ID CVE-2004-0112
Summary The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
References
Vulnerable Configurations
  • Cisco Firewall Services Module
    cpe:2.3:h:cisco:firewall_services_module
  • Cisco Firewall Services Module 1.1.2
    cpe:2.3:h:cisco:firewall_services_module:1.1.2
  • Cisco Firewall Services Module 1.1.3
    cpe:2.3:h:cisco:firewall_services_module:1.1.3
  • Cisco Firewall Services Module 1.1 (3.005)
    cpe:2.3:h:cisco:firewall_services_module:1.1_%283.005%29
  • Cisco Firewall Services Module 2.1 (0.208)
    cpe:2.3:h:cisco:firewall_services_module:2.1_%280.208%29
  • HP AAA Server
    cpe:2.3:h:hp:aaa_server
  • HP Apache-Based Web Server 2.0.43.00
    cpe:2.3:h:hp:apache-based_web_server:2.0.43.00
  • HP Apache-Based Web Server 2.0.43.04
    cpe:2.3:h:hp:apache-based_web_server:2.0.43.04
  • cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0
    cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0
  • Cisco CiscoWorks Common Management Foundation 2.1
    cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1
  • Cisco CiscoWorks Common Services 2.2
    cpe:2.3:a:cisco:ciscoworks_common_services:2.2
  • Avaya Converged Communications Server 2.0
    cpe:2.3:h:avaya:converged_communications_server:2.0
  • Avaya SG200 4.4
    cpe:2.3:h:avaya:sg200:4.4
  • cpe:2.3:h:avaya:sg200:4.31.29
    cpe:2.3:h:avaya:sg200:4.31.29
  • Avaya SG203 4.4
    cpe:2.3:h:avaya:sg203:4.4
  • cpe:2.3:h:avaya:sg203:4.31.29
    cpe:2.3:h:avaya:sg203:4.31.29
  • Avaya SG208
    cpe:2.3:h:avaya:sg208
  • Avaya SG208 4.4
    cpe:2.3:h:avaya:sg208:4.4
  • Avaya SG5 4.2
    cpe:2.3:h:avaya:sg5:4.2
  • Avaya SG5 4.3
    cpe:2.3:h:avaya:sg5:4.3
  • Avaya SG5 4.4
    cpe:2.3:h:avaya:sg5:4.4
  • Apple Mac OS X 10.3.3
    cpe:2.3:o:apple:mac_os_x:10.3.3
  • Apple Mac OS X Server 10.3.3
    cpe:2.3:o:apple:mac_os_x_server:10.3.3
  • FreeBSD 4.8
    cpe:2.3:o:freebsd:freebsd:4.8
  • cpe:2.3:o:freebsd:freebsd:4.8:releng
    cpe:2.3:o:freebsd:freebsd:4.8:releng
  • FreeBSD 4.9
    cpe:2.3:o:freebsd:freebsd:4.9
  • FreeBSD 5.1
    cpe:2.3:o:freebsd:freebsd:5.1
  • cpe:2.3:o:freebsd:freebsd:5.1:release
    cpe:2.3:o:freebsd:freebsd:5.1:release
  • cpe:2.3:o:freebsd:freebsd:5.1:releng
    cpe:2.3:o:freebsd:freebsd:5.1:releng
  • FreeBSD 5.2
    cpe:2.3:o:freebsd:freebsd:5.2
  • cpe:2.3:o:freebsd:freebsd:5.2.1:release
    cpe:2.3:o:freebsd:freebsd:5.2.1:release
  • HP HP-UX 8.5
    cpe:2.3:o:hp:hp-ux:8.05
  • HP-UX 11.00
    cpe:2.3:o:hp:hp-ux:11.00
  • HP-UX 11.11
    cpe:2.3:o:hp:hp-ux:11.11
  • HP-UX 11i v2
    cpe:2.3:o:hp:hp-ux:11.23
  • OpenBSD 3.3
    cpe:2.3:o:openbsd:openbsd:3.3
  • OpenBSD 3.4
    cpe:2.3:o:openbsd:openbsd:3.4
  • cpe:2.3:o:redhat:enterprise_linux:3.0:-:advanced_server
    cpe:2.3:o:redhat:enterprise_linux:3.0:-:advanced_server
  • cpe:2.3:o:redhat:enterprise_linux:3.0:-:enterprise_server
    cpe:2.3:o:redhat:enterprise_linux:3.0:-:enterprise_server
  • cpe:2.3:o:redhat:enterprise_linux:3.0:-:workstation_server
    cpe:2.3:o:redhat:enterprise_linux:3.0:-:workstation_server
  • Red Hat Desktop 3.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:3.0
  • Red Hat Linux 7.2
    cpe:2.3:o:redhat:linux:7.2
  • Red Hat Linux 7.3
    cpe:2.3:o:redhat:linux:7.3
  • Red Hat Linux 8.0
    cpe:2.3:o:redhat:linux:8.0
  • cpe:2.3:o:sco:openserver:5.0.6
    cpe:2.3:o:sco:openserver:5.0.6
  • cpe:2.3:o:sco:openserver:5.0.7
    cpe:2.3:o:sco:openserver:5.0.7
  • Cisco IOS 12.1 (11)E
    cpe:2.3:o:cisco:ios:12.1%2811%29e
  • Cisco IOS 12.1 (11b)E
    cpe:2.3:o:cisco:ios:12.1%2811b%29e
  • Cisco IOS 12.1 (11b)E12
    cpe:2.3:o:cisco:ios:12.1%2811b%29e12
  • Cisco IOS 12.1 (11b)E14
    cpe:2.3:o:cisco:ios:12.1%2811b%29e14
  • Cisco IOS 12.1(13)E9
    cpe:2.3:o:cisco:ios:12.1%2813%29e9
  • Cisco IOS 12.1(19)E1
    cpe:2.3:o:cisco:ios:12.1%2819%29e1
  • Cisco IOS 12.2 (14)SY
    cpe:2.3:o:cisco:ios:12.2%2814%29sy
  • Cisco IOS 12.2 (14)SY1
    cpe:2.3:o:cisco:ios:12.2%2814%29sy1
  • Cisco IOS 12.2SY
    cpe:2.3:o:cisco:ios:12.2sy
  • Cisco IOS 12.2ZA
    cpe:2.3:o:cisco:ios:12.2za
  • cpe:2.3:a:4d:webstar:4.0
    cpe:2.3:a:4d:webstar:4.0
  • cpe:2.3:a:4d:webstar:5.2
    cpe:2.3:a:4d:webstar:5.2
  • cpe:2.3:a:4d:webstar:5.2.1
    cpe:2.3:a:4d:webstar:5.2.1
  • cpe:2.3:a:4d:webstar:5.2.2
    cpe:2.3:a:4d:webstar:5.2.2
  • cpe:2.3:a:4d:webstar:5.2.3
    cpe:2.3:a:4d:webstar:5.2.3
  • cpe:2.3:a:4d:webstar:5.2.4
    cpe:2.3:a:4d:webstar:5.2.4
  • cpe:2.3:a:4d:webstar:5.3
    cpe:2.3:a:4d:webstar:5.3
  • cpe:2.3:a:4d:webstar:5.3.1
    cpe:2.3:a:4d:webstar:5.3.1
  • cpe:2.3:a:avaya:intuity_audix:-:lx
    cpe:2.3:a:avaya:intuity_audix:-:lx
  • Avaya Intuity R5 R5.1.46
    cpe:2.3:a:avaya:intuity_audix:5.1.46
  • cpe:2.3:a:avaya:intuity_audix:s3210
    cpe:2.3:a:avaya:intuity_audix:s3210
  • cpe:2.3:a:avaya:intuity_audix:s3400
    cpe:2.3:a:avaya:intuity_audix:s3400
  • cpe:2.3:a:avaya:vsu:5
    cpe:2.3:a:avaya:vsu:5
  • cpe:2.3:a:avaya:vsu:5x
    cpe:2.3:a:avaya:vsu:5x
  • cpe:2.3:a:avaya:vsu:100_r2.0.1
    cpe:2.3:a:avaya:vsu:100_r2.0.1
  • cpe:2.3:a:avaya:vsu:500
    cpe:2.3:a:avaya:vsu:500
  • cpe:2.3:a:avaya:vsu:2000_r2.0.1
    cpe:2.3:a:avaya:vsu:2000_r2.0.1
  • cpe:2.3:a:avaya:vsu:5000_r2.0.1
    cpe:2.3:a:avaya:vsu:5000_r2.0.1
  • cpe:2.3:a:avaya:vsu:7500_r2.0.1
    cpe:2.3:a:avaya:vsu:7500_r2.0.1
  • cpe:2.3:a:avaya:vsu:10000_r2.0.1
    cpe:2.3:a:avaya:vsu:10000_r2.0.1
  • cpe:2.3:a:checkpoint:firewall-1:-:vsx-ng-ai
    cpe:2.3:a:checkpoint:firewall-1:-:vsx-ng-ai
  • cpe:2.3:a:checkpoint:firewall-1:2.0:-:gx
    cpe:2.3:a:checkpoint:firewall-1:2.0:-:gx
  • cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0
    cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0
  • cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1
    cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1
  • cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2
    cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2
  • Checkpoint Provider-1 4.1
    cpe:2.3:a:checkpoint:provider-1:4.1
  • Checkpoint Provider-1 4.1 SP1
    cpe:2.3:a:checkpoint:provider-1:4.1:sp1
  • Checkpoint Provider-1 4.1 SP2
    cpe:2.3:a:checkpoint:provider-1:4.1:sp2
  • Checkpoint Provider-1 4.1 SP3
    cpe:2.3:a:checkpoint:provider-1:4.1:sp3
  • Checkpoint Provider-1 4.1 SP4
    cpe:2.3:a:checkpoint:provider-1:4.1:sp4
  • cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0
    cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0
  • cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1
    cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1
  • cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2
    cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2
  • cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence
    cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence
  • Cisco Access Registrar
    cpe:2.3:a:cisco:access_registrar
  • Cisco Application and Content Networking Software
    cpe:2.3:a:cisco:application_and_content_networking_software
  • cpe:2.3:a:cisco:css11000_content_services_switch
    cpe:2.3:a:cisco:css11000_content_services_switch
  • cpe:2.3:a:cisco:css_secure_content_accelerator:1.0
    cpe:2.3:a:cisco:css_secure_content_accelerator:1.0
  • cpe:2.3:a:cisco:css_secure_content_accelerator:2.0
    cpe:2.3:a:cisco:css_secure_content_accelerator:2.0
  • Cisco Okena Stormwatch 3.2
    cpe:2.3:a:cisco:okena_stormwatch:3.2
  • cpe:2.3:a:cisco:pix_firewall:6.2.2_.111
    cpe:2.3:a:cisco:pix_firewall:6.2.2_.111
  • Cisco Threat Response
    cpe:2.3:a:cisco:threat_response
  • Cisco WebNS 6.10
    cpe:2.3:a:cisco:webns:6.10
  • Cisco WebNS 6.10 B4
    cpe:2.3:a:cisco:webns:6.10_b4
  • Cisco WebNS 7.1 0.1.02
    cpe:2.3:a:cisco:webns:7.1_0.1.02
  • Cisco WebNS 7.1 0.2.06
    cpe:2.3:a:cisco:webns:7.1_0.2.06
  • Cisco WebNS 7.2 0.0.03
    cpe:2.3:a:cisco:webns:7.2_0.0.03
  • Cisco WebNS 7.10
    cpe:2.3:a:cisco:webns:7.10
  • Cisco WebNS 7.10 .0.06s
    cpe:2.3:a:cisco:webns:7.10_.0.06s
  • HP WBEM A.01.05.08
    cpe:2.3:a:hp:wbem:a.01.05.08
  • HP WBEM A.02.00.00
    cpe:2.3:a:hp:wbem:a.02.00.00
  • HP WBEM A.02.00.01
    cpe:2.3:a:hp:wbem:a.02.00.01
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2
  • cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3
    cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3
  • cpe:2.3:a:neoteris:instant_virtual_extranet:3.0
    cpe:2.3:a:neoteris:instant_virtual_extranet:3.0
  • cpe:2.3:a:neoteris:instant_virtual_extranet:3.1
    cpe:2.3:a:neoteris:instant_virtual_extranet:3.1
  • cpe:2.3:a:neoteris:instant_virtual_extranet:3.2
    cpe:2.3:a:neoteris:instant_virtual_extranet:3.2
  • cpe:2.3:a:neoteris:instant_virtual_extranet:3.3
    cpe:2.3:a:neoteris:instant_virtual_extranet:3.3
  • cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1
    cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1
  • Novell eDirectory 8.0
    cpe:2.3:a:novell:edirectory:8.0
  • Novell eDirectory 8.5
    cpe:2.3:a:novell:edirectory:8.5
  • Novell eDirectory 8.5.12a
    cpe:2.3:a:novell:edirectory:8.5.12a
  • Novell eDirectory 8.5.27
    cpe:2.3:a:novell:edirectory:8.5.27
  • Novell eDirectory 8.6.2
    cpe:2.3:a:novell:edirectory:8.6.2
  • Novell eDirectory 8.7
    cpe:2.3:a:novell:edirectory:8.7
  • Novell eDirectory 8.7.1
    cpe:2.3:a:novell:edirectory:8.7.1
  • Novell eDirectory 8.7.1 SU1
    cpe:2.3:a:novell:edirectory:8.7.1:sp1
  • Novell iManager 1.5
    cpe:2.3:a:novell:imanager:1.5
  • Novell iManager 2.0
    cpe:2.3:a:novell:imanager:2.0
  • OpenSSL Project OpenSSL 0.9.6c
    cpe:2.3:a:openssl:openssl:0.9.6c
  • OpenSSL Project OpenSSL 0.9.6d
    cpe:2.3:a:openssl:openssl:0.9.6d
  • OpenSSL Project OpenSSL 0.9.6e
    cpe:2.3:a:openssl:openssl:0.9.6e
  • OpenSSL Project OpenSSL 0.9.6f
    cpe:2.3:a:openssl:openssl:0.9.6f
  • OpenSSL Project OpenSSL 0.9.6g
    cpe:2.3:a:openssl:openssl:0.9.6g
  • OpenSSL Project OpenSSL 0.9.6h
    cpe:2.3:a:openssl:openssl:0.9.6h
  • OpenSSL Project OpenSSL 0.9.6i
    cpe:2.3:a:openssl:openssl:0.9.6i
  • OpenSSL Project OpenSSL 0.9.6j
    cpe:2.3:a:openssl:openssl:0.9.6j
  • OpenSSL Project OpenSSL 0.9.6k
    cpe:2.3:a:openssl:openssl:0.9.6k
  • OpenSSL Project OpenSSL 0.9.7
    cpe:2.3:a:openssl:openssl:0.9.7
  • OpenSSL Project OpenSSL 0.9.7 beta1
    cpe:2.3:a:openssl:openssl:0.9.7:beta1
  • OpenSSL Project OpenSSL 0.9.7 beta2
    cpe:2.3:a:openssl:openssl:0.9.7:beta2
  • OpenSSL Project OpenSSL 0.9.7 beta3
    cpe:2.3:a:openssl:openssl:0.9.7:beta3
  • OpenSSL Project OpenSSL 0.9.7a
    cpe:2.3:a:openssl:openssl:0.9.7a
  • OpenSSL Project OpenSSL 0.9.7b
    cpe:2.3:a:openssl:openssl:0.9.7b
  • OpenSSL Project OpenSSL 0.9.7c
    cpe:2.3:a:openssl:openssl:0.9.7c
  • cpe:2.3:a:redhat:openssl:0.9.6-15:-:i386
    cpe:2.3:a:redhat:openssl:0.9.6-15:-:i386
  • cpe:2.3:a:redhat:openssl:0.9.6b-3:-:i386
    cpe:2.3:a:redhat:openssl:0.9.6b-3:-:i386
  • cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386
    cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386
  • cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386_dev
    cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386_dev
  • cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386_perl
    cpe:2.3:a:redhat:openssl:0.9.7a-2:-:i386_perl
  • RSA BSAFE SSL-J SDK 3.0
    cpe:2.3:a:rsa:bsafe_ssl-j_sdk:3.0
  • RSA BSAFE SSL-J SDK 3.0.1
    cpe:2.3:a:rsa:bsafe_ssl-j_sdk:3.0.1
  • RSA BSAFE SSL-J SDK 3.1
    cpe:2.3:a:rsa:bsafe_ssl-j_sdk:3.1
  • SGI ProPack 2.3
    cpe:2.3:a:sgi:propack:2.3
  • SGI ProPack 2.4
    cpe:2.3:a:sgi:propack:2.4
  • SGI ProPack 3.0
    cpe:2.3:a:sgi:propack:3.0
  • cpe:2.3:a:stonesoft:servercluster:2.5
    cpe:2.3:a:stonesoft:servercluster:2.5
  • cpe:2.3:a:stonesoft:servercluster:2.5.2
    cpe:2.3:a:stonesoft:servercluster:2.5.2
  • cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0
    cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0
  • cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0
    cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0
  • cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0
    cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0
  • cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5
    cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5
  • cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0
    cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0
  • cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0
    cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0
  • cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5
    cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5
  • cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0
    cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0
  • cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5
    cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5
  • cpe:2.3:a:stonesoft:stonegate:1.5.17
    cpe:2.3:a:stonesoft:stonegate:1.5.17
  • cpe:2.3:a:stonesoft:stonegate:1.5.18
    cpe:2.3:a:stonesoft:stonegate:1.5.18
  • cpe:2.3:a:stonesoft:stonegate:1.6.2
    cpe:2.3:a:stonesoft:stonegate:1.6.2
  • cpe:2.3:a:stonesoft:stonegate:1.6.3
    cpe:2.3:a:stonesoft:stonegate:1.6.3
  • cpe:2.3:a:stonesoft:stonegate:1.7
    cpe:2.3:a:stonesoft:stonegate:1.7
  • cpe:2.3:a:stonesoft:stonegate:1.7.1
    cpe:2.3:a:stonesoft:stonegate:1.7.1
  • cpe:2.3:a:stonesoft:stonegate:1.7.2
    cpe:2.3:a:stonesoft:stonegate:1.7.2
  • cpe:2.3:a:stonesoft:stonegate:2.0.1
    cpe:2.3:a:stonesoft:stonegate:2.0.1
  • cpe:2.3:a:stonesoft:stonegate:2.0.4
    cpe:2.3:a:stonesoft:stonegate:2.0.4
  • cpe:2.3:a:stonesoft:stonegate:2.0.5
    cpe:2.3:a:stonesoft:stonegate:2.0.5
  • cpe:2.3:a:stonesoft:stonegate:2.0.6
    cpe:2.3:a:stonesoft:stonegate:2.0.6
  • cpe:2.3:a:stonesoft:stonegate:2.0.7
    cpe:2.3:a:stonesoft:stonegate:2.0.7
  • cpe:2.3:a:stonesoft:stonegate:2.0.8
    cpe:2.3:a:stonesoft:stonegate:2.0.8
  • cpe:2.3:a:stonesoft:stonegate:2.0.9
    cpe:2.3:a:stonesoft:stonegate:2.0.9
  • cpe:2.3:a:stonesoft:stonegate:2.1
    cpe:2.3:a:stonesoft:stonegate:2.1
  • cpe:2.3:a:stonesoft:stonegate:2.2
    cpe:2.3:a:stonesoft:stonegate:2.2
  • cpe:2.3:a:stonesoft:stonegate:2.2.1
    cpe:2.3:a:stonesoft:stonegate:2.2.1
  • cpe:2.3:a:stonesoft:stonegate:2.2.4
    cpe:2.3:a:stonesoft:stonegate:2.2.4
  • cpe:2.3:a:tarantella:tarantella_enterprise:3.20
    cpe:2.3:a:tarantella:tarantella_enterprise:3.20
  • cpe:2.3:a:tarantella:tarantella_enterprise:3.30
    cpe:2.3:a:tarantella:tarantella_enterprise:3.30
  • cpe:2.3:a:tarantella:tarantella_enterprise:3.40
    cpe:2.3:a:tarantella:tarantella_enterprise:3.40
  • VMWare GSX Server 2.0
    cpe:2.3:a:vmware:gsx_server:2.0
  • VMWare GSX Server 2.0.1 build 2129
    cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129
  • VMWare GSX Server 2.5.1
    cpe:2.3:a:vmware:gsx_server:2.5.1
  • VMWare GSX Server 2.5.1 build 5336
    cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336
  • VMWare GSX Server 3.0 build 7592
    cpe:2.3:a:vmware:gsx_server:3.0_build_7592
  • cpe:2.3:h:avaya:s8300:r2.0.0
    cpe:2.3:h:avaya:s8300:r2.0.0
  • cpe:2.3:h:avaya:s8300:r2.0.1
    cpe:2.3:h:avaya:s8300:r2.0.1
  • cpe:2.3:h:avaya:s8500:r2.0.0
    cpe:2.3:h:avaya:s8500:r2.0.0
  • cpe:2.3:h:avaya:s8500:r2.0.1
    cpe:2.3:h:avaya:s8500:r2.0.1
  • cpe:2.3:h:avaya:s8700:r2.0.0
    cpe:2.3:h:avaya:s8700:r2.0.0
  • cpe:2.3:h:avaya:s8700:r2.0.1
    cpe:2.3:h:avaya:s8700:r2.0.1
  • Blue Coat Systems ProxySG
    cpe:2.3:h:bluecoat:proxysg
  • Cisco Call Manager
    cpe:2.3:h:cisco:call_manager
  • Cisco Content Service Switch 11500
    cpe:2.3:h:cisco:content_services_switch_11500
  • Cisco GSS 4480 Global Site Selector
    cpe:2.3:h:cisco:gss_4480_global_site_selector
  • Cisco GSS 4490 Global Site Selector
    cpe:2.3:h:cisco:gss_4490_global_site_selector
  • Cisco MDS 9000
    cpe:2.3:h:cisco:mds_9000
  • cpe:2.3:h:cisco:secure_content_accelerator:10000
    cpe:2.3:h:cisco:secure_content_accelerator:10000
  • Secure Computing Sidewinder 5.2
    cpe:2.3:h:securecomputing:sidewinder:5.2
  • Secure Computing Sidewinder 5.2.0.01
    cpe:2.3:h:securecomputing:sidewinder:5.2.0.01
  • Secure Computing Sidewinder 5.2.0.02
    cpe:2.3:h:securecomputing:sidewinder:5.2.0.02
  • Secure Computing Sidewinder 5.2.0.03
    cpe:2.3:h:securecomputing:sidewinder:5.2.0.03
  • Secure Computing Sidewinder 5.2.0.04
    cpe:2.3:h:securecomputing:sidewinder:5.2.0.04
  • Secure Computing Sidewinder 5.2.1
    cpe:2.3:h:securecomputing:sidewinder:5.2.1
  • Secure Computing Sidewinder 5.2.1.02
    cpe:2.3:h:securecomputing:sidewinder:5.2.1.02
  • Sun Crypto Accelerator 4000 1.0
    cpe:2.3:h:sun:crypto_accelerator_4000:1.0
  • cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10
    cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10
  • cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12
    cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12
  • Cisco PIX Firewall Software 6.0
    cpe:2.3:o:cisco:pix_firewall_software:6.0
  • Cisco PIX Firewall Software 6.0(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%281%29
  • Cisco PIX Firewall Software 6.0(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%282%29
  • Cisco PIX Firewall Software 6.0(3)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%283%29
  • Cisco PIX Firewall Software 6.0(4)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%284%29
  • Cisco PIX Firewall Software 6.0(4.101)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%284.101%29
  • Cisco PIX Firewall Software 6.1
    cpe:2.3:o:cisco:pix_firewall_software:6.1
  • Cisco PIX Firewall Software 6.1(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%281%29
  • Cisco PIX Firewall Software 6.1(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%282%29
  • Cisco PIX Firewall Software 6.1(3)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%283%29
  • Cisco PIX Firewall Software 6.1(4)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%284%29
  • Cisco PIX Firewall Software 6.1(5)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%285%29
  • Cisco PIX Firewall Software 6.2
    cpe:2.3:o:cisco:pix_firewall_software:6.2
  • Cisco PIX Firewall Software 6.2(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%281%29
  • Cisco PIX Firewall Software 6.2(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%282%29
  • Cisco PIX Firewall Software 6.2(3)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%283%29
  • Cisco PIX Firewall Software 6.2 (3.100)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%283.100%29
  • Cisco PIX Firewall Software 6.3
    cpe:2.3:o:cisco:pix_firewall_software:6.3
  • Cisco PIX Firewall Software 6.3(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.3%281%29
  • Cisco PIX Firewall Software 6.3(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.3%282%29
  • Cisco PIX Firewall Software 6.3(3.102)
    cpe:2.3:o:cisco:pix_firewall_software:6.3%283.102%29
  • Cisco PIX Firewall Software 6.3(3.109)
    cpe:2.3:o:cisco:pix_firewall_software:6.3%283.109%29
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2005-007.NASL
    description The remote host is running a version of Mac OS X 10.4 or 10.3 that does not have Security Update 2005-007 applied. This security update contains fixes for the following products : - Apache 2 - AppKit - Bluetooth - CoreFoundation - CUPS - Directory Services - HItoolbox - Kerberos - loginwindow - Mail - MySQL - OpenSSL - QuartzComposerScreenSaver - ping - Safari - SecurityInterface - servermgrd - servermgr_ipfilter - SquirelMail - traceroute - WebKit - WebLog Server - X11 - zlib
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 19463
    published 2005-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19463
    title Mac OS X Multiple Vulnerabilities (Security Update 2005-007)
  • NASL family Web Servers
    NASL id OPENSSL_DENIAL.NASL
    description According to its banner, the remote host is using a version of OpenSSL which is older than 0.9.6m / 0.9.7d. There are several bugs in such versions that may allow an attacker to cause a denial of service against the remote host.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12110
    published 2004-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12110
    title OpenSSL < 0.9.6m / 0.9.7d Multiple Remote DoS
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-120.NASL
    description Updated OpenSSL packages that fix several remote denial of service vulnerabilities are available for Red Hat Enterprise Linux 3. The OpenSSL toolkit implements Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1) protocols, and serves as a full-strength general purpose cryptography library. Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a NULL pointer assignment in the do_change_cipher_spec() function in OpenSSL 0.9.6c-0.9.6k and 0.9.7a-0.9.7c. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that uses the OpenSSL library in such a way as to cause OpenSSL to crash. Depending on the application this could lead to a denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0079 to this issue. Stephen Henson discovered a flaw in SSL/TLS handshaking code when using Kerberos ciphersuites in OpenSSL 0.9.7a-0.9.7c. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server configured to use Kerberos ciphersuites in such a way as to cause OpenSSL to crash. Most applications have no ability to use Kerberos ciphersuites and will therefore be unaffected by this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0112 to this issue. Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a bug in older versions of OpenSSL 0.9.6 prior to 0.9.6d that may lead to a denial of service attack (infinite loop). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0081 to this issue. This issue affects only the OpenSSL compatibility packages shipped with Red Hat Enterprise Linux 3. These updated packages contain patches provided by the OpenSSL group that protect against these issues. Additionally, the version of libica included in the OpenSSL packages has been updated to 1.3.5. This only affects IBM s390 and IBM eServer zSeries customers and is required for the latest openCryptoki packages. NOTE: Because server applications are affected by this issue, users are advised to either restart all services that use OpenSSL functionality or restart their systems after installing these updates.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12480
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12480
    title RHEL 3 : openssl (RHSA-2004:120)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SA_2004_007.NASL
    description The remote host is missing the patch for the advisory SuSE-SA:2004:007 (openssl). OpenSSL is an implementation of the Secure Socket Layer (SSL v2/3) and Transport Layer Security (TLS v1) protocol. The NISCC informed us about to failure conditions in openssl that can be triggered to crash applications that use the openssl library. The first bug occurs during SSL/TLS handshake in the function do_change_cipher_spec() due to a NULL pointer assignment. The second bug affects openssl version 0.9.7* only with Kerberos cipher suite enabled and can be triggered during SSL/TLS handshake too. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command 'rpm -Fhv file.rpm' to apply the update.
    last seen 2019-02-21
    modified 2016-12-27
    plugin id 13825
    published 2004-07-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13825
    title SuSE-SA:2004:007: openssl
  • NASL family Web Servers
    NASL id OPENSSL_0_9_6M_0_9_7D.NASL
    description According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.6m or 0.9.7d. A remote attacker can crash the server by sending an overly long Kerberos ticket or a crafted SSL/TLS handshake.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 17750
    published 2012-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17750
    title OpenSSL < 0.9.6m / 0.9.7d Denial of Service
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2004-023.NASL
    description A vulnerability was discovered by the OpenSSL group using the Codenomicon TLS Test Tool. The test uncovered a NULL pointer assignment in the do_change_cipher_spec() function whih could be abused by a remote attacker crafting a special SSL/TLS handshake against a server that used the OpenSSL library in such a way as to cause OpenSSL to crash. Depending on the application in question, this could lead to a Denial of Service (DoS). This vulnerability affects both OpenSSL 0.9.6 (0.9.6c-0.9.6k) and 0.9.7 (0.9.7a-0.9.7c). CVE has assigned CVE-2004-0079 to this issue. Another vulnerability was discovered by Stephen Henson in OpenSSL versions 0.9.7a-0.9.7c; there is a flaw in the SSL/TLS handshaking code when using Kerberos ciphersuites. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server configured to use Kerberos ciphersuites in such a way as to cause OpenSSL to crash. CVE has assigned CVE-2004-0112 to this issue. Mandrakesoft urges users to upgrade to the packages provided that have been patched to protect against these problems. We would also like to thank NISCC for their assistance in coordinating the disclosure of these problems. Please note that you will need to restart any SSL-enabled services for the patch to be effective, including (but not limited to) Apache, OpenLDAP, etc.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 14122
    published 2004-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14122
    title Mandrake Linux Security Advisory : openssl (MDKSA-2004:023)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200403-03.NASL
    description The remote host is affected by the vulnerability described in GLSA-200403-03 (Multiple OpenSSL Vulnerabilities) Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a NULL pointer assignment in the do_change_cipher_spec() function. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that used the OpenSSL library in such a way as to cause OpenSSL to crash. Depending on the application this could lead to a denial of service. All versions of OpenSSL from 0.9.6c to 0.9.6l inclusive and from 0.9.7a to 0.9.7c inclusive are affected by this issue. A flaw has been discovered in SSL/TLS handshaking code when using Kerberos ciphersuites. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server configured to use Kerberos ciphersuites in such a way as to cause OpenSSL to crash. Most applications have no ability to use Kerberos cipher suites and will therefore be unaffected. Versions 0.9.7a, 0.9.7b, and 0.9.7c of OpenSSL are affected by this issue. Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a bug in older versions of OpenSSL 0.9.6 that can lead to a Denial of Service attack (infinite loop). This issue was traced to a fix that was added to OpenSSL 0.9.6d some time ago. This issue will affect vendors that ship older versions of OpenSSL with backported security patches. Impact : Although there are no public exploits known for bug, users are recommended to upgrade to ensure the security of their infrastructure. Workaround : There is no immediate workaround; a software upgrade is required. The vulnerable function in the code has been rewritten.
    last seen 2019-02-21
    modified 2015-04-13
    plugin id 14454
    published 2004-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14454
    title GLSA-200403-03 : Multiple OpenSSL Vulnerabilities
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2004-077-01.NASL
    description Upgraded OpenSSL packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix two potential denial-of-service issues in earlier versions of OpenSSL. We recommend sites that use OpenSSL upgrade to the fixed packages right away.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 18785
    published 2005-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18785
    title Slackware 8.1 / 9.0 / 9.1 / current : OpenSSL security update (SSA:2004-077-01)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30648.NASL
    description s700_800 11.04 Virtualvault 4.5 OWS update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112. (HPSBUX01019 SSRT4717) - A potential security vulnerability has been identified with Apache running on HP-UX where a buffer overflow could be exploited remotely to execute arbitrary code. - A potential security vulnerability has been identified with HP-UX running Apache where the vulnerability could be exploited remotely to create a Denial of Service (DoS) or to execute arbitrary code. - A potential security vulnerability has been identified with Apache running on HP-UX where the vulnerability could be exploited remotely to create a Denial of Service (DoS) or to bypass access restrictions.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17532
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17532
    title HP-UX PHSS_30648 : s700_800 11.04 Virtualvault 4.5 OWS update
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30650.NASL
    description s700_800 11.04 Webproxy server 2.0 update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17534
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17534
    title HP-UX PHSS_30650 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30640.NASL
    description s700_800 11.04 Virtualvault 4.7 OpenSSH update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17525
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17525
    title HP-UX PHSS_30640 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30644.NASL
    description s700_800 11.04 Virtualvault 4.6 OpenSSH update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17529
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17529
    title HP-UX PHSS_30644 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30649.NASL
    description s700_800 11.04 Webproxy server 2.1 update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17533
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17533
    title HP-UX PHSS_30649 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30643.NASL
    description s700_800 11.04 Virtualvault 4.6 IWS update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17528
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17528
    title HP-UX PHSS_30643 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30647.NASL
    description s700_800 11.04 Virtualvault 4.5 IWS Update : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with Apache running on HP-UX where the vulnerability could be exploited remotely to create a Denial of Service (DoS) or to bypass access restrictions. - A potential security vulnerability has been identified with HP-UX running Apache where the vulnerability could be exploited remotely to create a Denial of Service (DoS) or to execute arbitrary code. - A potential security vulnerability has been identified with Apache running on HP-UX where a buffer overflow could be exploited remotely to execute arbitrary code. - Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112. (HPSBUX01019 SSRT4717)
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17070
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17070
    title HP-UX PHSS_30647 : s700_800 11.04 Virtualvault 4.5 IWS Update
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30641.NASL
    description s700_800 11.04 Virtualvault 4.7 OWS update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17526
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17526
    title HP-UX PHSS_30641 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30645.NASL
    description s700_800 11.04 Virtualvault 4.6 OWS update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17530
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17530
    title HP-UX PHSS_30645 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30646.NASL
    description s700_800 11.04 Virtualvault 4.6 TGP update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17531
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17531
    title HP-UX PHSS_30646 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30642.NASL
    description s700_800 11.04 Virtualvault 4.7 TGP update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17527
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17527
    title HP-UX PHSS_30642 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30639.NASL
    description s700_800 11.04 Virtualvault 4.7 IWS update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17071
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17071
    title HP-UX PHSS_30639 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
oval via4
  • accepted 2007-04-25T19:52:12.895-04:00
    class vulnerability
    contributors
    • name Matt Busby
      organization The MITRE Corporation
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
    family unix
    id oval:org.mitre.oval:def:1049
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat OpenSSL Kerberos Handshake Vulnerability
    version 35
  • accepted 2007-04-25T19:53:09.352-04:00
    class vulnerability
    contributors
    • name Matt Busby
      organization The MITRE Corporation
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
    family unix
    id oval:org.mitre.oval:def:928
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability
    version 35
  • accepted 2013-04-29T04:20:25.766-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
    family unix
    id oval:org.mitre.oval:def:9580
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
    version 23
redhat via4
advisories
  • rhsa
    id RHSA-2004:120
  • rhsa
    id RHSA-2004:121
refmap via4
apple
  • APPLE-SA-2005-08-15
  • APPLE-SA-2005-08-17
bid 9899
bugtraq 20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]
cert TA04-078A
cert-vn VU#484726
ciac O-101
cisco 20040317 Cisco OpenSSL Implementation Vulnerability
conectiva CLA-2004:834
confirm
gentoo GLSA-200403-03
hp SSRT4717
mandrake MDKSA-2004:023
misc http://www.uniras.gov.uk/vuls/2004/224012/index.htm
netbsd NetBSD-SA2004-005
sco SCOSA-2004.10
secunia 11139
slackware SSA:2004-077
sunalert 57524
suse SuSE-SA:2004:007
trustix 2004-0012
xf openssl-kerberos-ciphersuites-dos(15508)
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 17-10-2016 - 22:40
Published 23-11-2004 - 00:00
Last modified 30-10-2018 - 12:26
Back to Top