ID CVE-2006-4343
Summary The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
References
Vulnerable Configurations
  • OpenSSL Project OpenSSL 0.9.7
    cpe:2.3:a:openssl:openssl:0.9.7
  • OpenSSL Project OpenSSL 0.9.7a
    cpe:2.3:a:openssl:openssl:0.9.7a
  • OpenSSL Project OpenSSL 0.9.7b
    cpe:2.3:a:openssl:openssl:0.9.7b
  • OpenSSL Project OpenSSL 0.9.7c
    cpe:2.3:a:openssl:openssl:0.9.7c
  • OpenSSL Project OpenSSL 0.9.7d
    cpe:2.3:a:openssl:openssl:0.9.7d
  • OpenSSL Project OpenSSL 0.9.7e
    cpe:2.3:a:openssl:openssl:0.9.7e
  • OpenSSL Project OpenSSL 0.9.7f
    cpe:2.3:a:openssl:openssl:0.9.7f
  • OpenSSL Project OpenSSL 0.9.7g
    cpe:2.3:a:openssl:openssl:0.9.7g
  • OpenSSL Project OpenSSL 0.9.7h
    cpe:2.3:a:openssl:openssl:0.9.7h
  • OpenSSL Project OpenSSL 0.9.7i
    cpe:2.3:a:openssl:openssl:0.9.7i
  • OpenSSL Project OpenSSL 0.9.7j
    cpe:2.3:a:openssl:openssl:0.9.7j
  • OpenSSL Project OpenSSL 0.9.7k
    cpe:2.3:a:openssl:openssl:0.9.7k
  • OpenSSL Project OpenSSL 0.9.8
    cpe:2.3:a:openssl:openssl:0.9.8
  • OpenSSL Project OpenSSL 0.9.8a
    cpe:2.3:a:openssl:openssl:0.9.8a
  • OpenSSL Project OpenSSL 0.9.8b
    cpe:2.3:a:openssl:openssl:0.9.8b
  • OpenSSL Project OpenSSL 0.9.8c
    cpe:2.3:a:openssl:openssl:0.9.8c
  • Debian Debian Linux 3.1
    cpe:2.3:o:debian:debian_linux:3.1
  • Canonical Ubuntu Linux 5.04
    cpe:2.3:o:canonical:ubuntu_linux:5.04
  • Canonical Ubuntu Linux 5.10
    cpe:2.3:o:canonical:ubuntu_linux:5.10
  • Canonical Ubuntu Linux 6.06 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:6.06:-:-:-:lts
CVSS
Base: 4.3 (as of 02-10-2006 - 07:51)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
  • description OpenSSL < 0.9.7l / 0.9.8d SSLv2 Client Crash Exploit. CVE-2006-4343. Dos exploits for multiple platform
    file exploits/multiple/dos/4773.pl
    id EDB-ID:4773
    last seen 2016-01-31
    modified 2007-12-23
    platform multiple
    port
    published 2007-12-23
    reporter Noam Rathaus
    source https://www.exploit-db.com/download/4773/
    title OpenSSL < 0.9.7l / 0.9.8d - SSLv2 Client Crash Exploit
    type dos
  • description OpenSSL SSLv2 Null Pointer Dereference Client Denial of Service Vulnerability. CVE-2006-4343. Dos exploits for multiple platform
    id EDB-ID:28726
    last seen 2016-02-03
    modified 2006-09-28
    published 2006-09-28
    reporter Noam Rathaus
    source https://www.exploit-db.com/download/28726/
    title OpenSSL SSLv2 - Null Pointer Dereference Client Denial of Service Vulnerability
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0525.NASL
    description Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Several flaws in Zlib was discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream is opened by a user. (CVE-2005-2096). An attacker could create a carefully crafted compressed stream that would cause an application to crash if the stream is opened by a user. (CVE-2005-1849) A buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). A flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) An attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around could allow an attacker, acting as a 'man in the middle' to force an SSL connection to use SSL 2.0 rather than a stronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969) During OpenSSL parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). Certain public key types can take disproportionate amounts of time to process in OpenSSL, leading to a denial of service. (CVE-2006-2940) A flaw was discovered in the way that the Python repr() function handled UTF-32/UCS-4 strings. If an application written in Python used the repr() function on untrusted data, this could lead to a denial of service or possibly allow the execution of arbitrary code with the privileges of the Python application. (CVE-2006-4980) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This may possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application written in Python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965) A stack-based buffer overflow was discovered in the Python interpreter, which could allow a local user to gain privileges by running a script with a long name from the current working directory. (CVE-2006-1542) Users of Red Hat Network Satellite Server should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43838
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43838
    title RHEL 3 / 4 : Solaris client in Satellite Server (RHSA-2008:0525)
  • NASL family Windows
    NASL id VMWARE_MULTIPLE_VMSA_2008_0005.NASL
    description VMware products installed on the remote host are affected by multiple vulnerabilities : - The 'authd' process is affected by a privilege escalation vulnerability that could allow an attacker to execute arbitrary code with system level privileges or cause a denial of service condition. - A feature in VMware workstation version 6.0.2 could allow anonymous console access to guest host via VIX API, which could result in unauthorized access. This feature has been disabled in version 6.0.3. - Windows based VMware hosts are affected by a privilege escalation vulnerability. By manipulating 'config.ini' an attacker may be able to gain elevated privileges by hijacking the VMware VMX process. - Multiple VMware products are affected by a directory traversal vulnerability. If a Windows based VMware host is configured to allow shared access from a guest host to a folder on the Host system (HGFS), it may be possible to gain access to the Host file system from guest OS and create/modify arbitrary executable files. VMware Server is not affected by this vulnerability. - Multiple VMware products hosted on a Windows 2000 host are affected by a privilege escalation vulnerability. - Multiple VMware products are vulnerable to a potential denial of service attack.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 31729
    published 2008-04-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31729
    title VMware Products Multiple Vulnerabilities (VMSA-2008-0005)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0264.NASL
    description Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Two denial-of-service flaws were fixed in ZLib. (CVE-2005-2096, CVE-2005-1849) Multiple flaws were fixed in OpenSSL. (CVE-2006-4343, CVE-2006-4339, CVE-2006-3738, CVE-2006-2940, CVE-2006-2937, CVE-2005-2969) Multiple flaws were fixed in Python. (CVE-2007-4965, CVE-2007-2052, CVE-2006-4980, CVE-2006-1542) Users of Red Hat Network Satellite Server 5.0.1 are advised to upgrade to 5.0.2, which resolves these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43836
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43836
    title RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0264)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1195.NASL
    description Multiple vulnerabilities have been discovered in the OpenSSL cryptographic software package that could allow an attacker to launch a denial of service attack by exhausting system resources or crashing processes on a victim's computer. - CVE-2006-3738 Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. - CVE-2006-4343 Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code. Where a client application uses OpenSSL to make a SSLv2 connection to a malicious server that server could cause the client to crash. - CVE-2006-2940 Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC ( www.niscc.gov.uk). When the test suite was run against OpenSSL a DoS was discovered. Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 22881
    published 2006-10-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22881
    title Debian DSA-1195-1 : openssl096 - denial of service (multiple)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0629.NASL
    description Red Hat Network Satellite Server version 5.1.1 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Several flaws in Zlib were discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream was opened by a user. (CVE-2005-2096, CVE-2005-1849) A buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). A flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) An attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 was used an attacker could, potentially, forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around was vulnerable to a man-in-the-middle attack which allowed a remote user to force an SSL connection to use SSL 2.0, rather than a stronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969) During OpenSSL parsing of certain invalid ASN.1 structures, an error condition was mishandled. This could result in an infinite loop which consumed system memory (CVE-2006-2937). Certain public key types could take disproportionate amounts of time to process in OpenSSL, leading to a denial of service. (CVE-2006-2940) A flaw was discovered in the Python repr() function's handling of UTF-32/UCS-4 strings. If an application used the repr() function on untrusted data, this could lead to a denial of service or, possibly, allow the execution of arbitrary code with the privileges of the application using the flawed function. (CVE-2006-4980) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This could, potentially, cause disclosure of data stored in the memory of an application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or, possibly, execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965) A stack-based buffer overflow was discovered in the Python interpreter, which could allow a local user to gain privileges by running a script with a long name from the current working directory. (CVE-2006-1542) Users of Red Hat Network Satellite Server should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43839
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43839
    title RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0629)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_121230-02.NASL
    description SunOS 5.10_x86: libssl patch. Date this patch was last updated by Sun : Apr/23/07
    last seen 2019-01-19
    modified 2019-01-18
    plugin id 107877
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107877
    title Solaris 10 (x86) : 121230-02
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_121230.NASL
    description SunOS 5.10_x86: libssl patch. Date this patch was last updated by Sun : Apr/23/07
    last seen 2018-09-01
    modified 2018-08-13
    plugin id 20275
    published 2005-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20275
    title Solaris 10 (x86) : 121230-02
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL8106.NASL
    description F5 Product Development has determined that the BIG-IP and Enterprise Manager products use a vulnerable version of OpenSSL; however, the vulnerable code is not used in either TMM or in Apache on the BIG-IP system. The vulnerability is considered to be a local vulnerability and cannot be exploited remotely.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 86017
    published 2015-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86017
    title F5 Networks BIG-IP : OpenSSL SSL_get_shared_ciphers vulnerability (SOL8106)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-178.NASL
    description Openssl recently had several vulnerabilities which were patched (CVE-2006-2937,2940,3738,4339, 4343). Some versions of ntp are built against a static copy of the SSL libraries. As a precaution an updated copy built against the new libraries in being made available.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 24564
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24564
    title Mandrake Linux Security Advisory : ntp (MDKSA-2006:178)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENSSL-2141.NASL
    description A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937 / CVE-2006-2940 / CVE-2006-3738 / CVE-2006-4343.
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 29542
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29542
    title SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 2141)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0695.NASL
    description Updated OpenSSL packages are now available to correct several security issues. This update has been rated as having important security impact by the Red Hat Security Response Team. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging. Tavis Ormandy and Will Drewry of the Google Security Team discovered a flaw in the SSLv2 client code. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) Dr S. N. Henson of the OpenSSL core team and Open Network Security recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered denial of service vulnerabilities : * Certain public key types can take disproportionate amounts of time to process, leading to a denial of service. (CVE-2006-2940) * During parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). This issue does not affect the OpenSSL version distributed in Red Hat Enterprise Linux 2.1. These vulnerabilities can affect applications which use OpenSSL to parse ASN.1 data from untrusted sources, including SSL servers which enable client authentication and S/MIME applications. Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 22472
    published 2006-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22472
    title RHEL 2.1 / 3 / 4 : openssl (RHSA-2006:0695)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_0F37D765C5D411DB9F82000E0C2E438A.NASL
    description Several problems have been found in OpenSSL : - During the parsing of certain invalid ASN1 structures an error condition is mishandled, possibly resulting in an infinite loop. - A buffer overflow exists in the SSL_get_shared_ciphers function. - A NULL pointer may be dereferenced in the SSL version 2 client code. In addition, many applications using OpenSSL do not perform any validation of the lengths of public keys being used. Impact : Servers which parse ASN1 data from untrusted sources may be vulnerable to a denial of service attack. An attacker accessing a server which uses SSL version 2 may be able to execute arbitrary code with the privileges of that server. A malicious SSL server can cause clients connecting using SSL version 2 to crash. Applications which perform public key operations using untrusted keys may be vulnerable to a denial of service attack. Workaround : No workaround is available, but not all of the vulnerabilities mentioned affect all applications.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 24719
    published 2007-02-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24719
    title FreeBSD : OpenSSL -- Multiple problems in crypto(3) (0f37d765-c5d4-11db-9f82-000e0c2e438a)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0695.NASL
    description Updated OpenSSL packages are now available to correct several security issues. This update has been rated as having important security impact by the Red Hat Security Response Team. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging. Tavis Ormandy and Will Drewry of the Google Security Team discovered a flaw in the SSLv2 client code. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) Dr S. N. Henson of the OpenSSL core team and Open Network Security recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered denial of service vulnerabilities : * Certain public key types can take disproportionate amounts of time to process, leading to a denial of service. (CVE-2006-2940) * During parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). This issue does not affect the OpenSSL version distributed in Red Hat Enterprise Linux 2.1. These vulnerabilities can affect applications which use OpenSSL to parse ASN.1 data from untrusted sources, including SSL servers which enable client authentication and S/MIME applications. Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 22484
    published 2006-10-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22484
    title CentOS 3 / 4 : openssl (CESA-2006:0695)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1185.NASL
    description The fix used to correct CVE-2006-2940 introduced code that could lead to the use of uninitialized memory. Such use is likely to cause the application using the openssl library to crash, and has the potential to allow an attacker to cause the execution of arbitrary code. For reference please find below the original advisory text : Multiple vulnerabilities have been discovered in the OpenSSL cryptographic software package that could allow an attacker to launch a denial of service attack by exhausting system resources or crashing processes on a victim's computer. - CVE-2006-2937 Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). When the test suite was run against OpenSSL two denial of service vulnerabilities were discovered. During the parsing of certain invalid ASN1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory. Any code which uses OpenSSL to parse ASN1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications. - CVE-2006-3738 Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. - CVE-2006-4343 Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code. Where a client application uses OpenSSL to make a SSLv2 connection to a malicious server that server could cause the client to crash. - CVE-2006-2940 Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). When the test suite was run against OpenSSL a DoS was discovered. Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 22727
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22727
    title Debian DSA-1185-2 : openssl - denial of service
  • NASL family Web Servers
    NASL id OPENSSL_0_9_7L_0_9_8D.NASL
    description According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.7l or 0.9.8d. As such, it is affected by multiple vulnerabilities : - A remote attacker could trigger a denial of service, either via malformed ASN.1 structures or specially crafted public keys. (CVE-2006-2937, CVE-2006-3738) - A remote attacker could execute arbitrary code on the remote server by exploiting a buffer overflow in the SSL_get_shared_ciphers function. (CVE-2006-2940) - A remote attacker could crash a client by sending an invalid server Hello. (CVE-2006-4343)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 17757
    published 2012-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17757
    title OpenSSL < 0.9.7l / 0.9.8d Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_COMPAT-OPENSSL097G-2171.NASL
    description A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4339 and CVE-2006-4343.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27187
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27187
    title openSUSE 10 Security Update : compat-openssl097g (compat-openssl097g-2171)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2006-0695.NASL
    description From Red Hat Security Advisory 2006:0695 : Updated OpenSSL packages are now available to correct several security issues. This update has been rated as having important security impact by the Red Hat Security Response Team. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging. Tavis Ormandy and Will Drewry of the Google Security Team discovered a flaw in the SSLv2 client code. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) Dr S. N. Henson of the OpenSSL core team and Open Network Security recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered denial of service vulnerabilities : * Certain public key types can take disproportionate amounts of time to process, leading to a denial of service. (CVE-2006-2940) * During parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). This issue does not affect the OpenSSL version distributed in Red Hat Enterprise Linux 2.1. These vulnerabilities can affect applications which use OpenSSL to parse ASN.1 data from untrusted sources, including SSL servers which enable client authentication and S/MIME applications. Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 67411
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67411
    title Oracle Linux 3 : openssl (ELSA-2006-0695)
  • NASL family Misc.
    NASL id XEROX_XRX07_001.NASL
    description According to its model number and software version, the remote host is a Xerox WorkCentre device that reportedly suffers from multiple issues in the ESS / Network Controller that could allow remote execution of arbitrary code on the affected device, initiation of denial of service attacks, and forgery of digital certificates.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 25637
    published 2007-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25637
    title Xerox WorkCentre Multiple OpenSSL Vulnerabilities (XRX07-001)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENSSL-2140.NASL
    description A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738 and CVE-2006-4343.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27368
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27368
    title openSUSE 10 Security Update : openssl (openssl-2140)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2006-0661.NASL
    description Updated OpenSSL packages are now available to correct several security issues. This update has been rated as having important security impact by the Red Hat Security Response Team. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. These vulnerabilities can affect applications which use OpenSSL to parse ASN.1 data from untrusted sources, including SSL servers which enable client authentication and S/MIME applications. Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system. From Red Hat Security Advisory 2006:0695 : Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging. Tavis Ormandy and Will Drewry of the Google Security Team discovered a flaw in the SSLv2 client code. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) Dr S. N. Henson of the OpenSSL core team and Open Network Security recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered denial of service vulnerabilities : * Certain public key types can take disproportionate amounts of time to process, leading to a denial of service. (CVE-2006-2940) * During parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). This issue does not affect the OpenSSL version distributed in Red Hat Enterprise Linux 2.1. From Red Hat Security Advisory 2006:0661 : Daniel Bleichenbacher recently described an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. The Google Security Team discovered that OpenSSL is vulnerable to this attack. This issue affects applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) This errata also resolves a problem where a customized ca-bundle.crt file was overwritten when the openssl package was upgraded.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67405
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67405
    title Oracle Linux 4 : openssl (ELSA-2006-0695 / ELSA-2006-0661)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-353-1.NASL
    description Dr. Henson of the OpenSSL core team and Open Network Security discovered a mishandled error condition in the ASN.1 parser. By sending specially crafted packet data, a remote attacker could exploit this to trigger an infinite loop, which would render the service unusable and consume all available system memory. (CVE-2006-2937) Certain types of public key could take disproportionate amounts of time to process. The library now limits the maximum key exponent size to avoid Denial of Service attacks. (CVE-2006-2940) Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() function. By sending specially crafted packets to applications that use this function (like Exim, MySQL, or the openssl command line tool), a remote attacker could exploit this to execute arbitrary code with the server's privileges. (CVE-2006-3738) Tavis Ormandy and Will Drewry of the Google Security Team reported that the get_server_hello() function did not sufficiently check the client's session certificate. This could be exploited to crash clients by remote attackers sending specially crafted SSL responses. (CVE-2006-4343). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 27933
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27933
    title Ubuntu 5.04 / 5.10 / 6.06 LTS : openssl vulnerabilities (USN-353-1)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_121229-02.NASL
    description SunOS 5.10: libssl patch. Date this patch was last updated by Sun : Apr/23/07
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 107376
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107376
    title Solaris 10 (sparc) : 121229-02
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_113713.NASL
    description SunOS 5.9: pkg utilities Patch. Date this patch was last updated by Sun : Apr/05/11
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 13543
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13543
    title Solaris 9 (sparc) : 113713-30
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_114568.NASL
    description SunOS 5.9_x86: pkg utilities Patch. Date this patch was last updated by Sun : Apr/05/11
    last seen 2018-09-02
    modified 2016-12-09
    plugin id 13606
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13606
    title Solaris 9 (x86) : 114568-29
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-522-1.NASL
    description It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes. (CVE-2007-3108) Moritz Jodeit discovered that OpenSSL's SSL_get_shared_ciphers function did not correctly check the size of the buffer it was writing to. A remote attacker could exploit this to write one NULL byte past the end of an application's cipher list buffer, possibly leading to arbitrary code execution or a denial of service. (CVE-2007-5135). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28127
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28127
    title Ubuntu 6.06 LTS / 6.10 / 7.04 : openssl vulnerabilities (USN-522-1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-177.NASL
    description Openssl recently had several vulnerabilities which were patched (CVE-2006-2937,2940,3738,4339, 4343). Some MySQL versions are built against a static copy of the SSL libraries. As a precaution an updated copy built against the new libraries in being made available.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 24563
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24563
    title Mandrake Linux Security Advisory : MySQL (MDKSA-2006:177)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_121229.NASL
    description SunOS 5.10: libssl patch. Date this patch was last updated by Sun : Apr/23/07
    last seen 2018-09-01
    modified 2018-08-13
    plugin id 20272
    published 2005-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20272
    title Solaris 10 (sparc) : 121229-02
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-172.NASL
    description Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). When the test suite was run against OpenSSL two denial of service vulnerabilities were discovered. During the parsing of certain invalid ASN1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory. (CVE-2006-2937) Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. (CVE-2006-2940) Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. (CVE-2006-3738) Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code. Where a client application uses OpenSSL to make a SSLv2 connection to a malicious server that server could cause the client to crash. (CVE-2006-4343) Updated packages are patched to address these issues. Update : There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 24558
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24558
    title Mandrake Linux Security Advisory : openssl (MDKSA-2006:172-1)
  • NASL family Web Servers
    NASL id OPENSSL_0_9_8M.NASL
    description According to its banner, the remote web server uses a version of OpenSSL older than 0.9.8m. Such versions have the following vulnerabilities : - Session renegotiations are not handled properly, which could be exploited to insert arbitrary plaintext by a man-in-the-middle. (CVE-2009-3555) - The library does not check for a NULL return value from calls to the bn_wexpand() function, which has unspecified impact. (CVE-2009-3245) - A memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c allows remote attackers to cause a denial of service via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function. (CVE-2008-1678, CVE-2009-4355) For this vulnerability to be exploitable, compression must be enabled in OpenSSL for SSL/TLS connections.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 45039
    published 2010-03-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45039
    title OpenSSL < 0.9.8m Multiple Vulnerabilities
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2006-272-01.NASL
    description New openssl packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 22467
    published 2006-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22467
    title Slackware 10.0 / 10.1 / 10.2 / 9.0 / 9.1 / current : openssl (SSA:2006-272-01)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200612-11.NASL
    description The remote host is affected by the vulnerability described in GLSA-200612-11 (AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities) Tavis Ormandy and Will Drewry, both of the Google Security Team, discovered that the SSL_get_shared_ciphers() function contains a buffer overflow vulnerability, and that the SSLv2 client code contains a flaw leading to a crash. Additionally, Dr. Stephen N. Henson found that the ASN.1 handler contains two Denial of Service vulnerabilities: while parsing an invalid ASN.1 structure and while handling certain types of public key. Impact : An attacker could trigger the buffer overflow by sending a malicious suite of ciphers to an application using the vulnerable function, and thus execute arbitrary code with the rights of the user running the application. An attacker could also consume CPU and/or memory by exploiting the Denial of Service vulnerabilities. Finally, a malicious server could crash a SSLv2 client through the SSLv2 vulnerability. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 23863
    published 2006-12-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23863
    title GLSA-200612-11 : AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1379.NASL
    description An off-by-one error has been identified in the SSL_get_shared_ciphers() routine in the libssl library from OpenSSL, an implementation of Secure Socket Layer cryptographic libraries and utilities. This error could allow an attacker to crash an application making use of OpenSSL's libssl library, or potentially execute arbitrary code in the security context of the user running such an application.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 26209
    published 2007-10-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26209
    title Debian DSA-1379-1 : openssl - off-by-one error/buffer overflow
  • NASL family SuSE Local Security Checks
    NASL id SUSE_COMPAT-OPENSSL097G-2163.NASL
    description A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937 / CVE-2006-2940 / CVE-2006-3738 / CVE-2006-4339 / CVE-2006-4343.
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 29405
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29405
    title SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 2163)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL6734.NASL
    description The remote BIG-IP device is missing a patch required by a security advisory.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78213
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78213
    title F5 Networks BIG-IP : Local OpenSSL vulnerabilities (SOL6734)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200610-11.NASL
    description The remote host is affected by the vulnerability described in GLSA-200610-11 (OpenSSL: Multiple vulnerabilities) Tavis Ormandy and Will Drewry, both of the Google Security Team, discovered that the SSL_get_shared_ciphers() function contains a buffer overflow vulnerability, and that the SSLv2 client code contains a flaw leading to a crash. Additionally Dr. Stephen N. Henson found that the ASN.1 handler contains two Denial of Service vulnerabilities: while parsing an invalid ASN.1 structure and while handling certain types of public key. Impact : An attacker could trigger the buffer overflow vulnerability by sending a malicious suite of ciphers to an application using the vulnerable function, and thus execute arbitrary code with the rights of the user running the application. An attacker could also consume CPU and/or memory by exploiting the Denial of Service vulnerabilities. Finally a malicious server could crash a SSLv2 client through the SSLv2 vulnerability. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 22914
    published 2006-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22914
    title GLSA-200610-11 : OpenSSL: Multiple vulnerabilities
oval via4
  • accepted 2013-04-29T04:03:31.280-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    description The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
    family unix
    id oval:org.mitre.oval:def:10207
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
    version 23
  • accepted 2008-01-14T04:00:06.896-05:00
    class vulnerability
    contributors
    name Todd Dolinsky
    organization Hewlett-Packard
    definition_extensions
    • comment Solaris 10 (SPARC) is installed
      oval oval:org.mitre.oval:def:1440
    • comment Solaris 10 (x86) is installed
      oval oval:org.mitre.oval:def:1926
    description The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
    family unix
    id oval:org.mitre.oval:def:4356
    status accepted
    submitted 2007-12-04T09:53:52.000-05:00
    title Security Vulnerabilities in OpenSSL May Lead to a Denial of Service (DoS) to Applications or Execution of Arbitrary Code With Elevated Privileges
    version 30
packetstorm via4
data source https://packetstormsecurity.com/files/download/62019/openssl-dos.txt
id PACKETSTORM:62019
last seen 2016-12-05
published 2007-12-24
reporter Noam Rathaus
source https://packetstormsecurity.com/files/62019/openssl-dos.txt.html
title openssl-dos.txt
redhat via4
advisories
  • bugzilla
    id 207276
    title CVE-2006-2937 OpenSSL ASN1 DoS
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhsa:tst:20060015001
      • OR
        • AND
          • comment openssl is earlier than 0:0.9.7a-33.21
            oval oval:com.redhat.rhsa:tst:20060695002
          • comment openssl is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060695003
        • AND
          • comment openssl-devel is earlier than 0:0.9.7a-33.21
            oval oval:com.redhat.rhsa:tst:20060695004
          • comment openssl-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060695005
        • AND
          • comment openssl-perl is earlier than 0:0.9.7a-33.21
            oval oval:com.redhat.rhsa:tst:20060695006
          • comment openssl-perl is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060695007
        • AND
          • comment openssl096b is earlier than 0:0.9.6b-16.46
            oval oval:com.redhat.rhsa:tst:20060695008
          • comment openssl096b is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060695009
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhsa:tst:20060016001
      • OR
        • AND
          • comment openssl is earlier than 0:0.9.7a-43.14
            oval oval:com.redhat.rhsa:tst:20060695011
          • comment openssl is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060695003
        • AND
          • comment openssl-devel is earlier than 0:0.9.7a-43.14
            oval oval:com.redhat.rhsa:tst:20060695013
          • comment openssl-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060695005
        • AND
          • comment openssl-perl is earlier than 0:0.9.7a-43.14
            oval oval:com.redhat.rhsa:tst:20060695012
          • comment openssl-perl is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060695007
        • AND
          • comment openssl096b is earlier than 0:0.9.6b-22.46
            oval oval:com.redhat.rhsa:tst:20060695014
          • comment openssl096b is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060695009
    rhsa
    id RHSA-2006:0695
    released 2006-09-28
    severity Important
    title RHSA-2006:0695: openssl security update (Important)
  • rhsa
    id RHSA-2008:0629
rpms
  • openssl-0:0.9.7a-33.21
  • openssl-devel-0:0.9.7a-33.21
  • openssl-perl-0:0.9.7a-33.21
  • openssl096b-0:0.9.6b-16.46
  • openssl-0:0.9.7a-43.14
  • openssl-devel-0:0.9.7a-43.14
  • openssl-perl-0:0.9.7a-43.14
  • openssl096b-0:0.9.6b-22.46
refmap via4
apple APPLE-SA-2006-11-28
bid
  • 20246
  • 22083
  • 28276
bugtraq
  • 20060928 rPSA-2006-0175-1 openssl openssl-scripts
  • 20060929 rPSA-2006-0175-2 openssl openssl-scripts
  • 20070110 VMware ESX server security updates
  • 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
cert TA06-333A
cert-vn VU#386964
cisco
  • 20061108 Multiple Vulnerabilities in OpenSSL Library
  • 20061108 Multiple Vulnerabilities in OpenSSL library
confirm
debian
  • DSA-1185
  • DSA-1195
exploit-db 4773
freebsd FreeBSD-SA-06:23.openssl
fulldisc 20060928 [SECURITY] OpenSSL 0.9.8d and 0.9.7l released
gentoo
  • GLSA-200610-11
  • GLSA-200612-11
hp
  • HPSBMA02250
  • HPSBOV02683
  • HPSBTU02207
  • HPSBUX02174
  • HPSBUX02186
  • SSRT061213
  • SSRT061239
  • SSRT061275
  • SSRT071299
  • SSRT071304
  • SSRT090208
mandriva
  • MDKSA-2006:172
  • MDKSA-2006:177
  • MDKSA-2006:178
mlist [security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
netbsd NetBSD-SA2008-007
openbsd [3.9] 20061007 013: SECURITY FIX: October 7, 2006
openpkg OpenPKG-SA-2006.021
osvdb 29263
sectrack
  • 1016943
  • 1017522
secunia
  • 22094
  • 22116
  • 22130
  • 22165
  • 22166
  • 22172
  • 22186
  • 22193
  • 22207
  • 22212
  • 22216
  • 22220
  • 22240
  • 22259
  • 22260
  • 22284
  • 22298
  • 22330
  • 22385
  • 22460
  • 22487
  • 22500
  • 22544
  • 22626
  • 22758
  • 22772
  • 22791
  • 22799
  • 23038
  • 23155
  • 23280
  • 23309
  • 23340
  • 23680
  • 23794
  • 23915
  • 24950
  • 25420
  • 25889
  • 26329
  • 30124
  • 31492
sgi 20061001-01-P
slackware SSA:2006-272-01
sunalert
  • 102668
  • 102711
  • 201531
suse
  • SUSE-SA:2006:058
  • SUSE-SR:2006:024
trustix 2006-0054
ubuntu USN-353-1
vupen
  • ADV-2006-3820
  • ADV-2006-3860
  • ADV-2006-3869
  • ADV-2006-3902
  • ADV-2006-3936
  • ADV-2006-4036
  • ADV-2006-4264
  • ADV-2006-4401
  • ADV-2006-4417
  • ADV-2006-4443
  • ADV-2006-4750
  • ADV-2007-0343
  • ADV-2007-1401
  • ADV-2007-1973
  • ADV-2007-2783
  • ADV-2008-0905
xf openssl-sslv2-client-dos(29240)
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 29-07-2013 - 11:07
Published 28-09-2006 - 14:07
Last modified 17-10-2018 - 17:36
Back to Top