Lucene search
Japan Vulnerability NotesJVN:23632449HistoryOct 11, 2005 - 12:00 a.m.
JVN#23632449: OpenSSL version rollback vulnerability
2005-10-1100:00:00
Japan Vulnerability Notes
jvn.jp
17
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.013 Low
EPSS
Percentile
85.4%
Impact
When performing communication through a path controlled by an attacker using OpenSSL, the attacker conducting a man-in-the-middle (MITM) attack can force a client and a server to negotiate the SSL 2.0 protocol even if these parties both support SSL 3.0 or TLS 1.0 to intercept or alter data.
Solution
Products Affected
- OpenSSL 0.9.8 and earlier
Related
nessus
nessus
FreeBSD : openssl -- potential SSL 2.0 rollback (60e26a40-3b25-11da-9484-00123ffe8333)
2006-05-13 00:00:00
Debian DSA-875-1 : openssl094 - cryptographic weakness
2006-10-14 00:00:00
Debian DSA-881-1 : openssl096 - cryptographic weakness
2006-10-14 00:00:00
debian
debian
[SECURITY] [DSA 882-1] New OpenSSL packages fix cryptographic weakness
2005-11-04 12:08:28
[SECURITY] [DSA 888-1] New OpenSSL packages fix cryptographic weakness
2005-11-07 19:06:00
[SECURITY] [DSA 882-1] New OpenSSL packages fix cryptographic weakness
2005-11-04 12:08:28
ubuntucve
ubuntucve
CVE-2005-2969
2005-10-18 00:00:00
openvas
openvas
OpenSSL: Man in the Middle Attack (CVE-2005-2969) - Windows
2021-08-13 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-05:21.openssl.asc)
2008-09-04 00:00:00
Debian: Security Advisory (DSA-881-1)
2008-01-17 00:00:00
f5
f5
debiancve
debiancve
CVE-2005-2969
2005-10-18 21:02:00
cve
cve
CVE-2005-2969
2005-10-18 21:02:00
ubuntu
ubuntu
SSL library vulnerability
2005-10-14 00:00:00
freebsd
freebsd
openssl -- potential SSL 2.0 rollback
2005-10-11 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 0.9.7g-alt3
2005-10-11 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 0.9.7g-alt3
2005-10-11 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.7g-alt3
2005-10-11 00:00:00
osv
osv
openssl094 - cryptographic weakness
2005-10-27 00:00:00
gentoo
gentoo
OpenSSL: SSL 2.0 protocol rollback
2005-10-12 00:00:00
slackware
slackware
OpenSSL
2005-10-13 18:06:49
securityvulns
securityvulns
[Full-disclosure] OpenSSL SSL 2.0 Rollback (CAN-2005-2969)
2005-10-11 00:00:00
suse
suse
protocol downgrade attack in openssl
2005-10-19 12:57:35
freebsd_advisory
freebsd_advisory
FreeBSD-SA-05:21.openssl
2005-10-11 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2005-2969
2005-10-11 00:00:00
redhat
redhat
(RHSA-2005:800) openssl security update
2005-10-11 00:00:00
centos
centos
openssl, openssl095a, openssl096 security update
2005-10-12 00:30:56
openssl, openssl096b security update
2005-10-11 17:08:24
cisco
cisco
OpenSSL Version Rollback and Weak Cryptographic Algorithm Vulnerabilities
2005-10-12 15:54:57
oraclelinux
oraclelinux
openssl-fips security update
2015-04-02 00:00:00
openssl security update
2019-03-13 00:00:00
openssl security update
2019-08-16 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.013 Low
EPSS
Percentile
85.4%
Related for JVN:23632449