Vulnerabilites related to avaya - intuity_audix
cve-2004-0079
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2025-01-16 17:33
Severity ?
EPSS score ?
Summary
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:01:23.689Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "FEDORA-2005-1042", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", }, { name: "ESA-20040317-003", tags: [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "SSRT4717", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "oval:org.mitre.oval:def:2621", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", "x_transferred", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "17381", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17381", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "oval:org.mitre.oval:def:9779", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", }, { name: "oval:org.mitre.oval:def:975", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "FreeBSD-SA-04:05", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", }, { name: "NetBSD-SA2004-005", tags: [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "17401", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17401", }, { name: "RHSA-2005:829", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-829.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", }, { name: "oval:org.mitre.oval:def:870", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", }, { name: "RHSA-2005:830", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-830.html", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", }, { name: "APPLE-SA-2005-08-15", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "17398", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17398", }, { name: "SSA:2004-077", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "RHSA-2004:139", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "openssl-dochangecipherspec-dos(15505)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "VU#288574", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/288574", }, { name: "DSA-465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-465", }, { name: "APPLE-SA-2005-08-17", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "18247", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18247", }, { name: "oval:org.mitre.oval:def:5770", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2004-0079", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-01-08T16:21:54.985893Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-16T17:33:22.869Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-03-17T00:00:00", descriptions: [ { lang: "en", value: "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "FEDORA-2005-1042", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", }, { name: "ESA-20040317-003", tags: [ "vendor-advisory", "x_refsource_ENGARDE", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "SSRT4717", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "oval:org.mitre.oval:def:2621", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "17381", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17381", }, { tags: [ "x_refsource_MISC", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "oval:org.mitre.oval:def:9779", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", }, { name: "oval:org.mitre.oval:def:975", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "FreeBSD-SA-04:05", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", }, { name: "NetBSD-SA2004-005", tags: [ "vendor-advisory", "x_refsource_NETBSD", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "17401", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17401", }, { name: "RHSA-2005:829", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-829.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", }, { name: "oval:org.mitre.oval:def:870", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", }, { name: "RHSA-2005:830", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-830.html", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", }, { name: "APPLE-SA-2005-08-15", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "17398", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17398", }, { name: "SSA:2004-077", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "RHSA-2004:139", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "openssl-dochangecipherspec-dos(15505)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "VU#288574", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/288574", }, { name: "DSA-465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-465", }, { name: "APPLE-SA-2005-08-17", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "18247", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18247", }, { name: "oval:org.mitre.oval:def:5770", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0079", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "9899", refsource: "BID", url: "http://www.securityfocus.com/bid/9899", }, { name: "FEDORA-2005-1042", refsource: "FEDORA", url: "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", }, { name: "ESA-20040317-003", refsource: "ENGARDE", url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "SSRT4717", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "oval:org.mitre.oval:def:2621", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", }, { name: "CLA-2004:834", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", refsource: "SCO", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "17381", refsource: "SECUNIA", url: "http://secunia.com/advisories/17381", }, { name: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", refsource: "MISC", url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", refsource: "FEDORA", url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "oval:org.mitre.oval:def:9779", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", }, { name: "oval:org.mitre.oval:def:975", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", }, { name: "57524", refsource: "SUNALERT", url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { name: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", refsource: "CONFIRM", url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { name: "http://www.openssl.org/news/secadv_20040317.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "FreeBSD-SA-04:05", refsource: "FREEBSD", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", }, { name: "NetBSD-SA2004-005", refsource: "NETBSD", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", refsource: "CIAC", url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "17401", refsource: "SECUNIA", url: "http://secunia.com/advisories/17401", }, { name: "RHSA-2005:829", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-829.html", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", refsource: "CONFIRM", url: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", }, { name: "oval:org.mitre.oval:def:870", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", }, { name: "RHSA-2005:830", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-830.html", }, { name: "GLSA-200403-03", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", refsource: "SECUNIA", url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { name: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", refsource: "CONFIRM", url: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", }, { name: "APPLE-SA-2005-08-15", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "17398", refsource: "SECUNIA", url: "http://secunia.com/advisories/17398", }, { name: "SSA:2004-077", refsource: "SLACKWARE", url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "RHSA-2004:139", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "openssl-dochangecipherspec-dos(15505)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", }, { name: "2004-0012", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", refsource: "CISCO", url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { name: "http://docs.info.apple.com/article.html?artnum=61798", refsource: "CONFIRM", url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "VU#288574", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/288574", }, { name: "DSA-465", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-465", }, { name: "APPLE-SA-2005-08-17", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "18247", refsource: "SECUNIA", url: "http://secunia.com/advisories/18247", }, { name: "oval:org.mitre.oval:def:5770", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0079", datePublished: "2004-03-18T05:00:00", dateReserved: "2004-01-19T00:00:00", dateUpdated: "2025-01-16T17:33:22.869Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0495
Vulnerability from cvelistv5
Published
2004-06-23 04:00
Modified
2024-08-08 00:17
Severity ?
EPSS score ?
Summary
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:17:15.147Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2004:255", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-255.html", }, { name: "10566", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/10566", }, { name: "RHSA-2004:260", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-260.html", }, { name: "linux-drivers-gain-privileges(16449)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16449", }, { name: "FEDORA-2004-186", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lwn.net/Articles/91155/", }, { name: "oval:org.mitre.oval:def:2961", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2961", }, { name: "CLA-2004:845", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845", }, { name: "CLA-2004:846", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846", }, { name: "MDKSA-2004:066", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066", }, { name: "oval:org.mitre.oval:def:10155", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10155", }, { name: "GLSA-200407-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200407-02.xml", }, { name: "SUSE-SA:2004:020", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2004_20_kernel.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-06-18T00:00:00", descriptions: [ { lang: "en", value: "Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2004:255", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-255.html", }, { name: "10566", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/10566", }, { name: "RHSA-2004:260", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-260.html", }, { name: "linux-drivers-gain-privileges(16449)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16449", }, { name: "FEDORA-2004-186", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lwn.net/Articles/91155/", }, { name: "oval:org.mitre.oval:def:2961", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2961", }, { name: "CLA-2004:845", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845", }, { name: "CLA-2004:846", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846", }, { name: "MDKSA-2004:066", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066", }, { name: "oval:org.mitre.oval:def:10155", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10155", }, { name: "GLSA-200407-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200407-02.xml", }, { name: "SUSE-SA:2004:020", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2004_20_kernel.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0495", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2004:255", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-255.html", }, { name: "10566", refsource: "BID", url: "http://www.securityfocus.com/bid/10566", }, { name: "RHSA-2004:260", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-260.html", }, { name: "linux-drivers-gain-privileges(16449)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16449", }, { name: "FEDORA-2004-186", refsource: "FEDORA", url: "http://lwn.net/Articles/91155/", }, { name: "oval:org.mitre.oval:def:2961", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2961", }, { name: "CLA-2004:845", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845", }, { name: "CLA-2004:846", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846", }, { name: "MDKSA-2004:066", refsource: "MANDRAKE", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066", }, { name: "oval:org.mitre.oval:def:10155", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10155", }, { name: "GLSA-200407-02", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200407-02.xml", }, { name: "SUSE-SA:2004:020", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2004_20_kernel.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0495", datePublished: "2004-06-23T04:00:00", dateReserved: "2004-05-27T00:00:00", dateUpdated: "2024-08-08T00:17:15.147Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0081
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2024-08-08 00:01
Severity ?
EPSS score ?
Summary
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:01:23.650Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "ESA-20040317-003", tags: [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=107955049331965&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", "x_transferred", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "20040304-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc", }, { name: "openssl-tls-dos(15509)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "oval:org.mitre.oval:def:871", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871", }, { name: "oval:org.mitre.oval:def:11755", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755", }, { name: "VU#465542", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/465542", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "RHSA-2004:119", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2004-119.html", }, { name: "oval:org.mitre.oval:def:902", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902", }, { name: "RHSA-2004:139", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108403850228012&w=2", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { name: "DSA-465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-465", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-03-17T00:00:00", descriptions: [ { lang: "en", value: "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "ESA-20040317-003", tags: [ "vendor-advisory", "x_refsource_ENGARDE", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=107955049331965&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "20040304-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc", }, { name: "openssl-tls-dos(15509)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509", }, { tags: [ "x_refsource_MISC", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "oval:org.mitre.oval:def:871", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871", }, { name: "oval:org.mitre.oval:def:11755", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755", }, { name: "VU#465542", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/465542", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "RHSA-2004:119", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2004-119.html", }, { name: "oval:org.mitre.oval:def:902", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902", }, { name: "RHSA-2004:139", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=108403850228012&w=2", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { name: "DSA-465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-465", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0081", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "9899", refsource: "BID", url: "http://www.securityfocus.com/bid/9899", }, { name: "ESA-20040317-003", refsource: "ENGARDE", url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=107955049331965&w=2", }, { name: "RHSA-2004:121", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "CLA-2004:834", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", refsource: "SCO", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "20040304-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc", }, { name: "openssl-tls-dos(15509)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509", }, { name: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", refsource: "MISC", url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", refsource: "FEDORA", url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "57524", refsource: "SUNALERT", url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "oval:org.mitre.oval:def:871", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871", }, { name: "oval:org.mitre.oval:def:11755", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755", }, { name: "VU#465542", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/465542", }, { name: "TA04-078A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "GLSA-200403-03", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", refsource: "SECUNIA", url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "RHSA-2004:119", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2004-119.html", }, { name: "oval:org.mitre.oval:def:902", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902", }, { name: "RHSA-2004:139", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "2004-0012", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=108403850228012&w=2", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", refsource: "CISCO", url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { name: "DSA-465", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-465", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0081", datePublished: "2004-03-18T05:00:00", dateReserved: "2004-01-19T00:00:00", dateUpdated: "2024-08-08T00:01:23.650Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0112
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:10:03.359Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "SSRT4717", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", "x_transferred", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "NetBSD-SA2004-005", tags: [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "oval:org.mitre.oval:def:1049", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049", }, { name: "openssl-kerberos-ciphersuites-dos(15508)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508", }, { name: "VU#484726", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/484726", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "oval:org.mitre.oval:def:9580", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { name: "APPLE-SA-2005-08-15", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "SSA:2004-077", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "APPLE-SA-2005-08-17", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "oval:org.mitre.oval:def:928", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-03-17T00:00:00", descriptions: [ { lang: "en", value: "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "SSRT4717", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { tags: [ "x_refsource_MISC", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "NetBSD-SA2004-005", tags: [ "vendor-advisory", "x_refsource_NETBSD", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "oval:org.mitre.oval:def:1049", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049", }, { name: "openssl-kerberos-ciphersuites-dos(15508)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508", }, { name: "VU#484726", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/484726", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "oval:org.mitre.oval:def:9580", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { name: "APPLE-SA-2005-08-15", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "SSA:2004-077", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "APPLE-SA-2005-08-17", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "oval:org.mitre.oval:def:928", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0112", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "9899", refsource: "BID", url: "http://www.securityfocus.com/bid/9899", }, { name: "SSRT4717", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "CLA-2004:834", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", refsource: "SCO", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", refsource: "MISC", url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "57524", refsource: "SUNALERT", url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { name: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", refsource: "CONFIRM", url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { name: "http://www.openssl.org/news/secadv_20040317.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "NetBSD-SA2004-005", refsource: "NETBSD", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", refsource: "CIAC", url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "oval:org.mitre.oval:def:1049", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049", }, { name: "openssl-kerberos-ciphersuites-dos(15508)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508", }, { name: "VU#484726", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/484726", }, { name: "GLSA-200403-03", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "oval:org.mitre.oval:def:9580", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580", }, { name: "11139", refsource: "SECUNIA", url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { name: "APPLE-SA-2005-08-15", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "SSA:2004-077", refsource: "SLACKWARE", url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "2004-0012", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", refsource: "CISCO", url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { name: "http://docs.info.apple.com/article.html?artnum=61798", refsource: "CONFIRM", url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "APPLE-SA-2005-08-17", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "oval:org.mitre.oval:def:928", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0112", datePublished: "2004-03-18T05:00:00", dateReserved: "2004-02-02T00:00:00", dateUpdated: "2024-08-08T00:10:03.359Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0554
Vulnerability from cvelistv5
Published
2004-06-15 04:00
Modified
2024-08-08 00:24
Severity ?
EPSS score ?
Summary
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:24:26.084Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20163", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20163", }, { name: "VU#973654", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/973654", }, { name: "oval:org.mitre.oval:def:9426", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9426", }, { name: "DSA-1082", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1082", }, { name: "RHSA-2004:255", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-255.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html", }, { name: "10538", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/10538", }, { name: "RHSA-2004:260", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-260.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905", }, { name: "SuSE-SA:2004:017", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2004_17_kernel.html", }, { name: "2004-0034", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.net/errata/2004/0034/", }, { name: "DSA-1070", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1070", }, { name: "FEDORA-2004-186", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lwn.net/Articles/91155/", }, { name: "20162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20162", }, { name: "20040620 TSSA-2004-011 - kernel", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108786114032681&w=2", }, { name: "ESA-20040621-005", tags: [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108793699910896&w=2", }, { name: "CLA-2004:845", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845", }, { name: "DSA-1067", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1067", }, { name: "linux-dos(16412)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16412", }, { name: "DSA-1069", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1069", }, { name: "oval:org.mitre.oval:def:2915", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2915", }, { name: "MDKSA-2004:062", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062", }, { name: "20202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20202", }, { name: "GLSA-200407-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200407-02.xml", }, { name: "[linux-kernel] 20040609 timer + fpu stuff locks my console race", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://marc.info/?l=linux-kernel&m=108681568931323&w=2", }, { name: "20338", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20338", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-06-11T00:00:00", descriptions: [ { lang: "en", value: "Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a \"crash.c\" program.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20163", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20163", }, { name: "VU#973654", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/973654", }, { name: "oval:org.mitre.oval:def:9426", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9426", }, { name: "DSA-1082", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1082", }, { name: "RHSA-2004:255", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-255.html", }, { tags: [ "x_refsource_MISC", ], url: "http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html", }, { name: "10538", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/10538", }, { name: "RHSA-2004:260", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-260.html", }, { tags: [ "x_refsource_MISC", ], url: "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905", }, { name: "SuSE-SA:2004:017", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2004_17_kernel.html", }, { name: "2004-0034", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.net/errata/2004/0034/", }, { name: "DSA-1070", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1070", }, { name: "FEDORA-2004-186", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lwn.net/Articles/91155/", }, { name: "20162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20162", }, { name: "20040620 TSSA-2004-011 - kernel", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=108786114032681&w=2", }, { name: "ESA-20040621-005", tags: [ "vendor-advisory", "x_refsource_ENGARDE", ], url: "http://marc.info/?l=bugtraq&m=108793699910896&w=2", }, { name: "CLA-2004:845", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845", }, { name: "DSA-1067", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1067", }, { name: "linux-dos(16412)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16412", }, { name: "DSA-1069", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1069", }, { name: "oval:org.mitre.oval:def:2915", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2915", }, { name: "MDKSA-2004:062", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062", }, { name: "20202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20202", }, { name: "GLSA-200407-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200407-02.xml", }, { name: "[linux-kernel] 20040609 timer + fpu stuff locks my console race", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://marc.info/?l=linux-kernel&m=108681568931323&w=2", }, { name: "20338", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20338", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0554", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a \"crash.c\" program.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20163", refsource: "SECUNIA", url: "http://secunia.com/advisories/20163", }, { name: "VU#973654", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/973654", }, { name: "oval:org.mitre.oval:def:9426", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9426", }, { name: "DSA-1082", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1082", }, { name: "RHSA-2004:255", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-255.html", }, { name: "http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html", refsource: "MISC", url: "http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html", }, { name: "10538", refsource: "BID", url: "http://www.securityfocus.com/bid/10538", }, { name: "RHSA-2004:260", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-260.html", }, { name: "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905", refsource: "MISC", url: "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905", }, { name: "SuSE-SA:2004:017", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2004_17_kernel.html", }, { name: "2004-0034", refsource: "TRUSTIX", url: "http://www.trustix.net/errata/2004/0034/", }, { name: "DSA-1070", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1070", }, { name: "FEDORA-2004-186", refsource: "FEDORA", url: "http://lwn.net/Articles/91155/", }, { name: "20162", refsource: "SECUNIA", url: "http://secunia.com/advisories/20162", }, { name: "20040620 TSSA-2004-011 - kernel", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=108786114032681&w=2", }, { name: "ESA-20040621-005", refsource: "ENGARDE", url: "http://marc.info/?l=bugtraq&m=108793699910896&w=2", }, { name: "CLA-2004:845", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845", }, { name: "DSA-1067", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1067", }, { name: "linux-dos(16412)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16412", }, { name: "DSA-1069", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1069", }, { name: "oval:org.mitre.oval:def:2915", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2915", }, { name: "MDKSA-2004:062", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062", }, { name: "20202", refsource: "SECUNIA", url: "http://secunia.com/advisories/20202", }, { name: "GLSA-200407-02", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200407-02.xml", }, { name: "[linux-kernel] 20040609 timer + fpu stuff locks my console race", refsource: "MLIST", url: "http://marc.info/?l=linux-kernel&m=108681568931323&w=2", }, { name: "20338", refsource: "SECUNIA", url: "http://secunia.com/advisories/20338", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0554", datePublished: "2004-06-15T04:00:00", dateReserved: "2004-06-14T00:00:00", dateUpdated: "2024-08-08T00:24:26.084Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-1235
Vulnerability from cvelistv5
Published
2005-01-20 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:46:12.034Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20163", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20163", }, { name: "DSA-1082", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1082", }, { name: "MDKSA-2005:022", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022", }, { name: "RHSA-2005:017", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-017.html", }, { name: "FLSA:2336", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://bugzilla.fedora.us/show_bug.cgi?id=2336", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.securityfocus.com/advisories/7804", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://isec.pl/vulnerabilities/isec-0021-uselib.txt", }, { name: "DSA-1070", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1070", }, { name: "RHSA-2005:016", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-016.html", }, { name: "20162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20162", }, { name: "RHSA-2005:043", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-043.html", }, { name: "2005-0001", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.org/errata/2005/0001/", }, { name: "RHSA-2005:092", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-092.html", }, { name: "DSA-1067", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1067", }, { name: "FEDORA-2005-014", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.securityfocus.com/advisories/7805", }, { name: "DSA-1069", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1069", }, { name: "CLA-2005:930", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930", }, { name: "SUSE-SR:2005:001", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2005_01_sr.html", }, { name: "12190", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/12190", }, { name: "linux-uselib-gain-privileges(18800)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800", }, { name: "20050107 Linux kernel sys_uselib local root vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=110512575901427&w=2", }, { name: "oval:org.mitre.oval:def:9567", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567", }, { name: "FEDORA-2005-013", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.securityfocus.com/advisories/7806", }, { name: "20202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20202", }, { name: "20338", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20338", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-01-07T00:00:00", descriptions: [ { lang: "en", value: "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20163", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20163", }, { name: "DSA-1082", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1082", }, { name: "MDKSA-2005:022", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022", }, { name: "RHSA-2005:017", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-017.html", }, { name: "FLSA:2336", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://bugzilla.fedora.us/show_bug.cgi?id=2336", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.securityfocus.com/advisories/7804", }, { tags: [ "x_refsource_MISC", ], url: "http://isec.pl/vulnerabilities/isec-0021-uselib.txt", }, { name: "DSA-1070", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1070", }, { name: "RHSA-2005:016", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-016.html", }, { name: "20162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20162", }, { name: "RHSA-2005:043", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-043.html", }, { name: "2005-0001", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.org/errata/2005/0001/", }, { name: "RHSA-2005:092", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-092.html", }, { name: "DSA-1067", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1067", }, { name: "FEDORA-2005-014", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.securityfocus.com/advisories/7805", }, { name: "DSA-1069", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1069", }, { name: "CLA-2005:930", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930", }, { name: "SUSE-SR:2005:001", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2005_01_sr.html", }, { name: "12190", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/12190", }, { name: "linux-uselib-gain-privileges(18800)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800", }, { name: "20050107 Linux kernel sys_uselib local root vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=110512575901427&w=2", }, { name: "oval:org.mitre.oval:def:9567", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567", }, { name: "FEDORA-2005-013", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.securityfocus.com/advisories/7806", }, { name: "20202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20202", }, { name: "20338", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20338", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-1235", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20163", refsource: "SECUNIA", url: "http://secunia.com/advisories/20163", }, { name: "DSA-1082", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1082", }, { name: "MDKSA-2005:022", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022", }, { name: "RHSA-2005:017", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-017.html", }, { name: "FLSA:2336", refsource: "FEDORA", url: "https://bugzilla.fedora.us/show_bug.cgi?id=2336", }, { name: "http://www.securityfocus.com/advisories/7804", refsource: "CONFIRM", url: "http://www.securityfocus.com/advisories/7804", }, { name: "http://isec.pl/vulnerabilities/isec-0021-uselib.txt", refsource: "MISC", url: "http://isec.pl/vulnerabilities/isec-0021-uselib.txt", }, { name: "DSA-1070", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1070", }, { name: "RHSA-2005:016", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-016.html", }, { name: "20162", refsource: "SECUNIA", url: "http://secunia.com/advisories/20162", }, { name: "RHSA-2005:043", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-043.html", }, { name: "2005-0001", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2005/0001/", }, { name: "RHSA-2005:092", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-092.html", }, { name: "DSA-1067", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1067", }, { name: "FEDORA-2005-014", refsource: "FEDORA", url: "http://www.securityfocus.com/advisories/7805", }, { name: "DSA-1069", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1069", }, { name: "CLA-2005:930", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930", }, { name: "SUSE-SR:2005:001", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2005_01_sr.html", }, { name: "12190", refsource: "BID", url: "http://www.securityfocus.com/bid/12190", }, { name: "linux-uselib-gain-privileges(18800)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800", }, { name: "20050107 Linux kernel sys_uselib local root vulnerability", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=110512575901427&w=2", }, { name: "oval:org.mitre.oval:def:9567", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567", }, { name: "FEDORA-2005-013", refsource: "FEDORA", url: "http://www.securityfocus.com/advisories/7806", }, { name: "20202", refsource: "SECUNIA", url: "http://secunia.com/advisories/20202", }, { name: "20338", refsource: "SECUNIA", url: "http://secunia.com/advisories/20338", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-1235", datePublished: "2005-01-20T05:00:00", dateReserved: "2004-12-15T00:00:00", dateUpdated: "2024-08-08T00:46:12.034Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-0003
Vulnerability from cvelistv5
Published
2005-01-20 05:00
Modified
2024-08-07 20:57
Severity ?
EPSS score ?
Summary
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T20:57:40.741Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20163", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20163", }, { name: "DSA-1082", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1082", }, { name: "MDKSA-2005:022", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022", }, { name: "SUSE-SA:2005:018", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2005_18_kernel.html", }, { name: "RHSA-2005:017", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-017.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw", }, { name: "DSA-1070", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1070", }, { name: "linux-vma-gain-privileges(18886)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/18886", }, { name: "RHSA-2005:043", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-043.html", }, { name: "2005-0001", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.org/errata/2005/0001/", }, { name: "12261", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/12261", }, { name: "oval:org.mitre.oval:def:9512", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512", }, { name: "DSA-1067", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1067", }, { name: "DSA-1069", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1069", }, { name: "1012885", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1012885", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://linux.bkbits.net:8080/linux-2.6/cset%4041a6721cce-LoPqkzKXudYby_3TUmg", }, { name: "20202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20202", }, { name: "20338", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20338", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-01-13T00:00:00", descriptions: [ { lang: "en", value: "The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20163", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20163", }, { name: "DSA-1082", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1082", }, { name: "MDKSA-2005:022", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022", }, { name: "SUSE-SA:2005:018", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2005_18_kernel.html", }, { name: "RHSA-2005:017", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-017.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw", }, { name: "DSA-1070", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1070", }, { name: "linux-vma-gain-privileges(18886)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/18886", }, { name: "RHSA-2005:043", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-043.html", }, { name: "2005-0001", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.org/errata/2005/0001/", }, { name: "12261", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/12261", }, { name: "oval:org.mitre.oval:def:9512", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512", }, { name: "DSA-1067", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1067", }, { name: "DSA-1069", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1069", }, { name: "1012885", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1012885", }, { tags: [ "x_refsource_MISC", ], url: "http://linux.bkbits.net:8080/linux-2.6/cset%4041a6721cce-LoPqkzKXudYby_3TUmg", }, { name: "20202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20202", }, { name: "20338", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20338", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-0003", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20163", refsource: "SECUNIA", url: "http://secunia.com/advisories/20163", }, { name: "DSA-1082", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1082", }, { name: "MDKSA-2005:022", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022", }, { name: "SUSE-SA:2005:018", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2005_18_kernel.html", }, { name: "RHSA-2005:017", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-017.html", }, { name: "http://linux.bkbits.net:8080/linux-2.4/cset@41c36fb6q1Z68WUzKQFjJR-40Ev3tw", refsource: "CONFIRM", url: "http://linux.bkbits.net:8080/linux-2.4/cset@41c36fb6q1Z68WUzKQFjJR-40Ev3tw", }, { name: "DSA-1070", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1070", }, { name: "linux-vma-gain-privileges(18886)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/18886", }, { name: "RHSA-2005:043", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-043.html", }, { name: "2005-0001", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2005/0001/", }, { name: "12261", refsource: "BID", url: "http://www.securityfocus.com/bid/12261", }, { name: "oval:org.mitre.oval:def:9512", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512", }, { name: "DSA-1067", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1067", }, { name: "DSA-1069", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1069", }, { name: "1012885", refsource: "SECTRACK", url: "http://securitytracker.com/id?1012885", }, { name: "http://linux.bkbits.net:8080/linux-2.6/cset@41a6721cce-LoPqkzKXudYby_3TUmg", refsource: "MISC", url: "http://linux.bkbits.net:8080/linux-2.6/cset@41a6721cce-LoPqkzKXudYby_3TUmg", }, { name: "20202", refsource: "SECUNIA", url: "http://secunia.com/advisories/20202", }, { name: "20338", refsource: "SECUNIA", url: "http://secunia.com/advisories/20338", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-0003", datePublished: "2005-01-20T05:00:00", dateReserved: "2005-01-03T00:00:00", dateUpdated: "2024-08-07T20:57:40.741Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2004-08-06 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", vulnerable: true, }, { criteria: "cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*", matchCriteriaId: "9BFF29C7-E5AA-44EB-B1A9-602B3692D893", vulnerable: true, }, { criteria: "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", matchCriteriaId: "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*", matchCriteriaId: "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*", matchCriteriaId: "F677E992-8D37-438F-97DF-9D98B28F020C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*", matchCriteriaId: "A399D94B-D08D-4454-A07A-6634C9AE612F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", matchCriteriaId: "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", matchCriteriaId: "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*", matchCriteriaId: "040991B8-FB4B-480B-B53B-AA7A884F9F19", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*", matchCriteriaId: "59688C40-C92F-431E-ADD7-6782622862D3", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*", matchCriteriaId: "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", matchCriteriaId: "142BCD48-8387-4D0C-A052-44DD4144CBFF", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", matchCriteriaId: "E8220D81-9065-471F-9256-CFE7B9941555", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", matchCriteriaId: "D2A55C17-C530-4898-BC95-DE4D495F0D7C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", matchCriteriaId: "2C14A949-E2B8-4100-8ED4-645CB996B08A", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", matchCriteriaId: "EB445E3E-CCBD-4737-BE30-841B9A79D558", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", matchCriteriaId: "F5301E27-8021-467C-A9A2-AF2137EF0299", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", matchCriteriaId: "79787868-2D77-4B55-AD61-C2B357CCE047", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", matchCriteriaId: "2B3F27D3-8F1D-4576-A584-1E2059CC67B1", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", matchCriteriaId: "FB5D260C-AE1C-47E9-A88C-B9C2B4349249", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*", matchCriteriaId: "A0934C49-5F88-4189-BD88-2F32C39C2F25", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", matchCriteriaId: "AA9958C6-AB7D-4B67-9AA7-42B628CBC391", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*", matchCriteriaId: "14B0A230-4054-4483-A3A7-9A5A286C7552", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", matchCriteriaId: "2641EE56-6F9D-400B-B456-877F4DA79B10", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "E0B458EA-495E-40FA-9379-C03757F7B1EE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", matchCriteriaId: "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", matchCriteriaId: "81B543F9-C209-46C2-B0AE-E14818A6992E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "EC79FF22-2664-4C40-B0B3-6D23B5F45162", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", matchCriteriaId: "DB89C970-DE94-4E09-A90A-077DB83AD156", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:7:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "F7840155-DCF0-4C34-815B-71F872D31A20", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "28CD54FE-D682-4063-B7C3-8B29B26B39AD", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", matchCriteriaId: "37F124FE-15F1-49D7-9E03-8E036CE1A20C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", matchCriteriaId: "F8C55338-3372-413F-82E3-E1B476D6F41A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", matchCriteriaId: "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", matchCriteriaId: "56EF103F-5668-4754-A83B-D3662D0CE815", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", matchCriteriaId: "CFABFCE5-4F86-4AE8-9849-BC360AC72098", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", matchCriteriaId: "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_email_server:3.1:*:*:*:*:*:*:*", matchCriteriaId: "A451599B-5F4F-4D7F-B5EF-3AE9F9B89D62", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_email_server:iii:*:*:*:*:*:*:*", matchCriteriaId: "BD74DAB4-A68E-4748-BC43-2285FC9804D6", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_admin-cd_for_firewall:*:*:*:*:*:*:*:*", matchCriteriaId: "52E04F16-A0C7-4B0C-A70E-2CA683E0C33B", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*", matchCriteriaId: "941DFF67-E9F6-41F0-A5CB-90105733327D", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*", matchCriteriaId: "117BBA08-9C1B-4CAC-A418-B044D69C27D1", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_firewall_cd:*:*:*:*:*:*:*:*", matchCriteriaId: "52F8C98F-E10C-4FE8-96E7-27426F369E78", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*", matchCriteriaId: "2FDDFB81-4DFE-416A-BCE1-ED96AC3E69B5", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_office_server:*:*:*:*:*:*:*:*", matchCriteriaId: "18BAE686-972A-4756-9E5D-CF2830700891", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C3E6C4A8-59F4-43EE-8413-E95289037598", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FE76357A-27E6-4D85-9AA0-1BB658C41568", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C56C5FDB-24E2-479D-87CA-164CD28567D3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", vulnerable: true, }, { criteria: "cpe:2.3:o:conectiva:linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "CD14661C-E3BE-44DF-BC8D-294322BF23EA", vulnerable: true, }, { criteria: "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "F4007B0D-9606-46BD-866A-7911BEA292BE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.", }, { lang: "es", value: "Múltiples vulnerabilidades desconocidas en el kernel de Linux 2.4 y 2.6 permiten a usuarios locales ganar privilegios o acceder a memoria del kernel, como se ha encontrado mediante la herramienta de comprobación de código fuente \"Sparse\".", }, ], id: "CVE-2004-0495", lastModified: "2024-11-20T23:48:43.133", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-08-06T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845", }, { source: "cve@mitre.org", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846", }, { source: "cve@mitre.org", url: "http://lwn.net/Articles/91155/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200407-02.xml", }, { source: "cve@mitre.org", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2004_20_kernel.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2004-255.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-260.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/10566", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16449", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10155", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lwn.net/Articles/91155/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200407-02.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2004_20_kernel.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2004-255.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-260.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/10566", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16449", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10155", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2961", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-01-16 18:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", matchCriteriaId: "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "B9CAFC15-178C-4176-9668-D4A04B63E77B", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "3C8D6949-89F4-40EF-98F4-8D15628DC345", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", matchCriteriaId: "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", matchCriteriaId: "6479D85C-1A12-486D-818C-6679F415CA26", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", matchCriteriaId: "287CF5FA-D0EC-4FD7-9718-973587EF34DF", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", matchCriteriaId: "C88168D4-7DB5-4720-8640-400BB680D0FD", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", matchCriteriaId: "968915A1-375B-4C69-BE11-9A393F7F1B0F", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", matchCriteriaId: "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", matchCriteriaId: "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", matchCriteriaId: "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", matchCriteriaId: "2A4C5F60-B32D-4D85-BA28-AE11972ED614", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "6A5935C3-3D83-461F-BC26-E03362115C42", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", matchCriteriaId: "80AC523B-3106-46F2-B760-803DCF8061F4", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "F8B8D6F3-D15D-489F-A807-17E63F4831F2", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", matchCriteriaId: "808189BA-197F-49CE-933E-A728F395749C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", matchCriteriaId: "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", matchCriteriaId: "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", matchCriteriaId: "7BC2983F-5212-464B-AC21-8A897DEC1F58", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", matchCriteriaId: "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "BF2D00AC-FA2A-4C39-B796-DC19072862CF", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", matchCriteriaId: "441BE3A0-20F4-4972-B279-19B3DB5FA14D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", matchCriteriaId: "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", matchCriteriaId: "00EAEA17-033A-4A50-8E39-D61154876D2F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", matchCriteriaId: "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", matchCriteriaId: "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", matchCriteriaId: "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", matchCriteriaId: "DD7C441E-444B-4DF5-8491-86805C70FB99", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", matchCriteriaId: "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", matchCriteriaId: "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", matchCriteriaId: "771931F7-9180-4EBD-8627-E1CF17D24647", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", matchCriteriaId: "EDD9BE2B-7255-4FC1-B452-E8370632B03F", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", matchCriteriaId: "32310AFE-38CC-4C6C-AE13-54C18720F2C0", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", matchCriteriaId: "AC46909F-DDFC-448B-BCDF-1EB343F96630", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", matchCriteriaId: "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "EC79FF22-2664-4C40-B0B3-6D23B5F45162", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", matchCriteriaId: "0EFE2E73-9536-41A9-B83B-0A06B54857F4", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", matchCriteriaId: "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", matchCriteriaId: "E562907F-D915-4030-847A-3C6834A80D4E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", matchCriteriaId: "138985E6-5107-4E8B-A801-C3D5FE075227", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "038FEDE7-986F-4CA5-9003-BA68352B87D4", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", matchCriteriaId: "1E140F76-D078-4F58-89CF-3278CDCB9AF3", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", matchCriteriaId: "D9D76A8D-832B-411E-A458-186733C66010", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", matchCriteriaId: "580BA1FE-0826-47A7-8BD3-9225E0841EDD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", matchCriteriaId: "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", matchCriteriaId: "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", matchCriteriaId: "E72872C9-63AF-417F-BFAE-92B4D350C006", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", matchCriteriaId: "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", matchCriteriaId: "970939C5-1E6F-47B6-97E6-7B2C1E019985", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", matchCriteriaId: "CD1F4148-E772-4708-8C1F-D67F969C11DA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", matchCriteriaId: "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", matchCriteriaId: "09458CD7-D430-4957-8506-FAB2A3E2AA65", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", matchCriteriaId: "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F8B87C95-4B34-4628-AD03-67D1DE13E097", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", matchCriteriaId: "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E237919A-416B-4039-AAD2-7FAE1F4E100D", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "39149924-188C-40C1-B598-A9CD407C90DE", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", matchCriteriaId: "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E6501108-5455-48FE-AA82-37AFA5D7EC24", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", matchCriteriaId: "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", matchCriteriaId: "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", matchCriteriaId: "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", matchCriteriaId: "CCF6D59E-8AEA-4380-B86B-0803B2202F16", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", matchCriteriaId: "140ABF28-FA39-4D77-AEB2-304962ED48C2", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", matchCriteriaId: "09473DD9-5114-44C5-B56C-6630FBEBCACB", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", matchCriteriaId: "D36C140D-E80C-479A-ADA7-18E901549059", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "940712E9-B041-4B7F-BD02-7DD0AE596D65", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "03B887A2-9025-4C5B-8901-71BC63BF5293", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "33264586-7160-4550-9FF9-4101D72F5C9B", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CE5E6521-0611-4473-82AC-21655F10FEC0", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", matchCriteriaId: "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", matchCriteriaId: "8C83ABA2-87CD-429B-9800-590F8256B064", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "0A1A0B02-CF33-401F-9AB2-D595E586C795", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", matchCriteriaId: "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", matchCriteriaId: "90FB3825-21A6-4DBE-8188-67672DBE01CB", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", matchCriteriaId: "80623E58-8B46-4559-89A4-C329AACF3CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", matchCriteriaId: "AEE6C228-CD93-4636-868B-C19BC1674BE6", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", matchCriteriaId: "A645148C-AD0D-46C1-BEE3-10F5C9066279", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", matchCriteriaId: "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "02029D75-FAF2-4842-9246-079C7DE36417", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*", matchCriteriaId: "E0146341-364C-4085-A2E1-BC8C260FBA3D", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", matchCriteriaId: "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", matchCriteriaId: "B8496E0D-2507-4C25-A122-0B846CBCA72A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", matchCriteriaId: "8E383F2A-DFCF-47F8-94EE-3563D41EA597", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", matchCriteriaId: "D2D87EF0-056E-4128-89EB-2803ED83DEE9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", matchCriteriaId: "BB3163C1-2044-44DA-9C88-076D75FDF1EB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", matchCriteriaId: "07E1B690-C58B-4C08-A757-F3DF451FDAAA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", matchCriteriaId: "31F0E14C-7681-4D1A-B982-A51E450B93A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", matchCriteriaId: "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", matchCriteriaId: "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", matchCriteriaId: "37A94436-D092-4C7E-B87B-63BC621EE82E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", matchCriteriaId: "862165CF-3CFB-4C6E-8238-86FA85F243C8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", matchCriteriaId: "056F3336-BAA8-4A03-90B4-7B31710FC1B3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", matchCriteriaId: "9FDC2510-FBB9-429A-B6D4-10AB11F93960", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", matchCriteriaId: "5D45127E-A544-40A0-9D34-BD70D95C9772", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", matchCriteriaId: "56C69C3E-C895-45C8-8182-7BB412A0C828", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", matchCriteriaId: "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D4D9564B-B92E-4C97-87FF-B56D62DCA775", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", matchCriteriaId: "B931D4F8-23F5-4ABA-A457-959995D30C58", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", matchCriteriaId: "BE6A023E-9C2A-487F-B5CE-674C766BFE75", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", matchCriteriaId: "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2A045971-8756-47E8-9044-C39D08B36F1F", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAA95881-7231-4FDA-AF73-04DF9FF0B64C", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*", matchCriteriaId: "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "44E85930-3AAD-420B-8E3E-AEC57344F6C4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*", matchCriteriaId: "00993464-BE09-4691-B3F0-51BBA9FB80C3", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*", matchCriteriaId: "896AB39E-2078-4BA2-9522-477BD5F98FD1", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*", matchCriteriaId: "EB9279EC-47CF-45F1-B4CC-B2B332E82E34", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E7300C3E-8105-4C23-89B9-7D29CED18C15", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*", matchCriteriaId: "90C59DB2-48DA-4172-A1F5-25CF3B5097AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*", matchCriteriaId: "715F4E0B-7E4B-4520-A987-9B3ED3136B75", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*", matchCriteriaId: "9CA1F606-C558-40FD-9300-6E2796F47BA8", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A037FAA6-6D26-4496-BC67-03475B4D1155", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D3831DD3-E783-4200-8986-FDBF7DD9BA53", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", matchCriteriaId: "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", matchCriteriaId: "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", matchCriteriaId: "699764B6-0F86-4AB0-86A3-4F2E69AD820C", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", matchCriteriaId: "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", matchCriteriaId: "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", matchCriteriaId: "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", matchCriteriaId: "41169D2F-4F16-466A-82E9-AD0735472B5B", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", matchCriteriaId: "947699C3-D9DE-411A-99C0-44ADD1D2223A", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", matchCriteriaId: "15F668C0-8420-4401-AB0F-479575596CF0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", matchCriteriaId: "CDDCC7B6-34CA-4551-9833-306B93E517BD", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", matchCriteriaId: "6D69C160-39F7-48B8-B9A3-CC86690453C0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", matchCriteriaId: "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8FA6420B-9F6A-48F4-A445-12B60A320347", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", matchCriteriaId: "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", matchCriteriaId: "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", matchCriteriaId: "180D07AE-C571-4DD6-837C-43E2A946007A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", matchCriteriaId: "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", matchCriteriaId: "90789533-C741-4B1C-A24B-2C77B9E4DE5F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", matchCriteriaId: "1520065B-46D7-48A4-B9D0-5B49F690C5B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", matchCriteriaId: "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", matchCriteriaId: "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", matchCriteriaId: "494E48E7-EF86-4860-9A53-94F6C313746E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", matchCriteriaId: "45A518E8-21BE-4C5C-B425-410AB1208E9C", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", matchCriteriaId: "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", matchCriteriaId: "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", matchCriteriaId: "85BFEED5-4941-41BB-93D1-CD5C2A41290E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", matchCriteriaId: "78E79A05-64F3-4397-952C-A5BB950C967D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", matchCriteriaId: "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", matchCriteriaId: "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", matchCriteriaId: "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", matchCriteriaId: "088F2FF7-96E5-455E-A35B-D99F9854EC6E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", matchCriteriaId: "FFA721BF-1B2E-479F-BF25-02D441BF175B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", matchCriteriaId: "AFEDCE49-21CC-4168-818F-4C638EE3B077", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", matchCriteriaId: "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", matchCriteriaId: "26430687-409B-448F-934B-06AB937DDF63", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", matchCriteriaId: "DF1A5808-6D5D-48AD-9470-5A6510D17913", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", matchCriteriaId: "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", matchCriteriaId: "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8D09E11C-C5BB-409E-BB0D-7F351250419B", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", matchCriteriaId: "6B06A05D-AA31-441D-9FC2-3558648C3B7E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C0886901-6F93-44C1-B774-84D7E5D9554C", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "3F203A80-7C1E-4A04-8E99-63525E176753", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "CA0A204C-158B-4014-A53C-75E0CD63E0DE", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "085BA581-7DA5-4FA4-A888-351281FD0A7D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*", matchCriteriaId: "EA1C4B3C-5701-4233-BA94-28915713F9C8", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*", matchCriteriaId: "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "0F85F672-0F21-4AD7-8620-13D82F2ECC22", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*", matchCriteriaId: "89070041-613A-4F7B-BD6A-C6091D21FC52", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "D9A71933-4BD5-4B11-8B14-D997E75F29CD", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "5B6BE11D-FC02-4950-A554-08CC9D8B1853", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*", matchCriteriaId: "B80ADAE8-94D4-46A4-A5ED-FF134D808B52", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*", matchCriteriaId: "69FA0221-5073-4D45-950F-119497B53FED", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*", matchCriteriaId: "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*", matchCriteriaId: "2CC1A110-B203-4962-8E1A-74BD98121AF6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*", matchCriteriaId: "B5A92C4D-B024-4D39-9479-409C39586F64", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*", matchCriteriaId: "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*", matchCriteriaId: "5E8998CC-E372-46D0-8339-47DC8D92D253", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*", matchCriteriaId: "AF131FDC-BF8D-4A17-99F0-444EB900E83D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*", matchCriteriaId: "880811B3-E78E-456E-972E-DE733F368576", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*", matchCriteriaId: "22411F18-2B93-405A-A3B5-2CF0A04977C6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*", matchCriteriaId: "C71188B7-E6DC-41E5-B619-367341113501", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "07491444-0196-4504-A971-A5E388B86BBA", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*", matchCriteriaId: "72BC6CD2-3291-4E69-8DC6-F3AB853F8931", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CD43EDDF-58A7-4705-B8C7-FD76C35A437D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*", matchCriteriaId: "A7C2E603-568F-40F6-9A7C-439E2A51B37F", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*", matchCriteriaId: "703421A7-E8C5-450B-97EF-FD9D99D4B834", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", matchCriteriaId: "9519BCB2-B401-44CE-97F6-847BB36AE45F", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", matchCriteriaId: "BBE573E8-DD94-4293-99AE-27B9067B3ED9", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", matchCriteriaId: "D14413DA-5199-4282-9E22-D347E9D8E469", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "05CC5F49-0E9E-45D8-827D-A5940566DB25", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", matchCriteriaId: "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", matchCriteriaId: "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", matchCriteriaId: "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", matchCriteriaId: "8CE38F15-BD42-4171-8670-86AA8169A60C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C3E6C4A8-59F4-43EE-8413-E95289037598", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FE76357A-27E6-4D85-9AA0-1BB658C41568", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C56C5FDB-24E2-479D-87CA-164CD28567D3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", vulnerable: true, }, { criteria: "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", matchCriteriaId: "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "12DE5E22-DF93-46BE-85A3-D4E04379E901", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "BF28C435-C036-4507-8E3F-44E722F9974A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", matchCriteriaId: "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", matchCriteriaId: "408A9DB0-81EF-4186-B338-44954E67289B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", matchCriteriaId: "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", matchCriteriaId: "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", matchCriteriaId: "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", matchCriteriaId: "FED22DC1-E06B-4511-B920-6DAB792262D8", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", matchCriteriaId: "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "F757B2A7-869F-4702-81EB-466317A79D61", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", matchCriteriaId: "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", vulnerable: true, }, { criteria: "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", matchCriteriaId: "64AF1E33-4086-43E2-8F54-DA75A99D4B75", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", matchCriteriaId: "53D16F03-A4C7-4497-AB74-499F208FF059", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", matchCriteriaId: "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", matchCriteriaId: "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C558CED8-8342-46CB-9F52-580B626D320E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0F85D19E-6C26-429D-B876-F34238B9DAAF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", matchCriteriaId: "09063867-0E64-4630-B35B-4CCA348E4DAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", matchCriteriaId: "78F98CD7-A352-483C-9968-8FB2627A7CBD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E2B925E8-D2C2-4E8C-AC21-0C422245C482", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "B9170562-872E-4C32-869C-B10FF35A925E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "D0927A68-8BB2-4F03-8396-E9CACC158FC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "559DDBA3-2AF4-4A0C-B219-6779BA931F21", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", matchCriteriaId: "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5226C9CC-6933-4F10-B426-B47782C606FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "757DAE9A-B25D-4B8A-A41B-66C2897B537E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5E3DC170-E279-4725-B9EE-6840B5685CC9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", matchCriteriaId: "8091EDA9-BD18-47F7-8CEC-E086238647C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", matchCriteriaId: "6F867890-74A4-4892-B99A-27DB4603B873", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CE05B514-F094-4632-B25B-973F976F6409", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3392428D-1A85-4472-A276-C482A78E2CE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", matchCriteriaId: "40954985-16E6-4F37-B014-6A55166AE093", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", matchCriteriaId: "0C097809-1FEF-4417-A201-42291CC29122", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.", }, { lang: "es", value: "La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo.", }, ], id: "CVE-2004-0079", lastModified: "2025-01-16T18:15:19.483", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2004-11-23T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/11139", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17381", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17398", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17401", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/18247", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2004/dsa-465", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/288574", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2005-829.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2005-830.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.trustix.org/errata/2004/0012", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/11139", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17381", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17398", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17401", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/18247", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2004/dsa-465", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/288574", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2005-829.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2005-830.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.trustix.org/errata/2004/0012", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", }, ], sourceIdentifier: "cve@mitre.org", vendorComments: [ { comment: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", lastModified: "2007-03-14T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2004-08-06 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", vulnerable: true, }, { criteria: "cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*", matchCriteriaId: "9BFF29C7-E5AA-44EB-B1A9-602B3692D893", vulnerable: true, }, { criteria: "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", matchCriteriaId: "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*", matchCriteriaId: "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*", matchCriteriaId: "F677E992-8D37-438F-97DF-9D98B28F020C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*", matchCriteriaId: "A399D94B-D08D-4454-A07A-6634C9AE612F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", matchCriteriaId: "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", matchCriteriaId: "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*", matchCriteriaId: "040991B8-FB4B-480B-B53B-AA7A884F9F19", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*", matchCriteriaId: "59688C40-C92F-431E-ADD7-6782622862D3", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*", matchCriteriaId: "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", matchCriteriaId: "142BCD48-8387-4D0C-A052-44DD4144CBFF", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", matchCriteriaId: "E8220D81-9065-471F-9256-CFE7B9941555", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", matchCriteriaId: "D2A55C17-C530-4898-BC95-DE4D495F0D7C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", matchCriteriaId: "2C14A949-E2B8-4100-8ED4-645CB996B08A", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", matchCriteriaId: "EB445E3E-CCBD-4737-BE30-841B9A79D558", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", matchCriteriaId: "F5301E27-8021-467C-A9A2-AF2137EF0299", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", matchCriteriaId: "79787868-2D77-4B55-AD61-C2B357CCE047", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", matchCriteriaId: "2B3F27D3-8F1D-4576-A584-1E2059CC67B1", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", matchCriteriaId: "FB5D260C-AE1C-47E9-A88C-B9C2B4349249", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*", matchCriteriaId: "A0934C49-5F88-4189-BD88-2F32C39C2F25", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", matchCriteriaId: "AA9958C6-AB7D-4B67-9AA7-42B628CBC391", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*", matchCriteriaId: "14B0A230-4054-4483-A3A7-9A5A286C7552", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", matchCriteriaId: "2641EE56-6F9D-400B-B456-877F4DA79B10", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "E0B458EA-495E-40FA-9379-C03757F7B1EE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", matchCriteriaId: "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", matchCriteriaId: "81B543F9-C209-46C2-B0AE-E14818A6992E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "EC79FF22-2664-4C40-B0B3-6D23B5F45162", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", matchCriteriaId: "DB89C970-DE94-4E09-A90A-077DB83AD156", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:7:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "F7840155-DCF0-4C34-815B-71F872D31A20", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "28CD54FE-D682-4063-B7C3-8B29B26B39AD", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", matchCriteriaId: "37F124FE-15F1-49D7-9E03-8E036CE1A20C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", matchCriteriaId: "F8C55338-3372-413F-82E3-E1B476D6F41A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", matchCriteriaId: "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", matchCriteriaId: "56EF103F-5668-4754-A83B-D3662D0CE815", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", matchCriteriaId: "CFABFCE5-4F86-4AE8-9849-BC360AC72098", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", matchCriteriaId: "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_email_server:3.1:*:*:*:*:*:*:*", matchCriteriaId: "A451599B-5F4F-4D7F-B5EF-3AE9F9B89D62", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_email_server:iii:*:*:*:*:*:*:*", matchCriteriaId: "BD74DAB4-A68E-4748-BC43-2285FC9804D6", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_admin-cd_for_firewall:*:*:*:*:*:*:*:*", matchCriteriaId: "52E04F16-A0C7-4B0C-A70E-2CA683E0C33B", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*", matchCriteriaId: "941DFF67-E9F6-41F0-A5CB-90105733327D", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*", matchCriteriaId: "117BBA08-9C1B-4CAC-A418-B044D69C27D1", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_firewall_cd:*:*:*:*:*:*:*:*", matchCriteriaId: "52F8C98F-E10C-4FE8-96E7-27426F369E78", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*", matchCriteriaId: "2FDDFB81-4DFE-416A-BCE1-ED96AC3E69B5", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_office_server:*:*:*:*:*:*:*:*", matchCriteriaId: "18BAE686-972A-4756-9E5D-CF2830700891", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C3E6C4A8-59F4-43EE-8413-E95289037598", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FE76357A-27E6-4D85-9AA0-1BB658C41568", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C56C5FDB-24E2-479D-87CA-164CD28567D3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", vulnerable: true, }, { criteria: "cpe:2.3:o:conectiva:linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "CD14661C-E3BE-44DF-BC8D-294322BF23EA", vulnerable: true, }, { criteria: "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "F4007B0D-9606-46BD-866A-7911BEA292BE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a \"crash.c\" program.", }, { lang: "es", value: "El kernel de Linux 2.4.2x y 2.6.x para x86 permite a usuarios locales causar una denegación de servicio (caída del sistema), posiblemente mediante un bucle infinito que dispara un manejador de señal con una cierta secuencia de instrucciones fsave y fstor, originalmente demostrado con el programa \"crash.c\".", }, ], id: "CVE-2004-0554", lastModified: "2024-11-20T23:48:50.800", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-08-06T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845", }, { source: "cve@mitre.org", url: "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905", }, { source: "cve@mitre.org", url: "http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html", }, { source: "cve@mitre.org", url: "http://lwn.net/Articles/91155/", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108786114032681&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108793699910896&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=linux-kernel&m=108681568931323&w=2", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/20162", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/20163", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/20202", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/20338", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200407-02.xml", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1067", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1069", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1070", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1082", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/973654", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2004_17_kernel.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-255.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-260.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/10538", }, { source: "cve@mitre.org", url: "http://www.trustix.net/errata/2004/0034/", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16412", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2915", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9426", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lwn.net/Articles/91155/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108786114032681&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108793699910896&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=linux-kernel&m=108681568931323&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/20162", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/20163", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/20202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/20338", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200407-02.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1067", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1069", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/973654", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2004_17_kernel.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-255.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-260.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/10538", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.trustix.net/errata/2004/0034/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16412", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2915", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9426", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", matchCriteriaId: "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "B9CAFC15-178C-4176-9668-D4A04B63E77B", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "3C8D6949-89F4-40EF-98F4-8D15628DC345", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", matchCriteriaId: "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", matchCriteriaId: "6479D85C-1A12-486D-818C-6679F415CA26", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", matchCriteriaId: "287CF5FA-D0EC-4FD7-9718-973587EF34DF", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", matchCriteriaId: "C88168D4-7DB5-4720-8640-400BB680D0FD", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", matchCriteriaId: "968915A1-375B-4C69-BE11-9A393F7F1B0F", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", matchCriteriaId: "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", matchCriteriaId: "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", matchCriteriaId: "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", matchCriteriaId: "2A4C5F60-B32D-4D85-BA28-AE11972ED614", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "6A5935C3-3D83-461F-BC26-E03362115C42", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", matchCriteriaId: "80AC523B-3106-46F2-B760-803DCF8061F4", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "F8B8D6F3-D15D-489F-A807-17E63F4831F2", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", matchCriteriaId: "808189BA-197F-49CE-933E-A728F395749C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", matchCriteriaId: "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", matchCriteriaId: "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", matchCriteriaId: "7BC2983F-5212-464B-AC21-8A897DEC1F58", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", matchCriteriaId: "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "BF2D00AC-FA2A-4C39-B796-DC19072862CF", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", matchCriteriaId: "441BE3A0-20F4-4972-B279-19B3DB5FA14D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", matchCriteriaId: "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", matchCriteriaId: "00EAEA17-033A-4A50-8E39-D61154876D2F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", matchCriteriaId: "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", matchCriteriaId: "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", matchCriteriaId: "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", matchCriteriaId: "DD7C441E-444B-4DF5-8491-86805C70FB99", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", matchCriteriaId: "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", matchCriteriaId: "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", matchCriteriaId: "771931F7-9180-4EBD-8627-E1CF17D24647", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", matchCriteriaId: "EDD9BE2B-7255-4FC1-B452-E8370632B03F", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", matchCriteriaId: "32310AFE-38CC-4C6C-AE13-54C18720F2C0", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", matchCriteriaId: "AC46909F-DDFC-448B-BCDF-1EB343F96630", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", matchCriteriaId: "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "EC79FF22-2664-4C40-B0B3-6D23B5F45162", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", matchCriteriaId: "0EFE2E73-9536-41A9-B83B-0A06B54857F4", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", matchCriteriaId: "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", matchCriteriaId: "E562907F-D915-4030-847A-3C6834A80D4E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", matchCriteriaId: "138985E6-5107-4E8B-A801-C3D5FE075227", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "038FEDE7-986F-4CA5-9003-BA68352B87D4", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", matchCriteriaId: "1E140F76-D078-4F58-89CF-3278CDCB9AF3", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", matchCriteriaId: "D9D76A8D-832B-411E-A458-186733C66010", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", matchCriteriaId: "580BA1FE-0826-47A7-8BD3-9225E0841EDD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", matchCriteriaId: "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", matchCriteriaId: "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", matchCriteriaId: "E72872C9-63AF-417F-BFAE-92B4D350C006", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", matchCriteriaId: "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", matchCriteriaId: "970939C5-1E6F-47B6-97E6-7B2C1E019985", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", matchCriteriaId: "CD1F4148-E772-4708-8C1F-D67F969C11DA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", matchCriteriaId: "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", matchCriteriaId: "09458CD7-D430-4957-8506-FAB2A3E2AA65", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", matchCriteriaId: "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F8B87C95-4B34-4628-AD03-67D1DE13E097", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", matchCriteriaId: "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E237919A-416B-4039-AAD2-7FAE1F4E100D", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "39149924-188C-40C1-B598-A9CD407C90DE", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", matchCriteriaId: "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E6501108-5455-48FE-AA82-37AFA5D7EC24", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", matchCriteriaId: "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", matchCriteriaId: "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", matchCriteriaId: "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", matchCriteriaId: "CCF6D59E-8AEA-4380-B86B-0803B2202F16", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", matchCriteriaId: "140ABF28-FA39-4D77-AEB2-304962ED48C2", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", matchCriteriaId: "09473DD9-5114-44C5-B56C-6630FBEBCACB", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", matchCriteriaId: "D36C140D-E80C-479A-ADA7-18E901549059", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "940712E9-B041-4B7F-BD02-7DD0AE596D65", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "03B887A2-9025-4C5B-8901-71BC63BF5293", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "33264586-7160-4550-9FF9-4101D72F5C9B", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CE5E6521-0611-4473-82AC-21655F10FEC0", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", matchCriteriaId: "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", matchCriteriaId: "8C83ABA2-87CD-429B-9800-590F8256B064", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "0A1A0B02-CF33-401F-9AB2-D595E586C795", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", matchCriteriaId: "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", matchCriteriaId: "90FB3825-21A6-4DBE-8188-67672DBE01CB", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", matchCriteriaId: "80623E58-8B46-4559-89A4-C329AACF3CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", matchCriteriaId: "AEE6C228-CD93-4636-868B-C19BC1674BE6", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", matchCriteriaId: "A645148C-AD0D-46C1-BEE3-10F5C9066279", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", matchCriteriaId: "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation:*:*:*:*:*:*:*", matchCriteriaId: "C48F4DF4-8091-45D0-9F80-F760500B1202", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "02029D75-FAF2-4842-9246-079C7DE36417", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", matchCriteriaId: "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", matchCriteriaId: "B8496E0D-2507-4C25-A122-0B846CBCA72A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", matchCriteriaId: "8E383F2A-DFCF-47F8-94EE-3563D41EA597", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", matchCriteriaId: "D2D87EF0-056E-4128-89EB-2803ED83DEE9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", matchCriteriaId: "BB3163C1-2044-44DA-9C88-076D75FDF1EB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", matchCriteriaId: "07E1B690-C58B-4C08-A757-F3DF451FDAAA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", matchCriteriaId: "31F0E14C-7681-4D1A-B982-A51E450B93A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", matchCriteriaId: "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", matchCriteriaId: "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", matchCriteriaId: "37A94436-D092-4C7E-B87B-63BC621EE82E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", matchCriteriaId: "862165CF-3CFB-4C6E-8238-86FA85F243C8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", matchCriteriaId: "056F3336-BAA8-4A03-90B4-7B31710FC1B3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", matchCriteriaId: "9FDC2510-FBB9-429A-B6D4-10AB11F93960", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", matchCriteriaId: "5D45127E-A544-40A0-9D34-BD70D95C9772", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", matchCriteriaId: "56C69C3E-C895-45C8-8182-7BB412A0C828", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", matchCriteriaId: "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D4D9564B-B92E-4C97-87FF-B56D62DCA775", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", matchCriteriaId: "B931D4F8-23F5-4ABA-A457-959995D30C58", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", matchCriteriaId: "BE6A023E-9C2A-487F-B5CE-674C766BFE75", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", matchCriteriaId: "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2A045971-8756-47E8-9044-C39D08B36F1F", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAA95881-7231-4FDA-AF73-04DF9FF0B64C", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*", matchCriteriaId: "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "44E85930-3AAD-420B-8E3E-AEC57344F6C4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*", matchCriteriaId: "00993464-BE09-4691-B3F0-51BBA9FB80C3", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*", matchCriteriaId: "896AB39E-2078-4BA2-9522-477BD5F98FD1", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*", matchCriteriaId: "EB9279EC-47CF-45F1-B4CC-B2B332E82E34", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E7300C3E-8105-4C23-89B9-7D29CED18C15", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*", matchCriteriaId: "90C59DB2-48DA-4172-A1F5-25CF3B5097AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*", matchCriteriaId: "715F4E0B-7E4B-4520-A987-9B3ED3136B75", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*", matchCriteriaId: "9CA1F606-C558-40FD-9300-6E2796F47BA8", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A037FAA6-6D26-4496-BC67-03475B4D1155", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D3831DD3-E783-4200-8986-FDBF7DD9BA53", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", matchCriteriaId: "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", matchCriteriaId: "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", matchCriteriaId: "699764B6-0F86-4AB0-86A3-4F2E69AD820C", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", matchCriteriaId: "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", matchCriteriaId: "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", matchCriteriaId: "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", matchCriteriaId: "41169D2F-4F16-466A-82E9-AD0735472B5B", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", matchCriteriaId: "947699C3-D9DE-411A-99C0-44ADD1D2223A", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", matchCriteriaId: "15F668C0-8420-4401-AB0F-479575596CF0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", matchCriteriaId: "CDDCC7B6-34CA-4551-9833-306B93E517BD", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", matchCriteriaId: "6D69C160-39F7-48B8-B9A3-CC86690453C0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", matchCriteriaId: "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8FA6420B-9F6A-48F4-A445-12B60A320347", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", matchCriteriaId: "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", matchCriteriaId: "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", matchCriteriaId: "180D07AE-C571-4DD6-837C-43E2A946007A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", matchCriteriaId: "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", matchCriteriaId: "90789533-C741-4B1C-A24B-2C77B9E4DE5F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", matchCriteriaId: "1520065B-46D7-48A4-B9D0-5B49F690C5B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", matchCriteriaId: "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", matchCriteriaId: "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", matchCriteriaId: "494E48E7-EF86-4860-9A53-94F6C313746E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", matchCriteriaId: "45A518E8-21BE-4C5C-B425-410AB1208E9C", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", matchCriteriaId: "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", matchCriteriaId: "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", matchCriteriaId: "85BFEED5-4941-41BB-93D1-CD5C2A41290E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", matchCriteriaId: "78E79A05-64F3-4397-952C-A5BB950C967D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", matchCriteriaId: "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", matchCriteriaId: "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", matchCriteriaId: "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", matchCriteriaId: "088F2FF7-96E5-455E-A35B-D99F9854EC6E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", matchCriteriaId: "FFA721BF-1B2E-479F-BF25-02D441BF175B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", matchCriteriaId: "AFEDCE49-21CC-4168-818F-4C638EE3B077", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", matchCriteriaId: "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", matchCriteriaId: "26430687-409B-448F-934B-06AB937DDF63", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", matchCriteriaId: "DF1A5808-6D5D-48AD-9470-5A6510D17913", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", matchCriteriaId: "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", matchCriteriaId: "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8D09E11C-C5BB-409E-BB0D-7F351250419B", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", matchCriteriaId: "6B06A05D-AA31-441D-9FC2-3558648C3B7E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C0886901-6F93-44C1-B774-84D7E5D9554C", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "3F203A80-7C1E-4A04-8E99-63525E176753", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "CA0A204C-158B-4014-A53C-75E0CD63E0DE", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "085BA581-7DA5-4FA4-A888-351281FD0A7D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*", matchCriteriaId: "EA1C4B3C-5701-4233-BA94-28915713F9C8", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*", matchCriteriaId: "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "0F85F672-0F21-4AD7-8620-13D82F2ECC22", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*", matchCriteriaId: "89070041-613A-4F7B-BD6A-C6091D21FC52", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "D9A71933-4BD5-4B11-8B14-D997E75F29CD", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "5B6BE11D-FC02-4950-A554-08CC9D8B1853", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*", matchCriteriaId: "B80ADAE8-94D4-46A4-A5ED-FF134D808B52", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*", matchCriteriaId: "69FA0221-5073-4D45-950F-119497B53FED", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*", matchCriteriaId: "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*", matchCriteriaId: "2CC1A110-B203-4962-8E1A-74BD98121AF6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*", matchCriteriaId: "B5A92C4D-B024-4D39-9479-409C39586F64", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*", matchCriteriaId: "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*", matchCriteriaId: "5E8998CC-E372-46D0-8339-47DC8D92D253", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*", matchCriteriaId: "AF131FDC-BF8D-4A17-99F0-444EB900E83D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*", matchCriteriaId: "880811B3-E78E-456E-972E-DE733F368576", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*", matchCriteriaId: "22411F18-2B93-405A-A3B5-2CF0A04977C6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*", matchCriteriaId: "C71188B7-E6DC-41E5-B619-367341113501", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "07491444-0196-4504-A971-A5E388B86BBA", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*", matchCriteriaId: "72BC6CD2-3291-4E69-8DC6-F3AB853F8931", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CD43EDDF-58A7-4705-B8C7-FD76C35A437D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*", matchCriteriaId: "A7C2E603-568F-40F6-9A7C-439E2A51B37F", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*", matchCriteriaId: "703421A7-E8C5-450B-97EF-FD9D99D4B834", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", matchCriteriaId: "9519BCB2-B401-44CE-97F6-847BB36AE45F", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", matchCriteriaId: "BBE573E8-DD94-4293-99AE-27B9067B3ED9", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", matchCriteriaId: "D14413DA-5199-4282-9E22-D347E9D8E469", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "05CC5F49-0E9E-45D8-827D-A5940566DB25", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", matchCriteriaId: "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", matchCriteriaId: "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", matchCriteriaId: "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", matchCriteriaId: "8CE38F15-BD42-4171-8670-86AA8169A60C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C3E6C4A8-59F4-43EE-8413-E95289037598", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FE76357A-27E6-4D85-9AA0-1BB658C41568", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C56C5FDB-24E2-479D-87CA-164CD28567D3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", vulnerable: true, }, { criteria: "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", matchCriteriaId: "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "12DE5E22-DF93-46BE-85A3-D4E04379E901", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "BF28C435-C036-4507-8E3F-44E722F9974A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", matchCriteriaId: "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", matchCriteriaId: "408A9DB0-81EF-4186-B338-44954E67289B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", matchCriteriaId: "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", matchCriteriaId: "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", matchCriteriaId: "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", matchCriteriaId: "FED22DC1-E06B-4511-B920-6DAB792262D8", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", matchCriteriaId: "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "F757B2A7-869F-4702-81EB-466317A79D61", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", matchCriteriaId: "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", vulnerable: true, }, { criteria: "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", matchCriteriaId: "64AF1E33-4086-43E2-8F54-DA75A99D4B75", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", matchCriteriaId: "53D16F03-A4C7-4497-AB74-499F208FF059", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", matchCriteriaId: "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", matchCriteriaId: "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C558CED8-8342-46CB-9F52-580B626D320E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0F85D19E-6C26-429D-B876-F34238B9DAAF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", matchCriteriaId: "09063867-0E64-4630-B35B-4CCA348E4DAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", matchCriteriaId: "78F98CD7-A352-483C-9968-8FB2627A7CBD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E2B925E8-D2C2-4E8C-AC21-0C422245C482", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "B9170562-872E-4C32-869C-B10FF35A925E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "D0927A68-8BB2-4F03-8396-E9CACC158FC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "559DDBA3-2AF4-4A0C-B219-6779BA931F21", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", matchCriteriaId: "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5226C9CC-6933-4F10-B426-B47782C606FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "757DAE9A-B25D-4B8A-A41B-66C2897B537E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5E3DC170-E279-4725-B9EE-6840B5685CC9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", matchCriteriaId: "8091EDA9-BD18-47F7-8CEC-E086238647C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", matchCriteriaId: "6F867890-74A4-4892-B99A-27DB4603B873", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CE05B514-F094-4632-B25B-973F976F6409", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3392428D-1A85-4472-A276-C482A78E2CE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", matchCriteriaId: "40954985-16E6-4F37-B014-6A55166AE093", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", matchCriteriaId: "0C097809-1FEF-4417-A201-42291CC29122", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.", }, { lang: "es", value: "OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS.", }, ], id: "CVE-2004-0081", lastModified: "2024-11-20T23:47:43.390", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-11-23T05:00:00.000", references: [ { source: "cve@mitre.org", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc", }, { source: "cve@mitre.org", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "cve@mitre.org", url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=107955049331965&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108403850228012&w=2", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2004-119.html", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11139", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "cve@mitre.org", url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "cve@mitre.org", url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2004/dsa-465", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/465542", }, { source: "cve@mitre.org", url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "cve@mitre.org", url: "http://www.trustix.org/errata/2004/0012", }, { source: "cve@mitre.org", url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=107955049331965&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108403850228012&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2004-119.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11139", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2004/dsa-465", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/465542", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.trustix.org/errata/2004/0012", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", matchCriteriaId: "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "B9CAFC15-178C-4176-9668-D4A04B63E77B", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "3C8D6949-89F4-40EF-98F4-8D15628DC345", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", matchCriteriaId: "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", matchCriteriaId: "6479D85C-1A12-486D-818C-6679F415CA26", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", matchCriteriaId: "287CF5FA-D0EC-4FD7-9718-973587EF34DF", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", matchCriteriaId: "C88168D4-7DB5-4720-8640-400BB680D0FD", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", matchCriteriaId: "968915A1-375B-4C69-BE11-9A393F7F1B0F", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", matchCriteriaId: "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", matchCriteriaId: "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", matchCriteriaId: "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", matchCriteriaId: "2A4C5F60-B32D-4D85-BA28-AE11972ED614", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "6A5935C3-3D83-461F-BC26-E03362115C42", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", matchCriteriaId: "80AC523B-3106-46F2-B760-803DCF8061F4", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "F8B8D6F3-D15D-489F-A807-17E63F4831F2", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", matchCriteriaId: "808189BA-197F-49CE-933E-A728F395749C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", matchCriteriaId: "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", matchCriteriaId: "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", matchCriteriaId: "7BC2983F-5212-464B-AC21-8A897DEC1F58", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", matchCriteriaId: "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "BF2D00AC-FA2A-4C39-B796-DC19072862CF", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", matchCriteriaId: "441BE3A0-20F4-4972-B279-19B3DB5FA14D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", matchCriteriaId: "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", matchCriteriaId: "00EAEA17-033A-4A50-8E39-D61154876D2F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", matchCriteriaId: "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", matchCriteriaId: "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", matchCriteriaId: "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", matchCriteriaId: "DD7C441E-444B-4DF5-8491-86805C70FB99", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", matchCriteriaId: "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", matchCriteriaId: "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", matchCriteriaId: "771931F7-9180-4EBD-8627-E1CF17D24647", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", matchCriteriaId: "EDD9BE2B-7255-4FC1-B452-E8370632B03F", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", matchCriteriaId: "32310AFE-38CC-4C6C-AE13-54C18720F2C0", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", matchCriteriaId: "AC46909F-DDFC-448B-BCDF-1EB343F96630", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", matchCriteriaId: "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "EC79FF22-2664-4C40-B0B3-6D23B5F45162", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", matchCriteriaId: "0EFE2E73-9536-41A9-B83B-0A06B54857F4", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", matchCriteriaId: "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", matchCriteriaId: "E562907F-D915-4030-847A-3C6834A80D4E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", matchCriteriaId: "138985E6-5107-4E8B-A801-C3D5FE075227", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "038FEDE7-986F-4CA5-9003-BA68352B87D4", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", matchCriteriaId: "1E140F76-D078-4F58-89CF-3278CDCB9AF3", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", matchCriteriaId: "D9D76A8D-832B-411E-A458-186733C66010", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", matchCriteriaId: "580BA1FE-0826-47A7-8BD3-9225E0841EDD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", matchCriteriaId: "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", matchCriteriaId: "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", matchCriteriaId: "E72872C9-63AF-417F-BFAE-92B4D350C006", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", matchCriteriaId: "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", matchCriteriaId: "970939C5-1E6F-47B6-97E6-7B2C1E019985", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", matchCriteriaId: "CD1F4148-E772-4708-8C1F-D67F969C11DA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", matchCriteriaId: "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", matchCriteriaId: "09458CD7-D430-4957-8506-FAB2A3E2AA65", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", matchCriteriaId: "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F8B87C95-4B34-4628-AD03-67D1DE13E097", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", matchCriteriaId: "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E237919A-416B-4039-AAD2-7FAE1F4E100D", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "39149924-188C-40C1-B598-A9CD407C90DE", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", matchCriteriaId: "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E6501108-5455-48FE-AA82-37AFA5D7EC24", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", matchCriteriaId: "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", matchCriteriaId: "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", matchCriteriaId: "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", matchCriteriaId: "CCF6D59E-8AEA-4380-B86B-0803B2202F16", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", matchCriteriaId: "140ABF28-FA39-4D77-AEB2-304962ED48C2", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", matchCriteriaId: "09473DD9-5114-44C5-B56C-6630FBEBCACB", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", matchCriteriaId: "D36C140D-E80C-479A-ADA7-18E901549059", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "940712E9-B041-4B7F-BD02-7DD0AE596D65", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "03B887A2-9025-4C5B-8901-71BC63BF5293", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "33264586-7160-4550-9FF9-4101D72F5C9B", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CE5E6521-0611-4473-82AC-21655F10FEC0", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", matchCriteriaId: "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", matchCriteriaId: "8C83ABA2-87CD-429B-9800-590F8256B064", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "0A1A0B02-CF33-401F-9AB2-D595E586C795", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", matchCriteriaId: "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", matchCriteriaId: "90FB3825-21A6-4DBE-8188-67672DBE01CB", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", matchCriteriaId: "80623E58-8B46-4559-89A4-C329AACF3CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", matchCriteriaId: "AEE6C228-CD93-4636-868B-C19BC1674BE6", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", matchCriteriaId: "A645148C-AD0D-46C1-BEE3-10F5C9066279", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", matchCriteriaId: "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "02029D75-FAF2-4842-9246-079C7DE36417", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*", matchCriteriaId: "E0146341-364C-4085-A2E1-BC8C260FBA3D", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", matchCriteriaId: "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", matchCriteriaId: "B8496E0D-2507-4C25-A122-0B846CBCA72A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", matchCriteriaId: "8E383F2A-DFCF-47F8-94EE-3563D41EA597", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", matchCriteriaId: "D2D87EF0-056E-4128-89EB-2803ED83DEE9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", matchCriteriaId: "BB3163C1-2044-44DA-9C88-076D75FDF1EB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", matchCriteriaId: "07E1B690-C58B-4C08-A757-F3DF451FDAAA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", matchCriteriaId: "31F0E14C-7681-4D1A-B982-A51E450B93A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", matchCriteriaId: "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", matchCriteriaId: "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", matchCriteriaId: "37A94436-D092-4C7E-B87B-63BC621EE82E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", matchCriteriaId: "862165CF-3CFB-4C6E-8238-86FA85F243C8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", matchCriteriaId: "056F3336-BAA8-4A03-90B4-7B31710FC1B3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", matchCriteriaId: "9FDC2510-FBB9-429A-B6D4-10AB11F93960", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", matchCriteriaId: "5D45127E-A544-40A0-9D34-BD70D95C9772", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", matchCriteriaId: "56C69C3E-C895-45C8-8182-7BB412A0C828", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", matchCriteriaId: "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D4D9564B-B92E-4C97-87FF-B56D62DCA775", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.5.17:*:*:*:*:*:*:*", matchCriteriaId: "FF2AD44D-3BE8-4541-B62D-9F01D46F8E6A", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.5.18:*:*:*:*:*:*:*", matchCriteriaId: "8BF2E08B-9046-41A1-BEDE-EB0B6436315C", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "811E1BE8-3868-49F8-B6E8-D5705559B02E", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "D67C9DB4-E46C-4E84-82D9-AF48EFDAEFBA", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.7:*:*:*:*:*:*:*", matchCriteriaId: "CF0E1BF0-6629-40DC-AB23-0256BABD0CB9", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1AC4E7E5-FCC1-46B0-B69F-F1F6B36838ED", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "2C4AED89-F862-4071-8E94-481A59EDAE8E", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "7A3CB6FF-3840-4E80-A0A4-614D6686D2B6", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.4:*:*:*:*:*:*:*", matchCriteriaId: "67010B0B-ECE7-4EE5-B103-05DC637E150F", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.5:*:*:*:*:*:*:*", matchCriteriaId: "1355EF99-35FC-44A7-BC56-F7C0EA49BF0C", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.6:*:*:*:*:*:*:*", matchCriteriaId: "6DDA8F10-B059-4403-A790-EFC8822588B2", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.7:*:*:*:*:*:*:*", matchCriteriaId: "A06BCD31-3FB6-468B-9BC9-EA573717B19F", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.8:*:*:*:*:*:*:*", matchCriteriaId: "360238CC-3BF5-4750-B16D-8A2E0257022E", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.9:*:*:*:*:*:*:*", matchCriteriaId: "0C55C754-E213-4E79-AA7B-2CAF8A464388", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.1:*:*:*:*:*:*:*", matchCriteriaId: "647BA524-5A79-408C-BBF2-5780BC522B64", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.2:*:*:*:*:*:*:*", matchCriteriaId: "D599C49D-4D7D-4C44-9D8D-A3F76746BBA8", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.2.1:*:*:*:*:*:*:*", matchCriteriaId: "7B4DC717-0785-4C19-8A33-ACA5F378DF3C", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.2.4:*:*:*:*:*:*:*", matchCriteriaId: "858843D3-84BB-48B6-80D1-1271AE60150D", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", matchCriteriaId: "B931D4F8-23F5-4ABA-A457-959995D30C58", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", matchCriteriaId: "BE6A023E-9C2A-487F-B5CE-674C766BFE75", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", matchCriteriaId: "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", vulnerable: true, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0A7B80E0-40BB-4B4E-9711-AF293A038DD4", vulnerable: true, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "9EFCFFE8-9CAD-4A7F-9751-8627E6297C9F", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "D3653856-207E-46A7-92DD-D7F377F1829A", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1:*:*:*:*:*:*:*", matchCriteriaId: "7E4627BB-0D75-44BC-989F-0E85C9FA0E2B", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "19053434-F9E7-4839-AB5A-B226CC4616A5", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc1:*:*:*:*:*:*", matchCriteriaId: "D04CABBA-7BEB-44EC-A6E4-A31E41A62BD7", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc2:*:*:*:*:*:*", matchCriteriaId: "8D15C938-4DAB-4011-80EE-A2663E20BFC1", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "C9C056ED-2492-4B1C-BCB9-4F36806C4A48", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "A72FC232-A2CB-443B-9A4A-8BBFEFE6517C", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:-:*:*:*:*:*:*", matchCriteriaId: "BA347CD3-0619-4EA2-A736-B59EE9E3AC12", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc1:*:*:*:*:*:*", matchCriteriaId: "4ACEF29C-3225-43A7-9E07-FBCCF555887E", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc2:*:*:*:*:*:*", matchCriteriaId: "46D932AF-FB1A-464D-BA3D-2DC2D3C187CD", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc3:*:*:*:*:*:*", matchCriteriaId: "9F532860-9E26-45C3-9FB3-6B0888F1279A", vulnerable: false, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A037FAA6-6D26-4496-BC67-03475B4D1155", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D3831DD3-E783-4200-8986-FDBF7DD9BA53", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", matchCriteriaId: "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", matchCriteriaId: "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", matchCriteriaId: "699764B6-0F86-4AB0-86A3-4F2E69AD820C", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", matchCriteriaId: "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", matchCriteriaId: "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", matchCriteriaId: "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", matchCriteriaId: "41169D2F-4F16-466A-82E9-AD0735472B5B", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", matchCriteriaId: "947699C3-D9DE-411A-99C0-44ADD1D2223A", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", matchCriteriaId: "15F668C0-8420-4401-AB0F-479575596CF0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", matchCriteriaId: "CDDCC7B6-34CA-4551-9833-306B93E517BD", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", matchCriteriaId: "6D69C160-39F7-48B8-B9A3-CC86690453C0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", matchCriteriaId: "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8FA6420B-9F6A-48F4-A445-12B60A320347", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", matchCriteriaId: "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", matchCriteriaId: "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", matchCriteriaId: "180D07AE-C571-4DD6-837C-43E2A946007A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", matchCriteriaId: "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", matchCriteriaId: "90789533-C741-4B1C-A24B-2C77B9E4DE5F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", matchCriteriaId: "1520065B-46D7-48A4-B9D0-5B49F690C5B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", matchCriteriaId: "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", matchCriteriaId: "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", matchCriteriaId: "494E48E7-EF86-4860-9A53-94F6C313746E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", matchCriteriaId: "45A518E8-21BE-4C5C-B425-410AB1208E9C", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", matchCriteriaId: "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", matchCriteriaId: "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", matchCriteriaId: "85BFEED5-4941-41BB-93D1-CD5C2A41290E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", matchCriteriaId: "78E79A05-64F3-4397-952C-A5BB950C967D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", matchCriteriaId: "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", matchCriteriaId: "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", matchCriteriaId: "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", matchCriteriaId: "088F2FF7-96E5-455E-A35B-D99F9854EC6E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", matchCriteriaId: "FFA721BF-1B2E-479F-BF25-02D441BF175B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", matchCriteriaId: "AFEDCE49-21CC-4168-818F-4C638EE3B077", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", matchCriteriaId: "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", matchCriteriaId: "26430687-409B-448F-934B-06AB937DDF63", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", matchCriteriaId: "DF1A5808-6D5D-48AD-9470-5A6510D17913", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", matchCriteriaId: "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", matchCriteriaId: "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8D09E11C-C5BB-409E-BB0D-7F351250419B", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", matchCriteriaId: "6B06A05D-AA31-441D-9FC2-3558648C3B7E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C0886901-6F93-44C1-B774-84D7E5D9554C", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "3F203A80-7C1E-4A04-8E99-63525E176753", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "CA0A204C-158B-4014-A53C-75E0CD63E0DE", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "085BA581-7DA5-4FA4-A888-351281FD0A7D", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", matchCriteriaId: "9519BCB2-B401-44CE-97F6-847BB36AE45F", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", matchCriteriaId: "BBE573E8-DD94-4293-99AE-27B9067B3ED9", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", matchCriteriaId: "D14413DA-5199-4282-9E22-D347E9D8E469", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "05CC5F49-0E9E-45D8-827D-A5940566DB25", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", matchCriteriaId: "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", matchCriteriaId: "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", matchCriteriaId: "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", matchCriteriaId: "8CE38F15-BD42-4171-8670-86AA8169A60C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C3E6C4A8-59F4-43EE-8413-E95289037598", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FE76357A-27E6-4D85-9AA0-1BB658C41568", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C56C5FDB-24E2-479D-87CA-164CD28567D3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", vulnerable: true, }, { criteria: "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", matchCriteriaId: "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "12DE5E22-DF93-46BE-85A3-D4E04379E901", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "BF28C435-C036-4507-8E3F-44E722F9974A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", matchCriteriaId: "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", matchCriteriaId: "408A9DB0-81EF-4186-B338-44954E67289B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", matchCriteriaId: "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", matchCriteriaId: "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", matchCriteriaId: "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", matchCriteriaId: "FED22DC1-E06B-4511-B920-6DAB792262D8", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", matchCriteriaId: "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "F757B2A7-869F-4702-81EB-466317A79D61", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", matchCriteriaId: "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", vulnerable: true, }, { criteria: "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", matchCriteriaId: "64AF1E33-4086-43E2-8F54-DA75A99D4B75", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", matchCriteriaId: "53D16F03-A4C7-4497-AB74-499F208FF059", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", matchCriteriaId: "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", matchCriteriaId: "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C558CED8-8342-46CB-9F52-580B626D320E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0F85D19E-6C26-429D-B876-F34238B9DAAF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", matchCriteriaId: "09063867-0E64-4630-B35B-4CCA348E4DAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", matchCriteriaId: "78F98CD7-A352-483C-9968-8FB2627A7CBD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E2B925E8-D2C2-4E8C-AC21-0C422245C482", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "B9170562-872E-4C32-869C-B10FF35A925E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "D0927A68-8BB2-4F03-8396-E9CACC158FC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "559DDBA3-2AF4-4A0C-B219-6779BA931F21", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", matchCriteriaId: "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5226C9CC-6933-4F10-B426-B47782C606FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "757DAE9A-B25D-4B8A-A41B-66C2897B537E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5E3DC170-E279-4725-B9EE-6840B5685CC9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", matchCriteriaId: "8091EDA9-BD18-47F7-8CEC-E086238647C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", matchCriteriaId: "6F867890-74A4-4892-B99A-27DB4603B873", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CE05B514-F094-4632-B25B-973F976F6409", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3392428D-1A85-4472-A276-C482A78E2CE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", matchCriteriaId: "40954985-16E6-4F37-B014-6A55166AE093", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", matchCriteriaId: "0C097809-1FEF-4417-A201-42291CC29122", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.", }, { lang: "es", value: "El código que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una denegación de servicio.", }, ], id: "CVE-2004-0112", lastModified: "2024-11-20T23:47:47.537", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-11-23T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/11139", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/484726", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.trustix.org/errata/2004/0012", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/11139", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/484726", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.trustix.org/errata/2004/0012", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580", }, ], sourceIdentifier: "cve@mitre.org", vendorComments: [ { comment: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", lastModified: "2007-03-14T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2024-11-20 23:54
Severity ?
Summary
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*", matchCriteriaId: "D073442B-D7E7-4E07-AF2D-E22FE65B09A9", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:network_routing:*:*:*:*:*:*:*:*", matchCriteriaId: "E942E0E7-0808-479C-B061-66119EBA12E3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8710:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "68B1272B-8B71-4D2D-A5E4-0E7828500C22", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8710:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A7C7B9C0-91A2-4529-B879-60DE043E719C", vulnerable: true, }, { criteria: "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*", matchCriteriaId: "E25F5CF2-F891-41CA-A40C-13966F72FDF8", vulnerable: true, }, { criteria: "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "7417958C-5321-41D6-9D1A-D16BF5511E81", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*", matchCriteriaId: "C24A129D-2E5E-436C-95DE-AE75D2E8D092", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*", matchCriteriaId: "2E244C37-E366-482E-9173-9376D0839839", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*", matchCriteriaId: "11F96BB9-6509-4F1E-9590-E55EE8C6F992", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*", matchCriteriaId: "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*", matchCriteriaId: "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*", matchCriteriaId: "718D4631-440E-4783-8966-B2A2D3EF89B3", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*", matchCriteriaId: "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*", matchCriteriaId: "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*", matchCriteriaId: "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*", matchCriteriaId: "7015F57A-1E3B-42D2-9D12-F695078EFB21", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*", matchCriteriaId: "467721EE-5130-46C5-BBB7-0F4878F3F171", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*", matchCriteriaId: "171257E7-12C5-4283-88F7-FFE643995563", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*", matchCriteriaId: "0887E02F-9F36-41F0-9F75-060B8414D7BF", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*", matchCriteriaId: "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*", matchCriteriaId: "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*", matchCriteriaId: "5F49A384-7222-41F3-9BE1-4E18C00E50A6", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*", matchCriteriaId: "05520FE3-C48D-42E8-BC24-C2396BD46CBA", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*", matchCriteriaId: "D865FBB6-E07D-492F-A75E-168B06C8ADEE", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*", matchCriteriaId: "598F24C2-0366-4799-865C-5EE4572B734B", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*", matchCriteriaId: "D0399660-6385-45AB-9785-E504D8788146", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*", matchCriteriaId: "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*", matchCriteriaId: "B91F6CBE-400F-4D0B-B893-34577B47A342", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*", matchCriteriaId: "1548ECFD-FCB5-4AE0-9788-42F61F25489F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*", matchCriteriaId: "6ABB9787-5497-4BDC-8952-F99CF60A89BD", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*", matchCriteriaId: "615F6BA2-CD51-4159-B28A-A018CA9FC25C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*", matchCriteriaId: "093848CB-68A1-4258-8357-373A477FE4E2", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*", matchCriteriaId: "E275F440-A427-465F-B314-BF0730C781DB", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*", matchCriteriaId: "98651D39-60CF-409F-8276-DBBB56B972AA", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*", matchCriteriaId: "067B8E09-C923-4DDA-92DB-4A2892CB526A", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*", matchCriteriaId: "9EBE3738-E530-4EC6-9FC6-1A063605BE05", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*", matchCriteriaId: "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*", matchCriteriaId: "D77F8919-4064-4EA5-A948-76178EA21F83", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*", matchCriteriaId: "5E7C423D-23DE-4C7B-A518-66F87E041925", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*", matchCriteriaId: "8EA1382E-71B0-4E65-A310-716A244F4FB1", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*", matchCriteriaId: "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*", matchCriteriaId: "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*", matchCriteriaId: "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*", matchCriteriaId: "824BBD31-8F3B-4F05-981B-ABF662BBF5F2", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*", matchCriteriaId: "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*", matchCriteriaId: "388A5C99-1F60-4C20-9AE5-6E73E5A3F819", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*", matchCriteriaId: "F677E992-8D37-438F-97DF-9D98B28F020C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*", matchCriteriaId: "5888F8D7-15C2-4435-BB3C-8674DFAF0089", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*", matchCriteriaId: "29439AD0-EB8D-4675-A77A-6548FF27ADA3", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*", matchCriteriaId: "F27AADF6-1605-47FC-8C4D-87827A578A90", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*", matchCriteriaId: "B42F4080-A76F-4D17-85E2-CD2D2E4D0450", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*", matchCriteriaId: "6968EF1D-7CC5-430D-866D-206F66486F63", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*", matchCriteriaId: "50E6F5C5-BF74-4C10-830A-F232D528D290", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*", matchCriteriaId: "476687F9-722B-490C-BD0B-B5F2CD7891DC", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*", matchCriteriaId: "A399D94B-D08D-4454-A07A-6634C9AE612F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*", matchCriteriaId: "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*", matchCriteriaId: "DCD8E4AE-FEF7-4CE2-B338-4F766921593F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*", matchCriteriaId: "13A8B50A-73F6-4FCF-A81F-FB624FBA7143", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", matchCriteriaId: "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", matchCriteriaId: "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*", matchCriteriaId: "8D27D843-2DA7-4481-857C-09FDC4FBD45C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*", matchCriteriaId: "BCB93128-2743-4668-8C48-9B7282D4A672", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*", matchCriteriaId: "040991B8-FB4B-480B-B53B-AA7A884F9F19", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*", matchCriteriaId: "BFA592BC-5846-4FC1-B2A7-13E622705DA8", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*", matchCriteriaId: "59688C40-C92F-431E-ADD7-6782622862D3", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*", matchCriteriaId: "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*", matchCriteriaId: "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*", matchCriteriaId: "C5FE15BF-91C7-452A-BE1B-7EC9632421C2", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*", matchCriteriaId: "15C1923C-D9C4-400D-9F0F-20B519EEC9C0", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*", matchCriteriaId: "E51913F9-FC7D-450A-9A82-5084AA74A5B2", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*", matchCriteriaId: "B62E02D5-9EEE-439B-A510-BEEE28A9F358", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*", matchCriteriaId: "02278C07-E649-427D-9E5C-F1738A01BCBD", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*", matchCriteriaId: "E120257D-346B-4BA6-A431-E6F820FBB5FB", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.29:rc1:*:*:*:*:*:*", matchCriteriaId: "4F83D55B-3106-4907-A75F-A7EBF0EC6974", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.29:rc2:*:*:*:*:*:*", matchCriteriaId: "0AFD594E-48BA-4281-8DEE-306E3008ABB9", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*", matchCriteriaId: "4177C378-7729-46AB-B49B-C6DAED3200E7", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*", matchCriteriaId: "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*", matchCriteriaId: "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", matchCriteriaId: "3528DABD-B821-4D23-AE12-614A9CA92C46", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*", matchCriteriaId: "9E661D58-18DF-4CCF-9892-F873618F4535", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", matchCriteriaId: "E0F0D201-B1DC-4024-AF77-A284673618F3", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", matchCriteriaId: "052E3862-BFB7-42E7-889D-8590AFA8EF37", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", matchCriteriaId: "2BB0B27C-04EA-426F-9016-7406BACD91DF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", matchCriteriaId: "81B543F9-C209-46C2-B0AE-E14818A6992E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "EC79FF22-2664-4C40-B0B3-6D23B5F45162", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", matchCriteriaId: "DB89C970-DE94-4E09-A90A-077DB83AD156", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", matchCriteriaId: "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", matchCriteriaId: "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*", matchCriteriaId: "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C3E6C4A8-59F4-43EE-8413-E95289037598", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FE76357A-27E6-4D85-9AA0-1BB658C41568", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C56C5FDB-24E2-479D-87CA-164CD28567D3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.", }, { lang: "es", value: "El soporte de ELF de 64 bits en los kernel de Linux 2.6 anteriores a 2.6.10 en arquitecturas de 64 bits no verifica adecuadamente solapamientos en asignaciones de memoria VMA (virtual memory address), lo que permite a usuarios locales causar una denegación de servicio (caída del sistema) o ejecutar código de su elección mediante un fichero ELF o a.out artesanal.", }, ], id: "CVE-2005-0003", lastModified: "2024-11-20T23:54:12.700", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-04-14T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw", }, { source: "cve@mitre.org", url: "http://linux.bkbits.net:8080/linux-2.6/cset%4041a6721cce-LoPqkzKXudYby_3TUmg", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/20163", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/20202", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/20338", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1012885", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1067", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1069", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1070", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1082", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2005_18_kernel.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2005-017.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2005-043.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/12261", }, { source: "cve@mitre.org", url: "http://www.trustix.org/errata/2005/0001/", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/18886", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://linux.bkbits.net:8080/linux-2.6/cset%4041a6721cce-LoPqkzKXudYby_3TUmg", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/20163", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/20202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/20338", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1012885", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1067", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1069", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2005_18_kernel.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2005-043.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/12261", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.trustix.org/errata/2005/0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/18886", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*", matchCriteriaId: "D073442B-D7E7-4E07-AF2D-E22FE65B09A9", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:network_routing:*:*:*:*:*:*:*:*", matchCriteriaId: "E942E0E7-0808-479C-B061-66119EBA12E3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8710:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "68B1272B-8B71-4D2D-A5E4-0E7828500C22", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8710:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A7C7B9C0-91A2-4529-B879-60DE043E719C", vulnerable: true, }, { criteria: "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*", matchCriteriaId: "E25F5CF2-F891-41CA-A40C-13966F72FDF8", vulnerable: true, }, { criteria: "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "7417958C-5321-41D6-9D1A-D16BF5511E81", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*", matchCriteriaId: "C24A129D-2E5E-436C-95DE-AE75D2E8D092", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*", matchCriteriaId: "2E244C37-E366-482E-9173-9376D0839839", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*", matchCriteriaId: "11F96BB9-6509-4F1E-9590-E55EE8C6F992", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*", matchCriteriaId: "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*", matchCriteriaId: "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*", matchCriteriaId: "718D4631-440E-4783-8966-B2A2D3EF89B3", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*", matchCriteriaId: "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*", matchCriteriaId: "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*", matchCriteriaId: "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*", matchCriteriaId: "7015F57A-1E3B-42D2-9D12-F695078EFB21", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*", matchCriteriaId: "467721EE-5130-46C5-BBB7-0F4878F3F171", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*", matchCriteriaId: "171257E7-12C5-4283-88F7-FFE643995563", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*", matchCriteriaId: "0887E02F-9F36-41F0-9F75-060B8414D7BF", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*", matchCriteriaId: "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*", matchCriteriaId: "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*", matchCriteriaId: "5F49A384-7222-41F3-9BE1-4E18C00E50A6", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*", matchCriteriaId: "05520FE3-C48D-42E8-BC24-C2396BD46CBA", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*", matchCriteriaId: "D865FBB6-E07D-492F-A75E-168B06C8ADEE", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*", matchCriteriaId: "598F24C2-0366-4799-865C-5EE4572B734B", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*", matchCriteriaId: "D0399660-6385-45AB-9785-E504D8788146", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*", matchCriteriaId: "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*", matchCriteriaId: "B91F6CBE-400F-4D0B-B893-34577B47A342", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*", matchCriteriaId: "1548ECFD-FCB5-4AE0-9788-42F61F25489F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*", matchCriteriaId: "6ABB9787-5497-4BDC-8952-F99CF60A89BD", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*", matchCriteriaId: "615F6BA2-CD51-4159-B28A-A018CA9FC25C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*", matchCriteriaId: "093848CB-68A1-4258-8357-373A477FE4E2", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*", matchCriteriaId: "E275F440-A427-465F-B314-BF0730C781DB", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*", matchCriteriaId: "98651D39-60CF-409F-8276-DBBB56B972AA", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*", matchCriteriaId: "067B8E09-C923-4DDA-92DB-4A2892CB526A", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*", matchCriteriaId: "9EBE3738-E530-4EC6-9FC6-1A063605BE05", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*", matchCriteriaId: "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*", matchCriteriaId: "D77F8919-4064-4EA5-A948-76178EA21F83", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*", matchCriteriaId: "5E7C423D-23DE-4C7B-A518-66F87E041925", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*", matchCriteriaId: "8EA1382E-71B0-4E65-A310-716A244F4FB1", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*", matchCriteriaId: "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*", matchCriteriaId: "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*", matchCriteriaId: "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*", matchCriteriaId: "824BBD31-8F3B-4F05-981B-ABF662BBF5F2", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*", matchCriteriaId: "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*", matchCriteriaId: "388A5C99-1F60-4C20-9AE5-6E73E5A3F819", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*", matchCriteriaId: "F677E992-8D37-438F-97DF-9D98B28F020C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*", matchCriteriaId: "5888F8D7-15C2-4435-BB3C-8674DFAF0089", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*", matchCriteriaId: "29439AD0-EB8D-4675-A77A-6548FF27ADA3", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*", matchCriteriaId: "F27AADF6-1605-47FC-8C4D-87827A578A90", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*", matchCriteriaId: "B42F4080-A76F-4D17-85E2-CD2D2E4D0450", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*", matchCriteriaId: "6968EF1D-7CC5-430D-866D-206F66486F63", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*", matchCriteriaId: "50E6F5C5-BF74-4C10-830A-F232D528D290", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*", matchCriteriaId: "476687F9-722B-490C-BD0B-B5F2CD7891DC", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*", matchCriteriaId: "A399D94B-D08D-4454-A07A-6634C9AE612F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*", matchCriteriaId: "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*", matchCriteriaId: "DCD8E4AE-FEF7-4CE2-B338-4F766921593F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*", matchCriteriaId: "13A8B50A-73F6-4FCF-A81F-FB624FBA7143", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", matchCriteriaId: "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", matchCriteriaId: "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*", matchCriteriaId: "8D27D843-2DA7-4481-857C-09FDC4FBD45C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*", matchCriteriaId: "BCB93128-2743-4668-8C48-9B7282D4A672", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*", matchCriteriaId: "040991B8-FB4B-480B-B53B-AA7A884F9F19", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*", matchCriteriaId: "BFA592BC-5846-4FC1-B2A7-13E622705DA8", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*", matchCriteriaId: "59688C40-C92F-431E-ADD7-6782622862D3", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*", matchCriteriaId: "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*", matchCriteriaId: "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*", matchCriteriaId: "C5FE15BF-91C7-452A-BE1B-7EC9632421C2", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*", matchCriteriaId: "15C1923C-D9C4-400D-9F0F-20B519EEC9C0", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*", matchCriteriaId: "E51913F9-FC7D-450A-9A82-5084AA74A5B2", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*", matchCriteriaId: "B62E02D5-9EEE-439B-A510-BEEE28A9F358", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*", matchCriteriaId: "02278C07-E649-427D-9E5C-F1738A01BCBD", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*", matchCriteriaId: "E120257D-346B-4BA6-A431-E6F820FBB5FB", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.4.29:rc2:*:*:*:*:*:*", matchCriteriaId: "0AFD594E-48BA-4281-8DEE-306E3008ABB9", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", matchCriteriaId: "142BCD48-8387-4D0C-A052-44DD4144CBFF", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*", matchCriteriaId: "7BCA84E2-AC4A-430D-8A30-E660D2A232A0", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*", matchCriteriaId: "2255842B-34CD-4062-886C-37161A065703", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*", matchCriteriaId: "F0ED322D-004C-472E-A37F-89B78C55FE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*", matchCriteriaId: "412F7334-C46B-4F61-B38A-2CA56B498151", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*", matchCriteriaId: "5967AF83-798D-4B1E-882A-5737FFC859C9", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*", matchCriteriaId: "A90D2123-D55B-4104-8D82-5B6365AA3B77", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*", matchCriteriaId: "DCCDFD49-D402-420E-92F5-20445A0FE139", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*", matchCriteriaId: "2A073700-E8A9-4F76-9265-2BE0D5AC9909", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*", matchCriteriaId: "8877D178-1655-46E9-8F5A-2DD576601F38", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*", matchCriteriaId: "0D55059C-B867-4E0F-B29C-9CD2C86915A5", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*", matchCriteriaId: "8358E965-3689-4B05-8470-C4A1463FA0E9", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", matchCriteriaId: "E8220D81-9065-471F-9256-CFE7B9941555", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", matchCriteriaId: "D2A55C17-C530-4898-BC95-DE4D495F0D7C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", matchCriteriaId: "2C14A949-E2B8-4100-8ED4-645CB996B08A", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", matchCriteriaId: "EB445E3E-CCBD-4737-BE30-841B9A79D558", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", matchCriteriaId: "F5301E27-8021-467C-A9A2-AF2137EF0299", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", matchCriteriaId: "79787868-2D77-4B55-AD61-C2B357CCE047", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", matchCriteriaId: "2B3F27D3-8F1D-4576-A584-1E2059CC67B1", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", matchCriteriaId: "FB5D260C-AE1C-47E9-A88C-B9C2B4349249", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*", matchCriteriaId: "A0934C49-5F88-4189-BD88-2F32C39C2F25", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", matchCriteriaId: "AA9958C6-AB7D-4B67-9AA7-42B628CBC391", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*", matchCriteriaId: "14B0A230-4054-4483-A3A7-9A5A286C7552", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", matchCriteriaId: "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*", matchCriteriaId: "F90242EF-048B-4539-AA41-87AA84875A9E", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*", matchCriteriaId: "3C4E9325-2A70-4E15-9AAF-5588BF218055", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*", matchCriteriaId: "01402A85-B681-4DE0-B7BB-F52567DA29E2", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*", matchCriteriaId: "1FC53528-A67F-42DF-B8DA-778A65893F9D", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*", matchCriteriaId: "2CDE1E92-C64D-4A3B-95A2-384BD772B28B", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*", matchCriteriaId: "4B130EB7-A951-4717-A906-E2F602F7B69F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*", matchCriteriaId: "608FDE1E-B02A-45A2-8877-0E52A5BD0963", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*", matchCriteriaId: "4177C378-7729-46AB-B49B-C6DAED3200E7", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*", matchCriteriaId: "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*", matchCriteriaId: "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", matchCriteriaId: "3528DABD-B821-4D23-AE12-614A9CA92C46", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*", matchCriteriaId: "9E661D58-18DF-4CCF-9892-F873618F4535", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", matchCriteriaId: "E0F0D201-B1DC-4024-AF77-A284673618F3", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", matchCriteriaId: "052E3862-BFB7-42E7-889D-8590AFA8EF37", vulnerable: true, }, { criteria: "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", matchCriteriaId: "2BB0B27C-04EA-426F-9016-7406BACD91DF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", matchCriteriaId: "81B543F9-C209-46C2-B0AE-E14818A6992E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "EC79FF22-2664-4C40-B0B3-6D23B5F45162", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", matchCriteriaId: "DB89C970-DE94-4E09-A90A-077DB83AD156", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", matchCriteriaId: "F9440B25-D206-4914-9557-B5F030890DEC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "E9933557-3BCA-4D92-AD4F-27758A0D3347", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", matchCriteriaId: "10A60552-15A5-4E95-B3CE-99A4B26260C1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", matchCriteriaId: "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", matchCriteriaId: "7D74A418-50F0-42C0-ABBC-BBBE718FF025", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", matchCriteriaId: "E6996B14-925B-46B8-982F-3545328B506B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", matchCriteriaId: "EC80CF67-C51D-442C-9526-CFEDE84A6304", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", matchCriteriaId: "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", matchCriteriaId: "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", matchCriteriaId: "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", matchCriteriaId: "F8C55338-3372-413F-82E3-E1B476D6F41A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", matchCriteriaId: "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", matchCriteriaId: "CFABFCE5-4F86-4AE8-9849-BC360AC72098", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", matchCriteriaId: "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", vulnerable: true, }, { criteria: "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", matchCriteriaId: "6E94583A-5184-462E-9FC4-57B35DA06DA7", vulnerable: true, }, { criteria: "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", matchCriteriaId: "E905FAAD-37B6-4DD0-A752-2974F8336273", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", matchCriteriaId: "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*", matchCriteriaId: "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C3E6C4A8-59F4-43EE-8413-E95289037598", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FE76357A-27E6-4D85-9AA0-1BB658C41568", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C56C5FDB-24E2-479D-87CA-164CD28567D3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", vulnerable: true, }, { criteria: "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.", }, { lang: "es", value: "Condición de carrera en las llamadas de funciones (1) load_elf_library y (2) binfmt_aout de uselib de los kernel de Linux 2.4 a 2.429-rc2 y 2.6 a 2.6.10 permite a usuarios locales ejecutar código de su elección manipulando el descriptor WMA.", }, ], id: "CVE-2004-1235", lastModified: "2024-11-20T23:50:25.770", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 1.9, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-04-14T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930", }, { source: "cve@mitre.org", url: "http://isec.pl/vulnerabilities/isec-0021-uselib.txt", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=110512575901427&w=2", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/20162", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/20163", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/20202", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/20338", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1067", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1069", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1070", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1082", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2005_01_sr.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2005-016.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2005-017.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2005-043.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2005-092.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/advisories/7804", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/advisories/7805", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/advisories/7806", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/12190", }, { source: "cve@mitre.org", url: "http://www.trustix.org/errata/2005/0001/", }, { source: "cve@mitre.org", url: "https://bugzilla.fedora.us/show_bug.cgi?id=2336", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://isec.pl/vulnerabilities/isec-0021-uselib.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=110512575901427&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/20162", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/20163", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/20202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/20338", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1067", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1069", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2005_01_sr.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2005-043.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-092.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/advisories/7804", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/advisories/7805", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/advisories/7806", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/12190", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.trustix.org/errata/2005/0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.fedora.us/show_bug.cgi?id=2336", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }