CVE Vulnerabilities

CVE-2004-0079

Published: Nov 23, 2004 | Modified: Nov 08, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

Affected Software

Name Vendor Start Version End Version
Firewall_services_module Cisco 1.1.3 1.1.3
Firewall_services_module Cisco 1.1_(3.005) 1.1_(3.005)
Firewall_services_module Cisco * *
Firewall_services_module Cisco 1.1.2 1.1.2
Clientless_vpn_gateway_4400 Symantec 5.0 5.0
Apache-based_web_server Hp 2.0.43.00 2.0.43.00
Apache-based_web_server Hp 2.0.43.04 2.0.43.04
Firewall_services_module Cisco 2.1_(0.208) 2.1_(0.208)
Aaa_server Hp * *
Red Hat Enterprise Linux 2.1 RedHat openssl *
Red Hat Enterprise Linux 2.1 RedHat openssl095a *
Red Hat Enterprise Linux 2.1 RedHat openssl096 *
Red Hat Enterprise Linux 3 RedHat openssl-0:0.9.7a-33.4 *
Red Hat Enterprise Linux 3 RedHat openssl096b-0:0.9.6b-16 *
Red Hat Enterprise Linux 3 RedHat openssl096b-0:0.9.6b-16.42 *
Red Hat Enterprise Linux 4 RedHat openssl096b-0:0.9.6b-22.42 *
Red Hat Linux 9 RedHat openssl *

References