Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2004-0079
HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0079

2004-11-2305:00:00
CWE-476
[email protected]
web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.9%

JSON

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

Affected configurations

NVD
Node
ciscofirewall_services_module
OR
ciscofirewall_services_moduleMatch1.1.2
OR
ciscofirewall_services_moduleMatch1.1.3
OR
ciscofirewall_services_moduleMatch1.1_\(3.005\)
OR
ciscofirewall_services_moduleMatch2.1_\(0.208\)
OR
hpaaa_server
OR
hpapache-based_web_serverMatch2.0.43.00
OR
hpapache-based_web_serverMatch2.0.43.04
OR
symantecclientless_vpn_gateway_4400Match5.0
Node
ciscociscoworks_common_management_foundationMatch2.1
OR
ciscociscoworks_common_servicesMatch2.2
OR
avayaconverged_communications_serverMatch2.0
OR
avayasg200Match4.4
OR
avayasg200Match4.31.29
OR
avayasg203Match4.4
OR
avayasg203Match4.31.29
OR
avayasg208
OR
avayasg208Match4.4
OR
avayasg5Match4.2
OR
avayasg5Match4.3
OR
avayasg5Match4.4
OR
applemac_os_xMatch10.3.3
OR
applemac_os_x_serverMatch10.3.3
OR
freebsdfreebsdMatch4.8
OR
freebsdfreebsdMatch4.8releng
OR
freebsdfreebsdMatch4.9
OR
freebsdfreebsdMatch5.1
OR
freebsdfreebsdMatch5.1release
OR
freebsdfreebsdMatch5.1releng
OR
freebsdfreebsdMatch5.2
OR
freebsdfreebsdMatch5.2.1release
OR
hphp-uxMatch8.05
OR
hphp-uxMatch11.00
OR
hphp-uxMatch11.11
OR
hphp-uxMatch11.23
OR
openbsdopenbsdMatch3.3
OR
openbsdopenbsdMatch3.4
OR
redhatenterprise_linuxMatch3.0advanced_server
OR
redhatenterprise_linuxMatch3.0enterprise_server
OR
redhatenterprise_linuxMatch3.0workstation_server
OR
redhatenterprise_linux_desktopMatch3.0
OR
redhatlinuxMatch7.2
OR
redhatlinuxMatch7.3
OR
redhatlinuxMatch8.0
OR
scoopenserverMatch5.0.6
OR
scoopenserverMatch5.0.7
Node
ciscoiosMatch12.1\(11\)e
OR
ciscoiosMatch12.1\(11b\)e
OR
ciscoiosMatch12.1\(11b\)e12
OR
ciscoiosMatch12.1\(11b\)e14
OR
ciscoiosMatch12.1\(13\)e9
OR
ciscoiosMatch12.1\(19\)e1
OR
ciscoiosMatch12.2\(14\)sy
OR
ciscoiosMatch12.2\(14\)sy1
OR
ciscoiosMatch12.2sy
OR
ciscoiosMatch12.2za
AND
4dwebstarMatch4.0
OR
4dwebstarMatch5.2
OR
4dwebstarMatch5.2.1
OR
4dwebstarMatch5.2.2
OR
4dwebstarMatch5.2.3
OR
4dwebstarMatch5.2.4
OR
4dwebstarMatch5.3
OR
4dwebstarMatch5.3.1
OR
avayaintuity_audixlx
OR
avayaintuity_audixMatch5.1.46
OR
avayaintuity_audixMatchs3210
OR
avayaintuity_audixMatchs3400
OR
avayavsuMatch5
OR
avayavsuMatch5x
OR
avayavsuMatch100_r2.0.1
OR
avayavsuMatch500
OR
avayavsuMatch2000_r2.0.1
OR
avayavsuMatch5000_r2.0.1
OR
avayavsuMatch7500_r2.0.1
OR
avayavsuMatch10000_r2.0.1
OR
checkpointfirewall-1vsx-ng-ai
OR
checkpointfirewall-1Match2.0gx
OR
checkpointfirewall-1Matchnext_generation_fp0
OR
checkpointfirewall-1Matchnext_generation_fp1
OR
checkpointfirewall-1Matchnext_generation_fp2
OR
checkpointprovider-1Match4.1
OR
checkpointprovider-1Match4.1sp1
OR
checkpointprovider-1Match4.1sp2
OR
checkpointprovider-1Match4.1sp3
OR
checkpointprovider-1Match4.1sp4
OR
checkpointvpn-1Matchnext_generation_fp0
OR
checkpointvpn-1Matchnext_generation_fp1
OR
checkpointvpn-1Matchnext_generation_fp2
OR
checkpointvpn-1Matchvsx_ng_with_application_intelligence
OR
ciscoaccess_registrar
OR
ciscoapplication_and_content_networking_software
OR
ciscocss_secure_content_acceleratorMatch1.0
OR
ciscocss_secure_content_acceleratorMatch2.0
OR
ciscocss11000_content_services_switch
OR
ciscookena_stormwatchMatch3.2
OR
ciscopix_firewallMatch6.2.2_.111
OR
ciscothreat_response
OR
ciscowebnsMatch6.10
OR
ciscowebnsMatch6.10_b4
OR
ciscowebnsMatch7.1_0.1.02
OR
ciscowebnsMatch7.1_0.2.06
OR
ciscowebnsMatch7.2_0.0.03
OR
ciscowebnsMatch7.10
OR
ciscowebnsMatch7.10_.0.06s
OR
dellbsafe_ssl-jMatch3.0
OR
dellbsafe_ssl-jMatch3.0.1
OR
dellbsafe_ssl-jMatch3.1
OR
hpwbemMatcha.01.05.08
OR
hpwbemMatcha.02.00.00
OR
hpwbemMatcha.02.00.01
OR
litespeed_technologies_litespeed_web_serverMatch1.0.1
OR
litespeed_technologies_litespeed_web_serverMatch1.0.2
OR
litespeed_technologies_litespeed_web_serverMatch1.0.3
OR
litespeed_technologies_litespeed_web_serverMatch1.1
OR
litespeed_technologies_litespeed_web_serverMatch1.1.1
OR
litespeed_technologies_litespeed_web_serverMatch1.2.1
OR
litespeed_technologies_litespeed_web_serverMatch1.2.2
OR
litespeed_technologies_litespeed_web_serverMatch1.2_rc1
OR
litespeed_technologies_litespeed_web_serverMatch1.2_rc2
OR
litespeed_technologies_litespeed_web_serverMatch1.3
OR
litespeed_technologies_litespeed_web_serverMatch1.3.1
OR
litespeed_technologies_litespeed_web_serverMatch1.3_rc1
OR
litespeed_technologies_litespeed_web_serverMatch1.3_rc2
OR
litespeed_technologies_litespeed_web_serverMatch1.3_rc3
OR
neoterisinstant_virtual_extranetMatch3.0
OR
neoterisinstant_virtual_extranetMatch3.1
OR
neoterisinstant_virtual_extranetMatch3.2
OR
neoterisinstant_virtual_extranetMatch3.3
OR
neoterisinstant_virtual_extranetMatch3.3.1
OR
novelledirectoryMatch8.0
OR
novelledirectoryMatch8.5
OR
novelledirectoryMatch8.5.12a
OR
novelledirectoryMatch8.5.27
OR
novelledirectoryMatch8.6.2
OR
novelledirectoryMatch8.7
OR
novelledirectoryMatch8.7.1
OR
novelledirectoryMatch8.7.1sp1
OR
novellimanagerMatch1.5
OR
novellimanagerMatch2.0
OR
opensslopensslMatch0.9.6c
OR
opensslopensslMatch0.9.6d
OR
opensslopensslMatch0.9.6e
OR
opensslopensslMatch0.9.6f
OR
opensslopensslMatch0.9.6g
OR
opensslopensslMatch0.9.6h
OR
opensslopensslMatch0.9.6i
OR
opensslopensslMatch0.9.6j
OR
opensslopensslMatch0.9.6k
OR
opensslopensslMatch0.9.7
OR
opensslopensslMatch0.9.7beta1
OR
opensslopensslMatch0.9.7beta2
OR
opensslopensslMatch0.9.7beta3
OR
opensslopensslMatch0.9.7a
OR
opensslopensslMatch0.9.7b
OR
opensslopensslMatch0.9.7c
OR
redhatopensslMatch0.9.6-15i386
OR
redhatopensslMatch0.9.6b-3i386
OR
redhatopensslMatch0.9.7a-2i386
OR
redhatopensslMatch0.9.7a-2i386_dev
OR
redhatopensslMatch0.9.7a-2i386_perl
OR
sgipropackMatch2.3
OR
sgipropackMatch2.4
OR
sgipropackMatch3.0
OR
stonesoftserverclusterMatch2.5
OR
stonesoftserverclusterMatch2.5.2
OR
stonesoftstonebeat_fullclusterMatch1_2.0
OR
stonesoftstonebeat_fullclusterMatch1_3.0
OR
stonesoftstonebeat_fullclusterMatch2.0
OR
stonesoftstonebeat_fullclusterMatch2.5
OR
stonesoftstonebeat_fullclusterMatch3.0
OR
stonesoftstonebeat_securityclusterMatch2.0
OR
stonesoftstonebeat_securityclusterMatch2.5
OR
stonesoftstonebeat_webclusterMatch2.0
OR
stonesoftstonebeat_webclusterMatch2.5
OR
stonesoftstonegateMatch1.5.17
OR
stonesoftstonegateMatch1.5.18
OR
stonesoftstonegateMatch1.6.2
OR
stonesoftstonegateMatch1.6.3
OR
stonesoftstonegateMatch1.7
OR
stonesoftstonegateMatch1.7.1
OR
stonesoftstonegateMatch1.7.2
OR
stonesoftstonegateMatch2.0.1
OR
stonesoftstonegateMatch2.0.4
OR
stonesoftstonegateMatch2.0.5
OR
stonesoftstonegateMatch2.0.6
OR
stonesoftstonegateMatch2.0.7
OR
stonesoftstonegateMatch2.0.8
OR
stonesoftstonegateMatch2.0.9
OR
stonesoftstonegateMatch2.1
OR
stonesoftstonegateMatch2.2
OR
stonesoftstonegateMatch2.2.1
OR
stonesoftstonegateMatch2.2.4
OR
stonesoftstonegate_vpn_clientMatch1.7
OR
stonesoftstonegate_vpn_clientMatch1.7.2
OR
stonesoftstonegate_vpn_clientMatch2.0
OR
stonesoftstonegate_vpn_clientMatch2.0.7
OR
stonesoftstonegate_vpn_clientMatch2.0.8
OR
stonesoftstonegate_vpn_clientMatch2.0.9
OR
tarantellatarantella_enterpriseMatch3.20
OR
tarantellatarantella_enterpriseMatch3.30
OR
tarantellatarantella_enterpriseMatch3.40
OR
vmwaregsx_serverMatch2.0
OR
vmwaregsx_serverMatch2.0.1_build_2129
OR
vmwaregsx_serverMatch2.5.1
OR
vmwaregsx_serverMatch2.5.1_build_5336
OR
vmwaregsx_serverMatch3.0_build_7592
OR
avayas8300Matchr2.0.0
OR
avayas8300Matchr2.0.1
OR
avayas8500Matchr2.0.0
OR
avayas8500Matchr2.0.1
OR
avayas8700Matchr2.0.0
OR
avayas8700Matchr2.0.1
OR
bluecoatproxysg
OR
ciscocall_manager
OR
ciscocontent_services_switch_11500
OR
ciscogss_4480_global_site_selector
OR
ciscogss_4490_global_site_selector
OR
ciscomds_9000
OR
ciscosecure_content_acceleratorMatch10000
OR
securecomputingsidewinderMatch5.2
OR
securecomputingsidewinderMatch5.2.0.01
OR
securecomputingsidewinderMatch5.2.0.02
OR
securecomputingsidewinderMatch5.2.0.03
OR
securecomputingsidewinderMatch5.2.0.04
OR
securecomputingsidewinderMatch5.2.1
OR
securecomputingsidewinderMatch5.2.1.02
OR
suncrypto_accelerator_4000Match1.0
OR
bluecoatcacheos_ca_saMatch4.1.10
OR
bluecoatcacheos_ca_saMatch4.1.12
OR
ciscopix_firewall_softwareMatch6.0
OR
ciscopix_firewall_softwareMatch6.0\(1\)
OR
ciscopix_firewall_softwareMatch6.0\(2\)
OR
ciscopix_firewall_softwareMatch6.0\(3\)
OR
ciscopix_firewall_softwareMatch6.0\(4\)
OR
ciscopix_firewall_softwareMatch6.0\(4.101\)
OR
ciscopix_firewall_softwareMatch6.1
OR
ciscopix_firewall_softwareMatch6.1\(1\)
OR
ciscopix_firewall_softwareMatch6.1\(2\)
OR
ciscopix_firewall_softwareMatch6.1\(3\)
OR
ciscopix_firewall_softwareMatch6.1\(4\)
OR
ciscopix_firewall_softwareMatch6.1\(5\)
OR
ciscopix_firewall_softwareMatch6.2
OR
ciscopix_firewall_softwareMatch6.2\(1\)
OR
ciscopix_firewall_softwareMatch6.2\(2\)
OR
ciscopix_firewall_softwareMatch6.2\(3\)
OR
ciscopix_firewall_softwareMatch6.2\(3.100\)
OR
ciscopix_firewall_softwareMatch6.3
OR
ciscopix_firewall_softwareMatch6.3\(1\)
OR
ciscopix_firewall_softwareMatch6.3\(2\)
OR
ciscopix_firewall_softwareMatch6.3\(3.102\)
OR
ciscopix_firewall_softwareMatch6.3\(3.109\)

References

Related

openvas 14
altlinux 3
redhat 3
nessus 32
freebsd_advisory 1
ubuntucve 1
cve 2
centos 1
cvelist 2
freebsd 1
openssl 1
debiancve 1
debian 1
osv 1
slackware 1
securityvulns 2
cert 2
cisco 1
f5 1
gentoo 1
nvd 1
suse 1
redhatcve 1
oraclelinux 3
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-04:05.openssl.asc)
2008-09-04 00:00:00
OpenSSL: DoS Vulnerability (CVE-2004-0079) - Windows
2021-08-13 00:00:00
FreeBSD Ports: openssl, openssl-beta
2008-09-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 0.9.6l-alt2
2004-03-17 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 0.9.6l-alt2
2004-03-17 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.6l-alt2
2004-03-17 00:00:00
redhat
redhat
(RHSA-2005:830) openssl096b security update
2005-11-02 00:00:00
(RHSA-2005:829) openssl security update
2005-11-02 00:00:00
(RHSA-2004:120) openssl security update
2004-05-21 00:00:00
nessus
nessus
RHEL 3 / 4 : openssl096b (RHSA-2005:830)
2005-11-04 00:00:00
FreeBSD : OpenSSL ChangeCipherSpec denial-of-service vulnerability (68233cba-7774-11d8-89ed-0020ed76ef5a)
2009-04-23 00:00:00
FreeBSD : OpenSSL ChangeCipherSpec denial-of-service vulnerability (132)
2004-07-06 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-04:05.openssl
2004-03-17 00:00:00
ubuntucve
ubuntucve
CVE-2004-0079
2004-11-23 00:00:00
cve
cve
CVE-2004-0079
2004-11-23 05:00:00
CVE-2005-1730
2007-03-03 23:00:00
centos
centos
openssl, openssl095a, openssl096 security update
2005-11-03 05:24:10
cvelist
cvelist
CVE-2004-0079
2004-03-18 05:00:00
CVE-2005-1730
2007-03-03 23:00:00
freebsd
freebsd
OpenSSL ChangeCipherSpec denial-of-service vulnerability
2004-03-17 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2004-0079
2004-03-17 00:00:00
debiancve
debiancve
CVE-2004-0079
2004-11-23 05:00:00
debian
debian
[SECURITY] [DSA 465-1] New openssl packages fix multiple vulnerabilities
2004-03-17 20:14:05
osv
osv
openssl - several vulnerabilities
2004-03-17 00:00:00
slackware
slackware
OpenSSL security update
2004-03-17 17:34:04
securityvulns
securityvulns
OpenSSL Security Advisory [17 March 2004]
2004-03-17 00:00:00
US-CERT Technical Cyber Security Alert TA04-078A -- Multiple Vulnerabilities in OpenSSL
2004-03-19 00:00:00
cert
cert
OpenSSL does not properly handle unknown message types
2004-03-17 00:00:00
OpenSSL contains null-pointer assignment in do_change_cipher_spec() function
2004-03-17 00:00:00
cisco
cisco
Cisco OpenSSL Implementation Vulnerability
2004-03-17 13:00:00
f5
f5
Multiple vulnerabilities in OpenSSL - CAN-2004-0081, CAN-2004-0079, CAN-2004-0112
2004-02-23 04:00:00
gentoo
gentoo
Multiple OpenSSL Vulnerabilities
2004-03-17 00:00:00
nvd
nvd
CVE-2005-1730
2005-12-31 05:00:00
suse
suse
remote denial-of-service in openssl
2004-03-17 13:37:40
redhatcve
redhatcve
CVE-2005-1730
2015-10-30 10:15:31
oraclelinux
oraclelinux
openssl-fips security update
2015-04-02 00:00:00
openssl security update
2019-03-13 00:00:00
openssl security update
2019-08-16 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.9%

JSON
Related for NVD:CVE-2004-0079
openvas14altlinux3redhat3nessus32freebsd_advisory1ubuntucve1cve2centos1cvelist2freebsd1openssl1debiancve1debian1osv1slackware1securityvulns2cert2cisco1f51gentoo1nvd1suse1redhatcve1oraclelinux3