Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-393
HistoryOct 01, 2003 - 12:00 a.m.

openssl - denial of service

2003-10-0100:00:00
Google
osv.dev
10

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Dr. Stephen Henson (), using a test suite
provided by NISCC (), discovered a number of
errors in the OpenSSL
ASN1 code. Combined with an error that causes the OpenSSL code to parse
client certificates even when it should not, these errors can cause a
denial of service (DoS) condition on a system using the OpenSSL code,
depending on how that code is used. For example, even though apache-ssl
and ssh link to OpenSSL libraries, they should not be affected by this
vulnerability. However, other SSL-enabled applications may be
vulnerable and an OpenSSL upgrade is recommended.

For the current stable distribution (woody) these problems have been
fixed in version 0.9.6c-2.woody.4.

For the unstable distribution (sid) these problems have been fixed in
version 0.9.7c-1.

We recommend that you update your openssl package. Note that you will
need to restart services which use the libssl library for this update
to take effect.

Related

nessus 20
securityvulns 3
cert 4
openvas 14
debian 3
suse 1
osv 1
redhat 1
cisco 1
redhatcve 1
cve 3
debiancve 3
ubuntucve 3
openssl 3
oraclelinux 3
nessus
nessus
HP-UX PHSS_30058 : s700_800 11.04 Webproxy server 2.1 update
2005-03-18 00:00:00
SUSE-SA:2003:043: openssl
2004-07-25 00:00:00
HP-UX PHSS_29891 : HPSBUX0310-284 SSRT3622 rev.3 HP-UX Apache HTTP Server Denial of Service,unauthorized access
2005-03-18 00:00:00
securityvulns
securityvulns
Subject: [OpenPKG-SA-2003.044] OpenPKG Security Advisory (openssl)
2003-09-30 00:00:00
[Full-Disclosure] [OpenSSL Advisory] Vulnerabilities in ASN.1 parsing
2003-09-30 00:00:00
CERT Advisory CA-2003-26 Multiple Vulnerabilities in SSL/TLS Implementations
2003-10-03 00:00:00
cert
cert
Multiple vulnerabilities in SSL/TLS implementations
2003-09-30 00:00:00
OpenSSL ASN.1 parser insecure memory deallocation
2003-09-30 00:00:00
OpenSSL contains integer overflow handling ASN.1 tags (2)
2003-09-30 00:00:00
openvas
openvas
HP-UX Update for AAA Server HPSBUX00286
2009-05-05 00:00:00
Debian: Security Advisory (DSA-394)
2008-01-17 00:00:00
HP-UX Update for HP WEBM Services HPSBUX00288
2009-05-05 00:00:00
debian
debian
[SECURITY] [DSA 394-1] New openssl095 packages fix denial of service
2003-10-11 13:54:07
[SECURITY] [DSA 394-1] New openssl095 packages fix denial of service
2003-10-11 13:54:07
[SECURITY] [DSA-393-1] New OpenSSL packages correct denial of service issues
2003-10-01 00:00:00
suse
suse
remote denial-of-service in openssl
2003-10-01 17:18:32
osv
osv
openssl095 - ASN.1 parsing vulnerability
2003-10-11 00:00:00
redhat
redhat
(RHSA-2003:293) openssl security update
2003-09-30 00:00:00
cisco
cisco
SSL Implementation Vulnerabilities
2003-09-30 23:30:00
redhatcve
redhatcve
CVE-2005-1730
2015-10-30 10:15:31
cve
cve
CVE-2003-0544
2003-11-17 05:00:00
CVE-2003-0545
2003-11-17 05:00:00
CVE-2003-0543
2003-11-17 05:00:00
debiancve
debiancve
CVE-2003-0544
2003-11-17 05:00:00
CVE-2003-0545
2003-11-17 05:00:00
CVE-2003-0543
2003-11-17 05:00:00
ubuntucve
ubuntucve
CVE-2003-0545
2003-11-17 00:00:00
CVE-2003-0544
2003-11-17 00:00:00
CVE-2003-0543
2003-11-17 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2003-0545
2003-09-30 00:00:00
Vulnerability in OpenSSL CVE-2003-0544
2003-09-30 00:00:00
Vulnerability in OpenSSL CVE-2003-0543
2003-09-30 00:00:00
oraclelinux
oraclelinux
openssl-fips security update
2015-04-02 00:00:00
openssl security update
2019-03-13 00:00:00
openssl security update
2019-08-16 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for OSV:DSA-393
nessus20securityvulns3cert4openvas14debian3suse1osv1redhat1cisco1redhatcve1cve3debiancve3ubuntucve3openssl3oraclelinux3