6 matches found
CVE-2004-0079
The connected documents confirm CVE-2004-0079: in OpenSSL 0.9.6c–0.9.6k and 0.9.7a–0.9.7c, a crafted SSL/TLS handshake can trigger a null dereference in do_change_cipher_spec, causing a denial of service (crash). Remediation is to apply patched/OpenSSL releases per advisories (e.g., CentOS adviso...
CVE-2004-0081
CVE-2004-0081 affects OpenSSL 0.9.6 prior to 0.9.6d. The issue is that OpenSSL does not properly handle unknown TLS/SSL message types, enabling a remote attacker to trigger a denial of service via an infinite loop (demonstrated with the Codenomicon TLS Test Tool). Impact is a network-based DoS; e...
CVE-2004-0112
The CVE-2004-0112 issue affects OpenSSL 0.9.7a/b/c: during the SSL/TLS handshake, the Kerberos ciphersuite path fails to validate the Kerberos ticket length, enabling a remote attacker to cause a denial-of-service by triggering an out-of-bounds read. Public sources in connected documents confirm ...
CVE-2005-4459
The CVE-2005-4459 issue is a heap-based buffer overflow in VMware’s NAT service components vmnat.exe and vmnet-natd across several products (Workstation 5.5, GSX Server 3.2, ACE 1.0.1, Player 1.0). The flaw is triggered by malformed FTP PORT and EPRT commands processed by the NAT service, allowin...
CVE-2003-0631
CVE-2003-0631 affects VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier. The root cause is the use of certain environment variables when launching a virtual machine session, allowing a local user to gain root privileges. The provided documents do not specify a patch,...
CVE-2002-0814
CVE-2002-0814 concerns VMware GSX Server 2.0.0 build-2050, where a buffer overflow in the VMware Authorization Service allows remote authenticated users to execute arbitrary code through a long GLOBAL argument. Affected component: VMware Authorization Service within GSX Server 2.0.0. Root cause: ...