Lucene search

[email protected]CVE-2011-4619

HistoryJan 06, 2012 - 1:55 a.m.

CVE-2011-4619

2012-01-0601:55:01

CWE-399

[email protected]

web.nvd.nist.gov

5741

openssl

sgc

denial of service

handshake restarts

cve-2011-4619

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.9

Confidence

High

EPSS

0.185

Percentile

96.2%

JSON

The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.

Affected configurations

NVD

Node

opensslopensslRange≤0.9.8r

opensslopensslMatch0.9.1c

opensslopensslMatch0.9.2b

opensslopensslMatch0.9.4

opensslopensslMatch0.9.5

opensslopensslMatch0.9.5a

opensslopensslMatch0.9.6

opensslopensslMatch0.9.6a

opensslopensslMatch0.9.6b

opensslopensslMatch0.9.6c

opensslopensslMatch0.9.6d

opensslopensslMatch0.9.6e

opensslopensslMatch0.9.6f

opensslopensslMatch0.9.6g

opensslopensslMatch0.9.6h

opensslopensslMatch0.9.6hbogus

opensslopensslMatch0.9.6i

opensslopensslMatch0.9.6j

opensslopensslMatch0.9.6k

opensslopensslMatch0.9.6l

opensslopensslMatch0.9.6m

opensslopensslMatch0.9.7

opensslopensslMatch0.9.7a

opensslopensslMatch0.9.7b

opensslopensslMatch0.9.7c

opensslopensslMatch0.9.7d

opensslopensslMatch0.9.7e

opensslopensslMatch0.9.7f

opensslopensslMatch0.9.7g

opensslopensslMatch0.9.7h

opensslopensslMatch0.9.7i

opensslopensslMatch0.9.7j

opensslopensslMatch0.9.7k

opensslopensslMatch0.9.7l

opensslopensslMatch0.9.7m

opensslopensslMatch0.9.8

opensslopensslMatch0.9.8a

opensslopensslMatch0.9.8b

opensslopensslMatch0.9.8c

opensslopensslMatch0.9.8d

opensslopensslMatch0.9.8e

opensslopensslMatch0.9.8f

opensslopensslMatch0.9.8g

opensslopensslMatch0.9.8h

opensslopensslMatch0.9.8i

opensslopensslMatch0.9.8j

opensslopensslMatch0.9.8k

opensslopensslMatch0.9.8l

opensslopensslMatch0.9.8m

opensslopensslMatch0.9.8n

opensslopensslMatch0.9.8o

opensslopensslMatch0.9.8p

opensslopensslMatch0.9.8q

Node

opensslopensslRange≤1.0.0e

opensslopensslMatch1.0.0

opensslopensslMatch1.0.0beta1

opensslopensslMatch1.0.0beta2

opensslopensslMatch1.0.0beta3

opensslopensslMatch1.0.0beta4

opensslopensslMatch1.0.0beta5

opensslopensslMatch1.0.0a

opensslopensslMatch1.0.0b

opensslopensslMatch1.0.0c

opensslopensslMatch1.0.0d

VendorProductVersionCPE
opensslopenssl0.9.7mcpe:/a:openssl:openssl:0.9.7m:::
opensslopenssl0.9.8ccpe:/a:openssl:openssl:0.9.8c:::
opensslopenssl0.9.2bcpe:/a:openssl:openssl:0.9.2b:::
opensslopenssl0.9.6bcpe:/a:openssl:openssl:0.9.6b:::
opensslopenssl0.9.8cpe:/a:openssl:openssl:0.9.8:::
opensslopenssl0.9.8lcpe:/a:openssl:openssl:0.9.8l:::
opensslopenssl0.9.8ocpe:/a:openssl:openssl:0.9.8o:::
opensslopensslcpe:/a:openssl:openssl::::
opensslopenssl0.9.6ecpe:/a:openssl:openssl:0.9.6e:::
opensslopenssl0.9.6hcpe:/a:openssl:openssl:0.9.6h:::

Vendor	Product	Version	CPE
openssl	openssl	0.9.7m	cpe:/a:openssl:openssl:0.9.7m:::
openssl	openssl	0.9.8c	cpe:/a:openssl:openssl:0.9.8c:::
openssl	openssl	0.9.2b	cpe:/a:openssl:openssl:0.9.2b:::
openssl	openssl	0.9.6b	cpe:/a:openssl:openssl:0.9.6b:::
openssl	openssl	0.9.8	cpe:/a:openssl:openssl:0.9.8:::
openssl	openssl	0.9.8l	cpe:/a:openssl:openssl:0.9.8l:::
openssl	openssl	0.9.8o	cpe:/a:openssl:openssl:0.9.8o:::
openssl	openssl		cpe:/a:openssl:openssl::::
openssl	openssl	0.9.6e	cpe:/a:openssl:openssl:0.9.6e:::
openssl	openssl	0.9.6h	cpe:/a:openssl:openssl:0.9.6h:::