OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Firewall_services_module | Cisco | * | * |
| Firewall_services_module | Cisco | 1.1.2 (including) | 1.1.2 (including) |
| Firewall_services_module | Cisco | 1.1.3 (including) | 1.1.3 (including) |
| Firewall_services_module | Cisco | 1.1_(3.005) (including) | 1.1_(3.005) (including) |
| Firewall_services_module | Cisco | 2.1_(0.208) (including) | 2.1_(0.208) (including) |
| Aaa_server | Hp | * | * |
| Apache-based_web_server | Hp | 2.0.43.00 (including) | 2.0.43.00 (including) |
| Apache-based_web_server | Hp | 2.0.43.04 (including) | 2.0.43.04 (including) |
| Clientless_vpn_gateway_4400 | Symantec | 5.0 (including) | 5.0 (including) |
| Red Hat Enterprise Linux 3 | RedHat | openssl-0:0.9.7a-33.4 | * |
| Red Hat Enterprise Linux 3 | RedHat | openssl096b-0:0.9.6b-16 | * |
| Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux ES version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux WS version 2.1 | RedHat | * | |
| Red Hat Linux 9 | RedHat | * | |
| Red Hat Linux Advanced Workstation 2.1 | RedHat | * | |
| Red Hat Stronghold 4 | RedHat | * |