CVE-2004-2003 | Vulnerability Database | Aqua Security

Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field.

Affected Software

Name	Vendor	Start Version	End Version
Delegate	Delegate	7.7.0 (including)	7.7.0 (including)
Delegate	Delegate	7.7.1 (including)	7.7.1 (including)
Delegate	Delegate	7.8.0 (including)	7.8.0 (including)
Delegate	Delegate	7.8.1 (including)	7.8.1 (including)
Delegate	Delegate	7.8.2 (including)	7.8.2 (including)
Delegate	Delegate	7.9.11 (including)	7.9.11 (including)
Delegate	Delegate	8.3.3 (including)	8.3.3 (including)
Delegate	Delegate	8.3.4 (including)	8.3.4 (including)
Delegate	Delegate	8.4.0 (including)	8.4.0 (including)
Delegate	Delegate	8.5.0 (including)	8.5.0 (including)
Delegate	Delegate	8.9 (including)	8.9 (including)
Delegate	Delegate	8.9.1 (including)	8.9.1 (including)
Delegate	Delegate	8.9.2 (including)	8.9.2 (including)

References

http://marc.info/?l=bugtraq\u0026m=108386181021070\u0026w=2
http://secunia.com/advisories/11569
http://www.osvdb.org/5945
http://www.securityfocus.com/bid/10295
https://exchange.xforce.ibmcloud.com/vulnerabilities/16078
http://marc.info/?l=bugtraq\u0026m=108386181021070\u0026w=2
http://secunia.com/advisories/11569
http://www.osvdb.org/5945
http://www.securityfocus.com/bid/10295
https://exchange.xforce.ibmcloud.com/vulnerabilities/16078

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-2003
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html