Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SA:2004:007
HistoryMar 17, 2004 - 1:37 p.m.

remote denial-of-service in openssl

2004-03-1713:37:40
lists.opensuse.org
32

0.015 Low

EPSS

Percentile

85.5%

JSON

OpenSSL is an implementation of the Secure Socket Layer (SSL v2/3) and Transport Layer Security (TLS v1) protocol. The NISCC informed us about to failure conditions in openssl that can be triggered to crash applications that use the openssl library. The first bug occurs during SSL/TLS handshake in the function do_change_cipher_spec() due to a NULL pointer assignment. The second bug affects openssl version 0.9.7* only with Kerberos cipher-suite enabled and can be triggered during SSL/TLS handshake too.

Related

slackware 1
nessus 39
openvas 26
securityvulns 4
f5 1
redhat 5
cert 3
cisco 1
gentoo 1
cve 5
debian 4
freebsd 2
centos 1
osv 3
debiancve 3
altlinux 3
openssl 2
ubuntucve 1
freebsd_advisory 1
redhatcve 1
suse 4
oraclelinux 3
slackware
slackware
OpenSSL security update
2004-03-17 17:34:04
nessus
nessus
SuSE-SA:2004:007: openssl
2004-07-25 00:00:00
Slackware 8.1 / 9.0 / 9.1 / current : OpenSSL security update (SSA:2004-077-01)
2005-07-13 00:00:00
Mandrake Linux Security Advisory : openssl (MDKSA-2004:023)
2004-07-31 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2004-077-01)
2012-09-10 00:00:00
Slackware Advisory SSA:2004-077-01 OpenSSL security update
2012-09-11 00:00:00
Gentoo Security Advisory GLSA 200403-03 (OpenSSL)
2008-09-24 00:00:00
securityvulns
securityvulns
OpenSSL Security Advisory [17 March 2004]
2004-03-17 00:00:00
US-CERT Technical Cyber Security Alert TA04-078A -- Multiple Vulnerabilities in OpenSSL
2004-03-19 00:00:00
[Full-Disclosure] Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue
2004-03-10 00:00:00
f5
f5
Multiple vulnerabilities in OpenSSL - CAN-2004-0081, CAN-2004-0079, CAN-2004-0112
2004-02-23 04:00:00
redhat
redhat
(RHSA-2004:120) openssl security update
2004-05-21 00:00:00
(RHSA-2004:074) kdelibs security update
2004-03-10 00:00:00
(RHSA-2004:019) mailman security update
2004-02-09 00:00:00
cert
cert
OpenSSL does not properly handle unknown message types
2004-03-17 00:00:00
OpenSSL contains null-pointer assignment in do_change_cipher_spec() function
2004-03-17 00:00:00
OpenSSL does not adequately validate length of Kerberos ticket during SSL/TLS handshake
2004-03-17 00:00:00
cisco
cisco
Cisco OpenSSL Implementation Vulnerability
2004-03-17 13:00:00
gentoo
gentoo
Multiple OpenSSL Vulnerabilities
2004-03-17 00:00:00
cve
cve
CVE-2005-1730
2005-12-31 05:00:00
CVE-2003-0592
2004-04-15 04:00:00
CVE-2003-0991
2004-03-03 05:00:00
debian
debian
[SECURITY] [DSA 459-1] New kdelibs, kdelibs-crypto packages fix cookie traversal bug
2004-03-10 20:44:55
[SECURITY] [DSA 465-1] New openssl packages fix multiple vulnerabilities
2004-03-17 20:14:05
[SECURITY] [DSA 436-1] New mailman packages fix several vulnerabilities
2004-02-08 22:46:29
freebsd
freebsd
mailman denial-of-service vulnerability in MailCommandHandler
2003-11-18 00:00:00
OpenSSL ChangeCipherSpec denial-of-service vulnerability
2004-03-17 00:00:00
centos
centos
openssl, openssl095a, openssl096 security update
2005-11-03 05:24:10
osv
osv
kdelibs - cookie path traversal
2004-03-10 00:00:00
openssl - several vulnerabilities
2004-03-17 00:00:00
mailman - several vulnerabilities
2004-02-08 00:00:00
debiancve
debiancve
CVE-2003-0991
2004-03-03 05:00:00
CVE-2004-0112
2004-11-23 05:00:00
CVE-2004-0079
2004-11-23 05:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 0.9.6l-alt2
2004-03-17 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.6l-alt2
2004-03-17 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 0.9.6l-alt2
2004-03-17 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2004-0112
2004-03-17 00:00:00
Vulnerability in OpenSSL CVE-2004-0079
2004-03-17 00:00:00
ubuntucve
ubuntucve
CVE-2004-0079
2004-11-23 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-04:05.openssl
2004-03-17 00:00:00
redhatcve
redhatcve
CVE-2005-1730
2015-10-30 10:15:31
suse
suse
local privilege escalation in xf86/XFree86
2004-02-23 16:37:48
local privilege escalation in Linux Kernel
2004-02-18 22:19:53
remote code execution in cvs
2004-04-14 15:54:44
oraclelinux
oraclelinux
openssl-fips security update
2015-04-02 00:00:00
openssl security update
2019-03-13 00:00:00
openssl security update
2019-08-16 00:00:00

0.015 Low

EPSS

Percentile

85.5%

JSON
Related for SUSE-SA:2004:007
slackware1nessus39openvas26securityvulns4f51redhat5cert3cisco1gentoo1cve5debian4freebsd2centos1osv3debiancve3altlinux3openssl2ubuntucve1freebsd_advisory1redhatcve1suse4oraclelinux3