Lucene search

K
nvd[email protected]NVD:CVE-2011-4619
HistoryJan 06, 2012 - 1:55 a.m.

CVE-2011-4619

2012-01-0601:55:01
CWE-399
web.nvd.nist.gov
2

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.5

Confidence

High

EPSS

0.185

Percentile

96.2%

The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.

Affected configurations

NVD
Node
opensslopensslRange0.9.8r
OR
opensslopensslMatch0.9.1c
OR
opensslopensslMatch0.9.2b
OR
opensslopensslMatch0.9.4
OR
opensslopensslMatch0.9.5
OR
opensslopensslMatch0.9.5a
OR
opensslopensslMatch0.9.6
OR
opensslopensslMatch0.9.6a
OR
opensslopensslMatch0.9.6b
OR
opensslopensslMatch0.9.6c
OR
opensslopensslMatch0.9.6d
OR
opensslopensslMatch0.9.6e
OR
opensslopensslMatch0.9.6f
OR
opensslopensslMatch0.9.6g
OR
opensslopensslMatch0.9.6h
OR
opensslopensslMatch0.9.6hbogus
OR
opensslopensslMatch0.9.6i
OR
opensslopensslMatch0.9.6j
OR
opensslopensslMatch0.9.6k
OR
opensslopensslMatch0.9.6l
OR
opensslopensslMatch0.9.6m
OR
opensslopensslMatch0.9.7
OR
opensslopensslMatch0.9.7a
OR
opensslopensslMatch0.9.7b
OR
opensslopensslMatch0.9.7c
OR
opensslopensslMatch0.9.7d
OR
opensslopensslMatch0.9.7e
OR
opensslopensslMatch0.9.7f
OR
opensslopensslMatch0.9.7g
OR
opensslopensslMatch0.9.7h
OR
opensslopensslMatch0.9.7i
OR
opensslopensslMatch0.9.7j
OR
opensslopensslMatch0.9.7k
OR
opensslopensslMatch0.9.7l
OR
opensslopensslMatch0.9.7m
OR
opensslopensslMatch0.9.8
OR
opensslopensslMatch0.9.8a
OR
opensslopensslMatch0.9.8b
OR
opensslopensslMatch0.9.8c
OR
opensslopensslMatch0.9.8d
OR
opensslopensslMatch0.9.8e
OR
opensslopensslMatch0.9.8f
OR
opensslopensslMatch0.9.8g
OR
opensslopensslMatch0.9.8h
OR
opensslopensslMatch0.9.8i
OR
opensslopensslMatch0.9.8j
OR
opensslopensslMatch0.9.8k
OR
opensslopensslMatch0.9.8l
OR
opensslopensslMatch0.9.8m
OR
opensslopensslMatch0.9.8n
OR
opensslopensslMatch0.9.8o
OR
opensslopensslMatch0.9.8p
OR
opensslopensslMatch0.9.8q
Node
opensslopensslRange1.0.0e
OR
opensslopensslMatch1.0.0
OR
opensslopensslMatch1.0.0beta1
OR
opensslopensslMatch1.0.0beta2
OR
opensslopensslMatch1.0.0beta3
OR
opensslopensslMatch1.0.0beta4
OR
opensslopensslMatch1.0.0beta5
OR
opensslopensslMatch1.0.0a
OR
opensslopensslMatch1.0.0b
OR
opensslopensslMatch1.0.0c
OR
opensslopensslMatch1.0.0d

References

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.5

Confidence

High

EPSS

0.185

Percentile

96.2%