The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
The product dereferences a pointer that it expects to be valid but is NULL.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Firewall_services_module | Cisco | * | * |
| Firewall_services_module | Cisco | 1.1.2 (including) | 1.1.2 (including) |
| Firewall_services_module | Cisco | 1.1.3 (including) | 1.1.3 (including) |
| Firewall_services_module | Cisco | 1.1_(3.005) (including) | 1.1_(3.005) (including) |
| Firewall_services_module | Cisco | 2.1_(0.208) (including) | 2.1_(0.208) (including) |
| Aaa_server | Hp | * | * |
| Apache-based_web_server | Hp | 2.0.43.00 (including) | 2.0.43.00 (including) |
| Apache-based_web_server | Hp | 2.0.43.04 (including) | 2.0.43.04 (including) |
| Clientless_vpn_gateway_4400 | Symantec | 5.0 (including) | 5.0 (including) |
| Red Hat Enterprise Linux 3 | RedHat | openssl-0:0.9.7a-33.4 | * |
| Red Hat Enterprise Linux 3 | RedHat | openssl096b-0:0.9.6b-16 | * |
| Red Hat Enterprise Linux 3 | RedHat | openssl096b-0:0.9.6b-16.42 | * |
| Red Hat Enterprise Linux 4 | RedHat | openssl096b-0:0.9.6b-22.42 | * |
| Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux ES version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux WS version 2.1 | RedHat | * | |
| Red Hat Linux 9 | RedHat | * | |
| Red Hat Linux Advanced Workstation 2.1 | RedHat | * | |
| Red Hat Stronghold 4 | RedHat | * |