var-200208-0144
Vulnerability from variot
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. Abstract Syntax Notation number One (ASN.1) is an international standard used to describe and transmit data packets between applications and across networks. OpenSSL In ASN.1 library Inside ans1_get_length() A buffer overflow vulnerability exists when an abnormal certificate is passed to a function.OpenSSL Service disruption (DoS) It may be in a state. This vulnerability is due to parsing errors and affects SSL, TLS, S/MIME, PKCS#7 and certificate creation routines. OpenSSL is an open source general-purpose encryption library developed by the OpenSSL team that can implement the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. There is a vulnerability in the ASN1 interpreter of OpenSSL when dealing with invalid encoding methods. Remote attackers may use this vulnerability to carry out denial-of-service attacks on applications that use the ASN1 library
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200208-0144", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "application server", "scope": "eq", "trust": 1.8, "vendor": "oracle", "version": "1.0.2.2" }, { "model": "mac os x", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.0.4" }, { "model": "mac os x", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.1.4" }, { "model": "mac os x", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.1" }, { "model": "mac os x", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.0.1" }, { "model": "mac os x", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.1.5" }, { "model": "mac os x", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.1.3" }, { "model": "mac os x", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.1.1" }, { "model": "mac os x", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.1.2" }, { "model": "mac os x", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.0.3" }, { "model": "mac os x", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.0.2" }, { "model": "http server", "scope": "eq", "trust": 1.3, "vendor": "oracle", "version": "9.2.0" }, { "model": "http server", "scope": "eq", "trust": 1.3, "vendor": "oracle", "version": "9.0.1" }, { "model": "corporate time outlook connector", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "3.3" }, { "model": "corporate time outlook connector", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "3.1.2" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7" }, { "model": "application server", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.0.2" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.2b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.3" }, { "model": "application server", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "*" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.4" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.1c" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.0" }, { "model": "corporate time outlook connector", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "3.1" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.5" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.5a" }, { "model": "corporate time outlook connector", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "3.1.1" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6c" }, { "model": "application server", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.0.2.1s" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6d" }, { "model": null, "scope": null, "trust": 0.8, "vendor": "apple computer", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "debian", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "guardian digital", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "hewlett packard", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "ibm", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "isc", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "juniper", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "mandrakesoft", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "netbsd", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "openldap", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "openpkg", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "openssl", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "oracle", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "red hat", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "secure computing", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "suse", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "trustix", "version": null }, { "model": "bind", "scope": "lte", "trust": 0.8, "vendor": "isc", "version": "9.1.3" }, { "model": "bind", "scope": "lte", "trust": 0.8, "vendor": "isc", "version": "9.2.2" }, { "model": "openssl", "scope": "lte", "trust": 0.8, "vendor": "openssl", "version": "0.9.6d" }, { "model": "application server", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "9ias" }, { "model": "cobalt raq3", "scope": null, "trust": 0.8, "vendor": "sun microsystems", "version": null }, { "model": "cobalt raq4", "scope": null, "trust": 0.8, "vendor": "sun microsystems", "version": null }, { "model": "cobalt raq550", "scope": null, "trust": 0.8, "vendor": "sun microsystems", "version": null }, { "model": "cobalt raqxtr", "scope": null, "trust": 0.8, "vendor": "sun microsystems", "version": null }, { "model": "linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6.2" }, { "model": "linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "7.0" }, { "model": "linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "7.1" }, { "model": "linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "7.2" }, { "model": "linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "7.3" }, { "model": "project openssl d", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.1" }, { "model": "project openssl beta2", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.4" }, { "model": "internet express eak", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0" }, { "model": "junos", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "5.1" }, { "model": "bind", "scope": "ne", "trust": 0.3, "vendor": "isc", "version": "9.2" }, { "model": "software opera web browser linux", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "6.0.3" }, { "model": "software opera web browser win32", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "6.0.3" }, { "model": "software opera web browser linux", "scope": "ne", "trust": 0.3, "vendor": "opera", "version": "6.0.3" }, { "model": "linux affinity toolkit", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "oracle9i application server .1s", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.0.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2" }, { "model": "openssl for openvms alpha", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.0" }, { "model": "project openssl beta3", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "webproxy", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0" }, { "model": "tru64 unix compaq secure web server", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "5.9.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1" }, { "model": "safeword premieraccess", "scope": "eq", "trust": 0.3, "vendor": "securecomputing", "version": "3.1" }, { "model": "junos", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "5.4" }, { "model": "corporatetime outlook connector", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.3" }, { "model": "junos", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "5.6" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.3" }, { "model": "netmail b", "scope": "eq", "trust": 0.3, "vendor": "novell", "version": "3.10" }, { "model": "bind", "scope": "ne", "trust": 0.3, "vendor": "isc", "version": "9.2.2" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.5" }, { "model": "software opera web browser win32", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "6.0.2" }, { "model": "beta", "scope": "eq", "trust": 0.3, "vendor": "netbsd", "version": "1.6" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.5" }, { "model": "netmail e", "scope": "ne", "trust": 0.3, "vendor": "novell", "version": "3.10" }, { "model": "software opera web browser linux", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "6.0.1" }, { "model": "virtualvault", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.6" }, { "model": "tru64 unix compaq secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.8.1" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.4" }, { "model": "netmail a", "scope": "eq", "trust": 0.3, "vendor": "novell", "version": "3.10" }, { "model": "software opera web browser win32", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "6.0.1" }, { "model": "netmail", "scope": "eq", "trust": 0.3, "vendor": "novell", "version": "3.10" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.1.2" }, { "model": "junos", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "5.2" }, { "model": "project openssl g", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "tru64 unix compaq secure web server", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "5.8.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.1" }, { "model": "corporatetime outlook connector", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.1.2" }, { "model": "corporatetime outlook connector", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.1.1" }, { "model": "webproxy", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.0" }, { "model": "netmail c", "scope": "eq", "trust": 0.3, "vendor": "novell", "version": "3.10" }, { "model": "oracle9i application server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.0.2" }, { "model": "project openssl e", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "software opera web browser linux", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "6.0.2" }, { "model": "corporatetime outlook connector", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.2" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.5" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.1.1" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "junos", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "5.3" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.1" }, { "model": "sdx-300", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "3.1.1" }, { "model": "tru64 unix internet express", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.9" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.3" }, { "model": "tcp/ip services for openvms", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.3" }, { "model": "openssl for openvms alpha -a", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "1.0" }, { "model": "sdx-300", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "3.1" }, { "model": "oracle9i application server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.0.2.2" }, { "model": "project openssl beta1", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.2" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.3" }, { "model": "oracle9i application server", "scope": null, "trust": 0.3, "vendor": "oracle", "version": null }, { "model": "virtualvault", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.5" }, { "model": "tru64 unix compaq secure web server", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "5.9.2" }, { "model": "bind", "scope": "ne", "trust": 0.3, "vendor": "isc", "version": "9.2.1" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.1" }, { "model": "junos", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "5.0" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.1.3" }, { "model": "netmail d", "scope": "eq", "trust": 0.3, "vendor": "novell", "version": "3.10" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.1-1" }, { "model": "secure os software for linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.0" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.2" }, { "model": "suse email server", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "3.1" }, { "model": "software opera web browser win32", "scope": "ne", "trust": 0.3, "vendor": "opera", "version": "6.0.3" }, { "model": "junos", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "5.5" } ], "sources": [ { "db": "CERT/CC", "id": "VU#748355" }, { "db": "BID", "id": "5366" }, { "db": "JVNDB", "id": "JVNDB-2002-000174" }, { "db": "CNNVD", "id": "CNNVD-200208-052" }, { "db": "NVD", "id": "CVE-2002-0659" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:isc:bind", "vulnerable": true }, { "cpe22Uri": "cpe:/a:openssl:openssl", "vulnerable": true }, { "cpe22Uri": "cpe:/a:oracle:application_server", "vulnerable": true }, { "cpe22Uri": "cpe:/h:sun:sun_cobalt_raq_3", "vulnerable": true }, { "cpe22Uri": "cpe:/h:sun:sun_cobalt_raq_4", "vulnerable": true }, { "cpe22Uri": "cpe:/h:sun:sun_cobalt_raq_550", "vulnerable": true }, { "cpe22Uri": "cpe:/h:sun:sun_cobalt_raq_xtr", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:linux", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2002-000174" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "James Yonan\u203b jim@ntlp.com\u203bAdi Stav\u203b stav@mercury.co.il", "sources": [ { "db": "CNNVD", "id": "CNNVD-200208-052" } ], "trust": 0.6 }, "cve": "CVE-2002-0659", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2002-0659", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-5050", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2002-0659", "trust": 1.0, "value": "MEDIUM" }, { "author": "CARNEGIE MELLON", "id": "VU#748355", "trust": 0.8, "value": "31.33" }, { "author": "NVD", "id": "CVE-2002-0659", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-200208-052", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-5050", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CERT/CC", "id": "VU#748355" }, { "db": "VULHUB", "id": "VHN-5050" }, { "db": "JVNDB", "id": "JVNDB-2002-000174" }, { "db": "CNNVD", "id": "CNNVD-200208-052" }, { "db": "NVD", "id": "CVE-2002-0659" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. Abstract Syntax Notation number One (ASN.1) is an international standard used to describe and transmit data packets between applications and across networks. OpenSSL In ASN.1 library Inside ans1_get_length() A buffer overflow vulnerability exists when an abnormal certificate is passed to a function.OpenSSL Service disruption (DoS) It may be in a state. This vulnerability is due to parsing errors and affects SSL, TLS, S/MIME, PKCS#7 and certificate creation routines. OpenSSL is an open source general-purpose encryption library developed by the OpenSSL team that can implement the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. There is a vulnerability in the ASN1 interpreter of OpenSSL when dealing with invalid encoding methods. Remote attackers may use this vulnerability to carry out denial-of-service attacks on applications that use the ASN1 library", "sources": [ { "db": "NVD", "id": "CVE-2002-0659" }, { "db": "CERT/CC", "id": "VU#748355" }, { "db": "JVNDB", "id": "JVNDB-2002-000174" }, { "db": "BID", "id": "5366" }, { "db": "VULHUB", "id": "VHN-5050" } ], "trust": 2.7 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-5050", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-5050" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "BID", "id": "5366", "trust": 3.6 }, { "db": "CERT/CC", "id": "VU#748355", "trust": 3.3 }, { "db": "NVD", "id": "CVE-2002-0659", "trust": 2.8 }, { "db": "JVNDB", "id": "JVNDB-2002-000174", "trust": 0.8 }, { "db": "REDHAT", "id": "RHSA-2002:160", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2002:164", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2002:161", "trust": 0.6 }, { "db": "CONECTIVA", "id": "CLA-2002:516", "trust": 0.6 }, { "db": "CERT/CC", "id": "CA-2002-23", "trust": 0.6 }, { "db": "CALDERA", "id": "CSSA-2002-033.0", "trust": 0.6 }, { "db": "CALDERA", "id": "CSSA-2002-033.1", "trust": 0.6 }, { "db": "FREEBSD", "id": "FREEBSD-SA-02:33", "trust": 0.6 }, { "db": "XF", "id": "1", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-200208-052", "trust": 0.6 }, { "db": "EXPLOIT-DB", "id": "23199", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-5050", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#748355" }, { "db": "VULHUB", "id": "VHN-5050" }, { "db": "BID", "id": "5366" }, { "db": "JVNDB", "id": "JVNDB-2002-000174" }, { "db": "CNNVD", "id": "CNNVD-200208-052" }, { "db": "NVD", "id": "CVE-2002-0659" } ] }, "id": "VAR-200208-0144", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-5050" } ], "trust": 0.01 }, "last_update_date": "2024-11-22T22:20:34.112000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "secadv_20020730", "trust": 0.8, "url": "http://www.openssl.org/news/secadv_20020730.txt" }, { "title": "#37", "trust": 0.8, "url": "http://www.oracle.com/technology/deploy/security/htdocs/opensslAlert.html" }, { "title": "RHSA-2002:160", "trust": 0.8, "url": "http://rhn.redhat.com/errata/RHSA-2002-160.html" }, { "title": "46424", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-46424-1" }, { "title": "ISC Information for VU#748355", "trust": 0.8, "url": "http://www.kb.cert.org/vuls/id/JSHA-5CSL3X" }, { "title": "RHSA-2002:160", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2002-160J.html" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2002-000174" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2002-0659" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 4.3, "url": "http://www.securityfocus.com/bid/5366" }, { "trust": 3.5, "url": "http://www.cert.org/advisories/ca-2002-23.html" }, { "trust": 3.5, "url": "http://www.kb.cert.org/vuls/id/748355" }, { "trust": 3.0, "url": "http://rhn.redhat.com/errata/rhsa-2002-160.html" }, { "trust": 2.7, "url": "ftp://ftp.caldera.com/pub/security/openlinux/cssa-2002-033.0.txt" }, { "trust": 2.7, "url": "ftp://ftp.caldera.com/pub/security/openlinux/cssa-2002-033.1.txt" }, { "trust": 2.7, "url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-02:33.openssl.asc" }, { "trust": 2.7, "url": "http://rhn.redhat.com/errata/rhsa-2002-161.html" }, { "trust": 2.7, "url": "http://rhn.redhat.com/errata/rhsa-2002-164.html" }, { "trust": 2.7, "url": "http://www.iss.net/security_center/static/9718.php" }, { "trust": 2.6, "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000516" }, { "trust": 0.8, "url": "ftp://ftp.openssl.org/source/" }, { "trust": 0.8, "url": "ftp://ftp.openssl.org/source/openssl-engine-0.9.6g.tar.gz" }, { "trust": 0.8, "url": "ftp://ftp.openssl.org/source/openssl-engine-0.9.6g.tar.gz.asc" }, { "trust": 0.8, "url": "ftp://ftp.openssl.org/source/openssl-engine-0.9.6g.tar.gz.md5" }, { "trust": 0.8, "url": "http://www.ciac.org/ciac/bulletins/m-103.shtml" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0659" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/wr/2002/wr023101.txt" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/wr/2002/wr023201.txt" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/wr/2002/wr023601.txt" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/wr/2002/wr023001.txt" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnca-2002-23" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0659" }, { "trust": 0.8, "url": "http://www.cyberpolice.go.jp/important/20030416_114510.html" }, { "trust": 0.8, "url": "http://www.cyberpolice.go.jp/important/20030424_144742.html" }, { "trust": 0.3, "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2965676.htm" }, { "trust": 0.3, "url": "http://otn.oracle.com/deploy/security/htdocs/opensslalert.html" }, { "trust": 0.3, "url": "http://docs.info.apple.com/article.html?artnum=120139" }, { "trust": 0.3, "url": "http://docs.info.apple.com/article.html?artnum=120141" }, { "trust": 0.1, "url": "" }, { "trust": 0.1, "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000516" } ], "sources": [ { "db": "CERT/CC", "id": "VU#748355" }, { "db": "VULHUB", "id": "VHN-5050" }, { "db": "BID", "id": "5366" }, { "db": "JVNDB", "id": "JVNDB-2002-000174" }, { "db": "CNNVD", "id": "CNNVD-200208-052" }, { "db": "NVD", "id": "CVE-2002-0659" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#748355" }, { "db": "VULHUB", "id": "VHN-5050" }, { "db": "BID", "id": "5366" }, { "db": "JVNDB", "id": "JVNDB-2002-000174" }, { "db": "CNNVD", "id": "CNNVD-200208-052" }, { "db": "NVD", "id": "CVE-2002-0659" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2002-07-30T00:00:00", "db": "CERT/CC", "id": "VU#748355" }, { "date": "2002-08-12T00:00:00", "db": "VULHUB", "id": "VHN-5050" }, { "date": "2002-07-30T00:00:00", "db": "BID", "id": "5366" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2002-000174" }, { "date": "2002-07-30T00:00:00", "db": "CNNVD", "id": "CNNVD-200208-052" }, { "date": "2002-08-12T04:00:00", "db": "NVD", "id": "CVE-2002-0659" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2002-09-30T00:00:00", "db": "CERT/CC", "id": "VU#748355" }, { "date": "2008-09-10T00:00:00", "db": "VULHUB", "id": "VHN-5050" }, { "date": "2009-07-11T14:56:00", "db": "BID", "id": "5366" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2002-000174" }, { "date": "2006-09-21T00:00:00", "db": "CNNVD", "id": "CNNVD-200208-052" }, { "date": "2024-11-20T23:39:34.700000", "db": "NVD", "id": "CVE-2002-0659" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-200208-052" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "ASN.1 parsing errors exist in implementations of SSL, TLS, S/MIME, PKCS#7 routines", "sources": [ { "db": "CERT/CC", "id": "VU#748355" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Boundary Condition Error", "sources": [ { "db": "BID", "id": "5366" }, { "db": "CNNVD", "id": "CNNVD-200208-052" } ], "trust": 0.9 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.