_9000
  • cpe:2.3:h:cisco:secure_content_accelerator:10000
    cpe:2.3:h:cisco:secure_content_accelerator:10000
  • Secure Computing Sidewinder 5.2
    cpe:2.3:h:securecomputing:sidewinder:5.2
  • Secure Computing Sidewinder 5.2.0.01
    cpe:2.3:h:securecomputing:sidewinder:5.2.0.01
  • Secure Computing Sidewinder 5.2.0.02
    cpe:2.3:h:securecomputing:sidewinder:5.2.0.02
  • Secure Computing Sidewinder 5.2.0.03
    cpe:2.3:h:securecomputing:sidewinder:5.2.0.03
  • Secure Computing Sidewinder 5.2.0.04
    cpe:2.3:h:securecomputing:sidewinder:5.2.0.04
  • Secure Computing Sidewinder 5.2.1
    cpe:2.3:h:securecomputing:sidewinder:5.2.1
  • Secure Computing Sidewinder 5.2.1.02
    cpe:2.3:h:securecomputing:sidewinder:5.2.1.02
  • Sun Crypto Accelerator 4000 1.0
    cpe:2.3:h:sun:crypto_accelerator_4000:1.0
  • cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10
    cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10
  • cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12
    cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12
  • Cisco PIX Firewall Software 6.0
    cpe:2.3:o:cisco:pix_firewall_software:6.0
  • Cisco PIX Firewall Software 6.0(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%281%29
  • Cisco PIX Firewall Software 6.0(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%282%29
  • Cisco PIX Firewall Software 6.0(3)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%283%29
  • Cisco PIX Firewall Software 6.0(4)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%284%29
  • Cisco PIX Firewall Software 6.0(4.101)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%284.101%29
  • Cisco PIX Firewall Software 6.1
    cpe:2.3:o:cisco:pix_firewall_software:6.1
  • Cisco PIX Firewall Software 6.1(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%281%29
  • Cisco PIX Firewall Software 6.1(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%282%29
  • Cisco PIX Firewall Software 6.1(3)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%283%29
  • Cisco PIX Firewall Software 6.1(4)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%284%29
  • Cisco PIX Firewall Software 6.1(5)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%285%29
  • Cisco PIX Firewall Software 6.2
    cpe:2.3:o:cisco:pix_firewall_software:6.2
  • Cisco PIX Firewall Software 6.2(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%281%29
  • Cisco PIX Firewall Software 6.2(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%282%29
  • Cisco PIX Firewall Software 6.2(3)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%283%29
  • Cisco PIX Firewall Software 6.2 (3.100)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%283.100%29
  • Cisco PIX Firewall Software 6.3
    cpe:2.3:o:cisco:pix_firewall_software:6.3
  • Cisco PIX Firewall Software 6.3(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.3%281%29
  • Cisco PIX Firewall Software 6.3(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.3%282%29
  • Cisco PIX Firewall Software 6.3(3.102)
    cpe:2.3:o:cisco:pix_firewall_software:6.3%283.102%29
  • Cisco PIX Firewall Software 6.3(3.109)
    cpe:2.3:o:cisco:pix_firewall_software:6.3%283.109%29
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-119.NASL
    description Updated OpenSSL packages that fix a remote denial of service vulnerability are now available for Red Hat Enterprise Linux 2.1. OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a bug in older versions of OpenSSL 0.9.6 prior to 0.9.6d that can lead to a denial of service attack (infinite loop). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0081 to this issue. Testing performed by Novell using a test suite provided by NISCC uncovered an issue in the ASN.1 parser in versions of OpenSSL 0.9.6 prior to 0.9.6l which could cause large recursion and possibly lead to a denial of service attack if used where stack space is limited. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0851 to this issue. These updated packages contain patches provided by the OpenSSL group that protect against these issues. NOTE: Because server applications are affected by this issue, users are advised to either restart all services using OpenSSL functionality or restart their system after installing these updated packages.
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 12479
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12479
    title RHEL 2.1 : openssl (RHSA-2004:119)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-465.NASL
    description Two vulnerabilities were discovered in openssl, an implementation of the SSL protocol, using the Codenomicon TLS Test Tool. More information can be found in the following NISCC Vulnerability Advisory and this OpenSSL advisory. The Common Vulnerabilities and Exposures project identified the following vulnerabilities : - CAN-2004-0079 NULL pointer assignment in the do_change_cipher_spec() function. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that used the OpenSSL library in such a way as to cause OpenSSL to crash. Depending on the application this could lead to a denial of service. - CAN-2004-0081 A bug in older versions of OpenSSL 0.9.6 that can lead to a Denial of Service attack (infinite loop).
    last seen 2019-01-16
    modified 2018-07-20
    plugin id 15302
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15302
    title Debian DSA-465-1 : openssl - several vulnerabilities
  • NASL family Web Servers
    NASL id OPENSSL_DENIAL.NASL
    description According to its banner, the remote host is using a version of OpenSSL which is older than 0.9.6m / 0.9.7d. There are several bugs in such versions that may allow an attacker to cause a denial of service against the remote host.
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 12110
    published 2004-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12110
    title OpenSSL < 0.9.6m / 0.9.7d Multiple Remote DoS
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-120.NASL
    description Updated OpenSSL packages that fix several remote denial of service vulnerabilities are available for Red Hat Enterprise Linux 3. The OpenSSL toolkit implements Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1) protocols, and serves as a full-strength general purpose cryptography library. Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a NULL pointer assignment in the do_change_cipher_spec() function in OpenSSL 0.9.6c-0.9.6k and 0.9.7a-0.9.7c. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that uses the OpenSSL library in such a way as to cause OpenSSL to crash. Depending on the application this could lead to a denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0079 to this issue. Stephen Henson discovered a flaw in SSL/TLS handshaking code when using Kerberos ciphersuites in OpenSSL 0.9.7a-0.9.7c. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server configured to use Kerberos ciphersuites in such a way as to cause OpenSSL to crash. Most applications have no ability to use Kerberos ciphersuites and will therefore be unaffected by this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0112 to this issue. Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a bug in older versions of OpenSSL 0.9.6 prior to 0.9.6d that may lead to a denial of service attack (infinite loop). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0081 to this issue. This issue affects only the OpenSSL compatibility packages shipped with Red Hat Enterprise Linux 3. These updated packages contain patches provided by the OpenSSL group that protect against these issues. Additionally, the version of libica included in the OpenSSL packages has been updated to 1.3.5. This only affects IBM s390 and IBM eServer zSeries customers and is required for the latest openCryptoki packages. NOTE: Because server applications are affected by this issue, users are advised to either restart all services that use OpenSSL functionality or restart their systems after installing these updates.
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 12480
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12480
    title RHEL 3 : openssl (RHSA-2004:120)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2004-095.NASL
    description This update includes OpenSSL packages to fix two security issues affecting OpenSSL 0.9.7a which allow denial of service attacks; CVE-2004-0079 and CVE-2003-0851. Also included are updates for the OpenSSL 0.9.6 and 0.9.6b compatibility libraries included in Fedora Core 1, fixing a separate issue which could also lead to a denial of service attack; CVE-2004-0081. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-07-19
    plugin id 13684
    published 2004-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13684
    title Fedora Core 1 : openssl-0.9.7a-33.10 (2004-095)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200403-03.NASL
    description The remote host is affected by the vulnerability described in GLSA-200403-03 (Multiple OpenSSL Vulnerabilities) Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a NULL pointer assignment in the do_change_cipher_spec() function. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that used the OpenSSL library in such a way as to cause OpenSSL to crash. Depending on the application this could lead to a denial of service. All versions of OpenSSL from 0.9.6c to 0.9.6l inclusive and from 0.9.7a to 0.9.7c inclusive are affected by this issue. A flaw has been discovered in SSL/TLS handshaking code when using Kerberos ciphersuites. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server configured to use Kerberos ciphersuites in such a way as to cause OpenSSL to crash. Most applications have no ability to use Kerberos cipher suites and will therefore be unaffected. Versions 0.9.7a, 0.9.7b, and 0.9.7c of OpenSSL are affected by this issue. Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a bug in older versions of OpenSSL 0.9.6 that can lead to a Denial of Service attack (infinite loop). This issue was traced to a fix that was added to OpenSSL 0.9.6d some time ago. This issue will affect vendors that ship older versions of OpenSSL with backported security patches. Impact : Although there are no public exploits known for bug, users are recommended to upgrade to ensure the security of their infrastructure. Workaround : There is no immediate workaround; a software upgrade is required. The vulnerable function in the code has been rewritten.
    last seen 2019-01-16
    modified 2015-04-13
    plugin id 14454
    published 2004-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14454
    title GLSA-200403-03 : Multiple OpenSSL Vulnerabilities
oval via4
  • accepted 2013-04-29T04:15:39.270-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
    family unix
    id oval:org.mitre.oval:def:11755
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
    version 23
  • accepted 2007-04-25T19:53:04.958-04:00
    class vulnerability
    contributors
    • name Matt Busby
      organization The MITRE Corporation
    • name Matt Busby
      organization The MITRE Corporation
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
    family unix
    id oval:org.mitre.oval:def:871
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability
    version 35
  • accepted 2007-04-25T19:53:08.302-04:00
    class vulnerability
    contributors
    • name Matt Busby
      organization The MITRE Corporation
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
    family unix
    id oval:org.mitre.oval:def:902
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat OpenSSL Improper Unknown Message Handling Vulnerability
    version 35
redhat via4
advisories
  • rhsa
    id RHSA-2004:119
  • rhsa
    id RHSA-2004:120
  • rhsa
    id RHSA-2004:121
  • rhsa
    id RHSA-2004:139
refmap via4
bid 9899
bugtraq
  • 20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]
  • 20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability
cert TA04-078A
cert-vn VU#465542
cisco 20040317 Cisco OpenSSL Implementation Vulnerability
conectiva CLA-2004:834
debian DSA-465
engarde ESA-20040317-003
fedora FEDORA-2004-095
gentoo GLSA-200403-03
misc http://www.uniras.gov.uk/vuls/2004/224012/index.htm
sco SCOSA-2004.10
secunia 11139
sgi 20040304-01-U
sunalert 57524
trustix 2004-0012
xf openssl-tls-dos(15509)
Last major update 17-10-2016 - 22:40
Published 23-11-2004 - 00:00
Last modified 30-10-2018 - 12:26
Back to Top