Executive Summary
Summary | |
---|---|
Title | New openssl packages fix multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-465 | First vendor Publication | 2004-03-17 |
Vendor | Debian | Last vendor Modification | 2004-03-17 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Two vulnerabilities were discovered in openssl, an implementation of the SSL protocol, using the Codenomicon TLS Test Tool. More information can be found in the following NISCC Vulnerability Advisory: http://www.uniras.gov.uk/vuls/2004/224012/index.htm and this OpenSSL advisory: http://www.openssl.org/news/secadv_20040317.txt - CAN-2004-0079 - null-pointer assignment in the do_change_cipher_spec() function. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that used the OpenSSL library in such a way as to cause OpenSSL to crash. Depending on the application this could lead to a denial of service. - CAN-2004-0081 - a bug in older versions of OpenSSL 0.9.6 that can lead to a Denial of Service attack (infinite loop). For the stable distribution (woody) these problems have been fixed in openssl version 0.9.6c-2.woody.6, openssl094 version 0.9.4-6.woody.4 and openssl095 version 0.9.5a-6.woody.5. For the unstable distribution (sid) these problems will be fixed soon. We recommend that you update your openssl package. |
Original Source
Url : http://www.debian.org/security/2004/dsa-465 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-476 | NULL Pointer Dereference |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11755 | |||
Oval ID: | oval:org.mitre.oval:def:11755 | ||
Title: | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | ||
Description: | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0081 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:2621 | |||
Oval ID: | oval:org.mitre.oval:def:2621 | ||
Title: | OpenSSL Denial of Service Vulnerabilities | ||
Description: | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0079 | Version: | 1 |
Platform(s): | Sun Solaris 8 | Product(s): | Sun Crypto Accelerator 4000 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5770 | |||
Oval ID: | oval:org.mitre.oval:def:5770 | ||
Title: | Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability | ||
Description: | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||
Family: | ios | Class: | vulnerability |
Reference(s): | CVE-2004-0079 | Version: | 3 |
Platform(s): | Cisco IOS | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:870 | |||
Oval ID: | oval:org.mitre.oval:def:870 | ||
Title: | Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service | ||
Description: | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0079 | Version: | 2 |
Platform(s): | Red Hat Enterprise Linux 3 | Product(s): | OpenSSL |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:871 | |||
Oval ID: | oval:org.mitre.oval:def:871 | ||
Title: | Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability | ||
Description: | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0081 | Version: | 2 |
Platform(s): | Red Hat Enterprise Linux 3 | Product(s): | OpenSSL |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:902 | |||
Oval ID: | oval:org.mitre.oval:def:902 | ||
Title: | Red Hat OpenSSL Improper Unknown Message Handling Vulnerability | ||
Description: | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0081 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | OpenSSL |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:975 | |||
Oval ID: | oval:org.mitre.oval:def:975 | ||
Title: | Red Hat OpenSSL do_change_cipher_spec Function Denial of Service | ||
Description: | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0079 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | OpenSSL |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9779 | |||
Oval ID: | oval:org.mitre.oval:def:9779 | ||
Title: | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||
Description: | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0079 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Hardware | 1 | |
Hardware | 2 | |
Hardware | 2 | |
Hardware | 2 | |
Hardware | 3 | |
Hardware |
| 5 |
Hardware | 1 | |
Hardware | 2 | |
Hardware | 1 | |
Os | 1 | |
Os | 1 | |
Os |
| 8 |
Os | 4 | |
Os | 2 | |
Os | 3 | |
Os | 1 | |
Os | 3 | |
Os | 2 |
OpenVAS Exploits
Date | Description |
---|---|
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-05-05 | Name : HP-UX Update for AAA Server HPSBUX01011 File : nvt/gb_hp_ux_HPSBUX01011.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200403-03 (OpenSSL) File : nvt/glsa_200403_03.nasl |
2008-09-04 | Name : FreeBSD Ports: openssl, openssl-beta File : nvt/freebsd_openssl.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-04:05.openssl.asc) File : nvt/freebsdsa_openssl1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 465-1 (openssl,openssl094,openssl095) File : nvt/deb_465_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2004-077-01 OpenSSL security update File : nvt/esoft_slk_ssa_2004_077_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
4318 | OpenSSL TLS Infinite Loop DoS OpenSSL contains a flaw that may allow a remote denial of service. The issue is triggered when unknown TLS message types are sent to it, which creates an infinite loop and will result in loss of availability for OpenSSL or the application using it. |
4317 | OpenSSL SSL/TLS Handshake Null Pointer DoS OpenSSL contains a flaw that may allow a remote denial of service. The issue is triggered when a null-pointer assignment in the do_change_cipher_spec() function is accessed via a carefully crafted SSL/TLS handshake. This might cause some applications that depend on OpenSSL to crash or otherwise lead to a denial of service, and will result in loss of availability for OpenSSL or the application that is depending on it. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-01-04 | Name : The remote server is vulnerable to a denial of service attack. File : openssl_0_9_6m_0_9_7d.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_68233cba777411d889ed0020ed76ef5a.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2005-830.nasl - Type : ACT_GATHER_INFO |
2005-11-04 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-830.nasl - Type : ACT_GATHER_INFO |
2005-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-829.nasl - Type : ACT_GATHER_INFO |
2005-11-02 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-1042.nasl - Type : ACT_GATHER_INFO |
2005-08-18 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2005-007.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2004-077-01.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30650.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30649.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30648.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30646.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30645.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30644.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30643.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30642.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30641.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30640.nasl - Type : ACT_GATHER_INFO |
2005-02-16 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30647.nasl - Type : ACT_GATHER_INFO |
2005-02-16 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_30639.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-465.nasl - Type : ACT_GATHER_INFO |
2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200403-03.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-023.nasl - Type : ACT_GATHER_INFO |
2004-07-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_007.nasl - Type : ACT_GATHER_INFO |
2004-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-095.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote host is missing a Mac OS X update that fixes a security issue. File : macosx_SecUpd20040503.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote host is using an unsupported version of Mac OS X. File : macosx_version.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-119.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-120.nasl - Type : ACT_GATHER_INFO |
2004-03-17 | Name : The remote service is prone to a denial of service attack. File : openssl_denial.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:33:10 |
|