CVE-2002-0656

Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.

Affected Software

Name	Vendor	Start Version	End Version
Openssl	Openssl	0.9.1c (including)	0.9.1c (including)
Openssl	Openssl	0.9.2b (including)	0.9.2b (including)
Openssl	Openssl	0.9.3 (including)	0.9.3 (including)
Openssl	Openssl	0.9.4 (including)	0.9.4 (including)
Openssl	Openssl	0.9.5 (including)	0.9.5 (including)
Openssl	Openssl	0.9.5a (including)	0.9.5a (including)
Openssl	Openssl	0.9.6 (including)	0.9.6 (including)
Openssl	Openssl	0.9.6a (including)	0.9.6a (including)
Openssl	Openssl	0.9.6b (including)	0.9.6b (including)
Openssl	Openssl	0.9.6c (including)	0.9.6c (including)
Openssl	Openssl	0.9.6d (including)	0.9.6d (including)
Openssl	Openssl	0.9.7-beta1 (including)	0.9.7-beta1 (including)
Openssl	Openssl	0.9.7-beta2 (including)	0.9.7-beta2 (including)
Application_server	Oracle	*	*
Application_server	Oracle	1.0.2 (including)	1.0.2 (including)
Application_server	Oracle	1.0.2.1s (including)	1.0.2.1s (including)
Application_server	Oracle	1.0.2.2 (including)	1.0.2.2 (including)
Corporate_time_outlook_connector	Oracle	3.1 (including)	3.1 (including)
Corporate_time_outlook_connector	Oracle	3.1.1 (including)	3.1.1 (including)
Corporate_time_outlook_connector	Oracle	3.1.2 (including)	3.1.2 (including)
Corporate_time_outlook_connector	Oracle	3.3 (including)	3.3 (including)
Http_server	Oracle	9.0.1 (including)	9.0.1 (including)
Http_server	Oracle	9.2.0 (including)	9.2.0 (including)
Red Hat Enterprise Linux AS (Advanced Server) version 2.1	RedHat		*
Red Hat Linux 6.2	RedHat		*
Red Hat Linux 7.0	RedHat		*
Red Hat Linux 7.1	RedHat		*
Red Hat Linux 7.2	RedHat		*
Red Hat Linux 7.3	RedHat		*
Red Hat Stronghold 3	RedHat		*
Red Hat Stronghold 4	RedHat		*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0656
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References