10 matches found
CVE-2004-0079
The connected documents confirm CVE-2004-0079: in OpenSSL 0.9.6c–0.9.6k and 0.9.7a–0.9.7c, a crafted SSL/TLS handshake can trigger a null dereference in do_change_cipher_spec, causing a denial of service (crash). Remediation is to apply patched/OpenSSL releases per advisories (e.g., CentOS adviso...
CVE-2004-0081
CVE-2004-0081 affects OpenSSL 0.9.6 prior to 0.9.6d. The issue is that OpenSSL does not properly handle unknown TLS/SSL message types, enabling a remote attacker to trigger a denial of service via an infinite loop (demonstrated with the Codenomicon TLS Test Tool). Impact is a network-based DoS; e...
CVE-2004-0112
The CVE-2004-0112 issue affects OpenSSL 0.9.7a/b/c: during the SSL/TLS handshake, the Kerberos ciphersuite path fails to validate the Kerberos ticket length, enabling a remote attacker to cause a denial-of-service by triggering an out-of-bounds read. Public sources in connected documents confirm ...
CVE-2005-4794
The CVE-2005-4794 issue affects Cisco devices listed in the Initial document: IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM). The vulnerability is a denial of service caused by processing a compressed DNS packet containing a label length by...
CVE-2005-0600
Technical details about CVE-2005-0600 are not publicly provided in the supplied documents. Monitor for updates from authoritative sources.
CVE-2003-0982
CVE-2003-0982 refers to a buffer overflow in Cisco ACNS authentication module. Affected versions are ACNS 4.x before 4.2.11 and 5.x before 5.0.5, where sending an overly long password can allow a remote attacker to execute arbitrary code on the device. The Cisco advisory notes fix upgrades to 4.2...
CVE-2005-0597
CVE-2005-0597 affects Cisco ACNS (Application and Content Networking System) versions 5.0 prior to 5.0.17.6 and 5.1 prior to 5.1.11.6. The vulnerability allows remote attackers to cause a denial of service (process restart) by sending a crafted TCP connection. No exploit details are provided in t...
CVE-2005-0598
Cisco ACNS RealServer RealSubscriber (ACNS 5.1) can be remotely DoS’d via malformed IP packets, causing the device to exhaust CPU (often 100%) and require a reboot to recover. Remediation per the CERT/ Cisco advisory: apply a patch or upgrade, or disable RealSubscriber and/or restrict access with...
CVE-2005-0601
CVE-2005-0601 affects Cisco’s Application and Content Networking System (ACNS) 4.x, 5.0, 5.1, and 5.2. The issue arises when the setup dialog has not been run, leaving a default password that could allow remote attackers to gain access. The connected documents do not provide specific technical de...
CVE-2005-0599
CVE-2005-0599 affects Cisco Application and Content Networking System (ACNS) 4.x, 5.0, and 5.1 prior to 5.1.11.6. Exploitation by remote attackers via malformed IP packets can cause CPU exhaustion, leading to a denial of service on affected devices. A reboot is required to recover. Remediation: u...