Vulnerability Name:

CVE-2004-0081 (CCN-15509)

Assigned:2004-03-17
Published:2004-03-17
Updated:2021-11-08
Summary:OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: SCO Security Advisory SCOSA-2004.10.1
OpenSSL Multiple Vulnerabilities

Source: CCN
Type: SCO Security Advisory SCOSA-2004.10
OpenSSL Multiple Vulnerabilities

Source: SCO
Type: UNKNOWN
SCOSA-2004.10

Source: CCN
Type: SCO Security Advisory SCOSA-2005.7
OpenSSL Multiple Vulnerabilities

Source: SGI
Type: UNKNOWN
20040304-01-U

Source: MITRE
Type: CNA
CVE-2004-0081

Source: CCN
Type: CVS Web Interface Web site
openssl - Check-in [5721]

Source: CONECTIVA
Type: UNKNOWN
CLA-2004:834

Source: FEDORA
Type: UNKNOWN
FEDORA-2004-095

Source: BUGTRAQ
Type: UNKNOWN
20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]

Source: BUGTRAQ
Type: UNKNOWN
20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability

Source: CCN
Type: RHSA-2004-119
openssl security update

Source: REDHAT
Type: UNKNOWN
RHSA-2004:119

Source: CCN
Type: RHSA-2004-120
openssl security update

Source: CCN
Type: RHSA-2004-121
Updated OpenSSL packages fix vulnerabilities

Source: CCN
Type: VulnWatch Mailing List, Tue, 30 Sep 2003 14:52:07 +0000 (GMT)
Vulnerability Issues in OpenSSL

Source: CCN
Type: SA11139
OpenSSL SSL/TLS Handshake Denial of Service Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
11139

Source: GENTOO
Type: UNKNOWN
GLSA-200403-03

Source: SUNALERT
Type: UNKNOWN
57524

Source: CCN
Type: Sun Alert ID: 57524
Potential SSL Vulnerabilities in Sun Products

Source: CCN
Type: Sun Alert ID: 57571
Sun Crypto Accelerator 4000 v1.0 Software May be Susceptible to OpenSSL Security Vulnerabilities

Source: CCN
Type: cisco-sa-20040317-openssl
CIsco Security Advisory: Cisco OpenSSL Implementation Vulnerability

Source: CISCO
Type: UNKNOWN
20040317 Cisco OpenSSL Implementation Vulnerability

Source: DEBIAN
Type: UNKNOWN
DSA-465

Source: DEBIAN
Type: DSA-465
openssl -- several vulnerabilities

Source: CCN
Type: GLSA-200403-03
Multiple OpenSSL Vulnerabilities

Source: CCN
Type: US-CERT VU#465542
OpenSSL does not properly handle unknown message types

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#465542

Source: ENGARDE
Type: UNKNOWN
ESA-20040317-003

Source: CCN
Type: EnGarde Secure Linux Security Advisory ESA-20040317-003
openssl, openssl-misc

Source: CCN
Type: GLSA 200403-03
Multiple OpenSSL Vulnerabilities

Source: CCN
Type: Trustix Secure Linux Security Advisory #2004-0012
openssl

Source: CCN
Type: OpenSSL Security Advisory [17 March 2004]
Updated versions of OpenSSL are now available which correct two security issues:

Source: REDHAT
Type: UNKNOWN
RHSA-2004:120

Source: REDHAT
Type: UNKNOWN
RHSA-2004:121

Source: REDHAT
Type: UNKNOWN
RHSA-2004:139

Source: BID
Type: Vendor Advisory
9899

Source: CCN
Type: BID-9899
OpenSSL Denial of Service Vulnerabilities

Source: TRUSTIX
Type: UNKNOWN
2004-0012

Source: CCN
Type: TLSA-2004-9
Multiple vulnerabilities in openssl

Source: MISC
Type: UNKNOWN
http://www.uniras.gov.uk/vuls/2004/224012/index.htm

Source: CERT
Type: US Government Resource
TA04-078A

Source: XF
Type: UNKNOWN
openssl-tls-dos(15509)

Source: XF
Type: UNKNOWN
openssl-tls-dos(15509)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11755

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:871

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:902

Vulnerable Configuration:Configuration 1:
  • cpe:/h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:firewall_services_module:1.1_(3.005):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:firewall_services_module:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*
  • OR cpe:/h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*
  • OR cpe:/h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:firewall_services_module:2.1_(0.208):*:*:*:*:*:*:*
  • OR cpe:/h:hp:aaa_server:*:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:sg208:4.4:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:sg5:4.2:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:sg5:4.3:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:5.1:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:5.1:release:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:8.05:*:*:*:*:*:*:*
  • OR cpe:/o:openbsd:openbsd:3.3:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:sco:openserver:5.0.6:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:sg203:4.4:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:sg208:*:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.9:-:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.23:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:sg200:4.4:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:sg203:4.31.29:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.8:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
  • OR cpe:/h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:sg200:4.31.29:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:sg5:4.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:5.2:-:*:*:*:*:*:*
  • OR cpe:/o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
  • OR cpe:/o:sco:openserver:5.0.7:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:cisco:ios:12.1(11b)e14:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1(13)e9:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1(11b)e:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1(11b)e12:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2za:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1(11)e:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2(14)sy1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2sy:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1(19)e1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2(14)sy:*:*:*:*:*:*:*
  • AND
  • cpe:/a:4d:webstar:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:4d:webstar:5.2:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:vsu:5x:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*
  • OR cpe:/a:cisco:access_registrar:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:webns:6.10:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:webns:6.10_b4:*:*:*:*:*:*:*
  • OR cpe:/a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*
  • OR cpe:/a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:novell:edirectory:8.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:novell:edirectory:8.7:*:*:*:*:*:*:*
  • OR cpe:/a:novell:edirectory:8.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:4d:webstar:5.3:*:*:*:*:*:*:*
  • OR cpe:/a:4d:webstar:5.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:intuity_audix:*:*:lx:*:*:*:*:*
  • OR cpe:/a:avaya:vsu:5:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:vsu:500:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:threat_response:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*
  • OR cpe:/a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*
  • OR cpe:/a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*
  • OR cpe:/a:novell:edirectory:8.5.27:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*
  • OR cpe:/a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*
  • OR cpe:/a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*
  • OR cpe:/a:sgi:propack:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*
  • OR cpe:/h:bluecoat:proxysg:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:call_manager:*:*:*:*:*:*:*:*
  • OR cpe:/h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*
  • OR cpe:/h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.0(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.1(2):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.1(3):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.2(3.100):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*
  • OR cpe:/a:4d:webstar:5.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:4d:webstar:5.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*
  • OR cpe:/a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:vpn-1:next_generation:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:webns:7.10:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*
  • OR cpe:/a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*
  • OR cpe:/a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*
  • OR cpe:/a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*
  • OR cpe:/h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*
  • OR cpe:/h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.0(2):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.0(3):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.1(4):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.1(5):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.3(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.3(2):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.3(3.102):*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:novell:edirectory:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:novell:edirectory:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:novell:imanager:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*
  • OR cpe:/a:sgi:propack:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:sgi:propack:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:gsx_server:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*
  • OR cpe:/h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*
  • OR cpe:/o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*
  • OR cpe:/o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.1(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.2(2):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.2(3):*:*:*:*:*:*:*
  • OR cpe:/a:4d:webstar:5.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:4d:webstar:5.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*
  • OR cpe:/a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*
  • OR cpe:/a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*
  • OR cpe:/a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*
  • OR cpe:/a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*
  • OR cpe:/a:novell:imanager:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
  • OR cpe:/a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*
  • OR cpe:/a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*
  • OR cpe:/a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:mds_9000:*:*:*:*:*:*:*:*
  • OR cpe:/h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*
  • OR cpe:/h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*
  • OR cpe:/h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.0(4):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.0(4.101):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.2(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:pix_firewall_software:6.3(3.109):*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*
  • AND
  • cpe:/o:sun:solaris:8::sparc:*:*:*:*:*
  • OR cpe:/o:engardelinux:secure_community:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:6.5:*:*:*:server:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux_server:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:6.0:*:*:*:workstation:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:engardelinux:secure_community:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:11755
    V
    		OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
    2013-04-29
    oval:org.mitre.oval:def:871
    V
    		Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability
    2007-04-25
    oval:org.mitre.oval:def:902
    V
    		Red Hat OpenSSL Improper Unknown Message Handling Vulnerability
    2007-04-25
    oval:com.redhat.rhsa:def:20040120
    P
    		RHSA-2004:120: openssl security update (Important)
    2004-05-21
    oval:org.debian:def:465
    V
    		several vulnerabilities
    2004-03-17
    BACK
    cisco firewall services module 1.1.3
    cisco firewall services module 1.1_(3.005)
    cisco firewall services module *
    cisco firewall services module 1.1.2
    symantec clientless vpn gateway 4400 5.0
    hp apache-based web server 2.0.43.00
    hp apache-based web server 2.0.43.04
    cisco firewall services module 2.1_(0.208)
    hp aaa server *
    cisco ciscoworks common management foundation 2.1
    cisco ciscoworks common services 2.2
    avaya sg208 4.4
    avaya sg5 4.2
    avaya sg5 4.3
    freebsd freebsd 5.1
    freebsd freebsd 5.1 release
    hp hp-ux 8.05
    openbsd openbsd 3.3
    redhat linux 8.0
    sco openserver 5.0.6
    avaya sg203 4.4
    avaya sg208 *
    freebsd freebsd 4.8 releng
    freebsd freebsd 4.9
    hp hp-ux 11.11
    hp hp-ux 11.23
    redhat enterprise linux desktop 3.0
    redhat linux 7.2
    redhat linux 7.3
    avaya sg200 4.4
    avaya sg203 4.31.29
    apple mac os x server 10.3.3
    freebsd freebsd 4.8
    freebsd freebsd 5.2.1 release
    hp hp-ux 11.00
    redhat enterprise linux 3.0
    redhat enterprise linux 3.0
    avaya converged communications server 2.0
    avaya sg200 4.31.29
    avaya sg5 4.4
    apple mac os x 10.3.3
    freebsd freebsd 5.1 releng
    freebsd freebsd 5.2
    openbsd openbsd 3.4
    redhat enterprise linux 3.0
    sco openserver 5.0.7
    cisco ios 12.1(11b)e14
    cisco ios 12.1(13)e9
    cisco ios 12.1(11b)e
    cisco ios 12.1(11b)e12
    cisco ios 12.2za
    cisco ios 12.1(11)e
    cisco ios 12.2(14)sy1
    cisco ios 12.2sy
    cisco ios 12.1(19)e1
    cisco ios 12.2(14)sy
    4d webstar 4.0
    4d webstar 5.2
    avaya intuity audix 5.1.46
    avaya intuity audix s3210
    avaya vsu 5000_r2.0.1
    avaya vsu 5x
    checkpoint provider-1 4.1
    checkpoint provider-1 4.1 sp1
    cisco access registrar *
    cisco application and content networking software *
    cisco webns 6.10
    cisco webns 6.10_b4
    hp wbem a.02.00.00
    hp wbem a.02.00.01
    lite speed technologies litespeed web server 1.2_rc1
    lite speed technologies litespeed web server 1.2_rc2
    neoteris instant virtual extranet 3.1
    neoteris instant virtual extranet 3.2
    novell edirectory 8.6.2
    novell edirectory 8.7
    novell edirectory 8.7.1
    4d webstar 5.3
    4d webstar 5.3.1
    avaya intuity audix *
    avaya vsu 5
    avaya vsu 500
    checkpoint firewall-1 next_generation_fp1
    checkpoint firewall-1 next_generation_fp2
    checkpoint vpn-1 next_generation_fp1
    checkpoint vpn-1 vsx_ng_with_application_intelligence
    cisco pix firewall 6.2.2_.111
    cisco threat response *
    cisco webns 7.2_0.0.03
    hp wbem a.01.05.08
    lite speed technologies litespeed web server 1.2.1
    lite speed technologies litespeed web server 1.2.2
    lite speed technologies litespeed web server 1.3_rc3
    neoteris instant virtual extranet 3.0
    novell edirectory 8.5.12a
    novell edirectory 8.5.27
    openssl openssl 0.9.6d
    openssl openssl 0.9.6e
    openssl openssl 0.9.7
    openssl openssl 0.9.7 beta1
    redhat openssl 0.9.6b-3
    redhat openssl 0.9.7a-2
    sgi propack 3.0
    stonesoft servercluster 2.5
    stonesoft stonebeat securitycluster 2.0
    stonesoft stonebeat securitycluster 2.5
    stonesoft stonegate 1.7
    stonesoft stonegate 1.7.1
    stonesoft stonegate 1.7.2
    stonesoft stonegate 2.0.9
    stonesoft stonegate 2.1
    stonesoft stonegate vpn client 2.0.7
    stonesoft stonegate vpn client 2.0.8
    vmware gsx server 2.5.1_build_5336
    vmware gsx server 3.0_build_7592
    bluecoat proxysg *
    cisco call manager *
    securecomputing sidewinder 5.2.0.01
    securecomputing sidewinder 5.2.0.02
    cisco pix firewall software 6.0
    cisco pix firewall software 6.0(1)
    cisco pix firewall software 6.1(2)
    cisco pix firewall software 6.1(3)
    cisco pix firewall software 6.2(3.100)
    cisco pix firewall software 6.3
    4d webstar 5.2.3
    4d webstar 5.2.4
    avaya vsu 10000_r2.0.1
    avaya vsu 2000_r2.0.1
    checkpoint firewall-1 2.0
    checkpoint firewall-1 next_generation_fp0
    checkpoint provider-1 4.1 sp4
    checkpoint vpn-1 next_generation
    checkpoint vpn-1 next_generation_fp0
    cisco css11000 content services switch *
    cisco okena stormwatch 3.2
    cisco webns 7.10
    cisco webns 7.10_.0.06s
    lite speed technologies litespeed web server 1.1
    lite speed technologies litespeed web server 1.1.1
    lite speed technologies litespeed web server 1.3_rc1
    openssl openssl 0.9.6f
    openssl openssl 0.9.6g
    openssl openssl 0.9.7 beta2
    openssl openssl 0.9.7 beta3
    redhat openssl 0.9.7a-2
    redhat openssl 0.9.7a-2
    dell bsafe ssl-j 3.0
    stonesoft servercluster 2.5.2
    stonesoft stonebeat fullcluster 1_2.0
    stonesoft stonebeat webcluster 2.0
    stonesoft stonebeat webcluster 2.5
    stonesoft stonegate 2.0.1
    stonesoft stonegate 2.0.4
    stonesoft stonegate 2.2
    stonesoft stonegate 2.2.1
    stonesoft stonegate vpn client 2.0.9
    tarantella tarantella enterprise 3.20
    avaya s8300 r2.0.0
    avaya s8300 r2.0.1
    cisco content services switch 11500 *
    cisco gss 4480 global site selector *
    securecomputing sidewinder 5.2.0.03
    securecomputing sidewinder 5.2.0.04
    cisco pix firewall software 6.0(2)
    cisco pix firewall software 6.0(3)
    cisco pix firewall software 6.1(4)
    cisco pix firewall software 6.1(5)
    cisco pix firewall software 6.3(1)
    cisco pix firewall software 6.3(2)
    cisco pix firewall software 6.3(3.102)
    lite speed technologies litespeed web server 1.3_rc2
    novell edirectory 8.0
    novell edirectory 8.5
    novell imanager 2.0
    openssl openssl 0.9.6c
    openssl openssl 0.9.6j
    openssl openssl 0.9.6k
    openssl openssl 0.9.7c
    redhat openssl 0.9.6-15
    sgi propack 2.3
    sgi propack 2.4
    stonesoft stonebeat fullcluster 2.5
    stonesoft stonebeat fullcluster 3.0
    stonesoft stonegate 1.6.2
    stonesoft stonegate 1.6.3
    stonesoft stonegate 2.0.7
    stonesoft stonegate 2.0.8
    stonesoft stonegate vpn client 1.7.2
    stonesoft stonegate vpn client 2.0
    vmware gsx server 2.0
    vmware gsx server 2.0.1_build_2129
    vmware gsx server 2.5.1
    avaya s8700 r2.0.0
    avaya s8700 r2.0.1
    cisco secure content accelerator 10000
    securecomputing sidewinder 5.2
    bluecoat cacheos ca sa 4.1.10
    bluecoat cacheos ca sa 4.1.12
    cisco pix firewall software 6.1
    cisco pix firewall software 6.1(1)
    cisco pix firewall software 6.2(2)
    cisco pix firewall software 6.2(3)
    4d webstar 5.2.1
    4d webstar 5.2.2
    avaya intuity audix s3400
    avaya vsu 100_r2.0.1
    avaya vsu 7500_r2.0.1
    checkpoint firewall-1 *
    checkpoint provider-1 4.1 sp2
    checkpoint provider-1 4.1 sp3
    cisco css secure content accelerator 1.0
    cisco css secure content accelerator 2.0
    cisco webns 7.1_0.1.02
    cisco webns 7.1_0.2.06
    lite speed technologies litespeed web server 1.0.1
    lite speed technologies litespeed web server 1.0.2
    lite speed technologies litespeed web server 1.0.3
    lite speed technologies litespeed web server 1.3
    lite speed technologies litespeed web server 1.3.1
    neoteris instant virtual extranet 3.3
    neoteris instant virtual extranet 3.3.1
    novell edirectory 8.7.1 sp1
    novell imanager 1.5
    openssl openssl 0.9.6h
    openssl openssl 0.9.6i
    openssl openssl 0.9.7a
    openssl openssl 0.9.7b
    dell bsafe ssl-j 3.0.1
    dell bsafe ssl-j 3.1
    stonesoft stonebeat fullcluster 1_3.0
    stonesoft stonebeat fullcluster 2.0
    stonesoft stonegate 1.5.17
    stonesoft stonegate 1.5.18
    stonesoft stonegate 2.0.5
    stonesoft stonegate 2.0.6
    stonesoft stonegate 2.2.4
    stonesoft stonegate vpn client 1.7
    tarantella tarantella enterprise 3.30
    tarantella tarantella enterprise 3.40
    avaya s8500 r2.0.0
    avaya s8500 r2.0.1
    cisco gss 4490 global site selector *
    cisco mds 9000 *
    securecomputing sidewinder 5.2.1
    securecomputing sidewinder 5.2.1.02
    sun crypto accelerator 4000 1.0
    cisco pix firewall software 6.0(4)
    cisco pix firewall software 6.0(4.101)
    cisco pix firewall software 6.2
    cisco pix firewall software 6.2(1)
    cisco pix firewall software 6.3(3.109)
    openssl openssl 0.9.7a
    openssl openssl 0.9.6i
    openssl openssl 0.9.6k
    openssl openssl 0.9.7b
    openssl openssl 0.9.7c
    openssl openssl 0.9.6c
    openssl openssl 0.9.6d
    openssl openssl 0.9.6e
    openssl openssl 0.9.6f
    openssl openssl 0.9.6g
    openssl openssl 0.9.6h
    openssl openssl 0.9.6j
    openssl openssl 0.9.6l
    sun solaris 8
    engardelinux secure community 1.0.1
    turbolinux turbolinux server 6.5
    trustix secure linux 1.5
    conectiva linux 8.0
    sun solaris 9
    debian debian linux 3.0
    gentoo linux *
    turbolinux turbolinux server 6.1
    turbolinux turbolinux workstation 6.0
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat linux 9.0
    conectiva linux 9.0
    trustix secure linux 2.0
    engardelinux secure community 2.0
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    trustix secure linux 2.1
    redhat enterprise linux 3
    redhat linux advanced workstation 2.1