CVE-2021-23839

OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater th...

IBM Lotus Domino SSL2 Client Master Key Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the nldap.exe component which listens by default on TCP port 636. When handling Client Master...

Update Protection against Zeus Web Server SSL2_Client_Hello Buffer Overflow

Zeus Web Server is a web server for Unix and Unix-like platforms. A buffer overflow was detected in Zeus Web Server SSL2 implementation SSL2CLIENTHELLO...

Sun Java Enterprise Server NSS Remote Code Execution Vulnerabilities

The version of Sun Java Enterprise Server ES installed on the remote host includes a set of libraries known as Network Security Services NSS for use with many of Java ES' services. On a Windows host, though, vulnerabilities in their implementation of SSL2 support reportedly allow a remote attacke...

Mozilla libnss multiple security vulnerabilities

Buffer overflows and integer overflows in SSL2 client and server code implementation...

Mandrake Linux Security Advisory : openssl (MDKSA-2002:046-1)

An audit of the OpenSSL code by A.L. Digital Ltd and The Bunker, under the DARPA program CHATS, discovered a number of vulnerabilities in the OpenSSL code that are all potentially remotely exploitable. From the OpenSSL advisory : 1. The client master key in SSL2 could be oversized and overrun a...

CVE-2002-0656

Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via 1 a large client master key in SSL2 or 2 a large session ID in SSL3...

CVE-2002-0656

Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via 1 a large client master key in SSL2 or 2 a large session ID in SSL3...

Vulnerability in OpenSSL CVE-2002-0656

A buffer overflow allowed remote attackers to execute arbitrary code by sending a large client master key in SSL2 or a large session ID in SSL3. Found by OpenSSL Group A.L. Digital...

OpenSSL servers contain a buffer overflow during the SSL2 handshake process

Overview OpenSSL is an open-source implementation of the Secure Sockets Layer SSL protocol. A remotely exploitable vulnerability exists in OpenSSL servers that could lead to the execution of arbitrary code on the server. Description Versions of OpenSSL servers prior to 0.9.6e and pre-release...