CVE Vulnerabilities

CVE-2002-0656

Published: Aug 12, 2002 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.

Affected Software

Name Vendor Start Version End Version
Openssl Openssl 0.9.1c (including) 0.9.1c (including)
Openssl Openssl 0.9.2b (including) 0.9.2b (including)
Openssl Openssl 0.9.3 (including) 0.9.3 (including)
Openssl Openssl 0.9.4 (including) 0.9.4 (including)
Openssl Openssl 0.9.5 (including) 0.9.5 (including)
Openssl Openssl 0.9.5a (including) 0.9.5a (including)
Openssl Openssl 0.9.6 (including) 0.9.6 (including)
Openssl Openssl 0.9.6a (including) 0.9.6a (including)
Openssl Openssl 0.9.6b (including) 0.9.6b (including)
Openssl Openssl 0.9.6c (including) 0.9.6c (including)
Openssl Openssl 0.9.6d (including) 0.9.6d (including)
Openssl Openssl 0.9.7-beta1 (including) 0.9.7-beta1 (including)
Openssl Openssl 0.9.7-beta2 (including) 0.9.7-beta2 (including)
Application_server Oracle * *
Application_server Oracle 1.0.2 (including) 1.0.2 (including)
Application_server Oracle 1.0.2.1s (including) 1.0.2.1s (including)
Application_server Oracle 1.0.2.2 (including) 1.0.2.2 (including)
Corporate_time_outlook_connector Oracle 3.1 (including) 3.1 (including)
Corporate_time_outlook_connector Oracle 3.1.1 (including) 3.1.1 (including)
Corporate_time_outlook_connector Oracle 3.1.2 (including) 3.1.2 (including)
Corporate_time_outlook_connector Oracle 3.3 (including) 3.3 (including)
Http_server Oracle 9.0.1 (including) 9.0.1 (including)
Http_server Oracle 9.2.0 (including) 9.2.0 (including)
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Linux 6.2 RedHat *
Red Hat Linux 7.0 RedHat *
Red Hat Linux 7.1 RedHat *
Red Hat Linux 7.2 RedHat *
Red Hat Linux 7.3 RedHat *
Red Hat Stronghold 3 RedHat *
Red Hat Stronghold 4 RedHat *

References