CVE-2004-0079
CVE-2004-0079
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.ascftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.ascftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txthttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834http://docs.info.apple.com/article.html?artnum=61798http://fedoranews.org/updates/FEDORA-2004-095.shtmlhttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/mhonarc/security-announce/msg00045.htmlhttp://marc.info/?l=bugtraq&m=107953412903636&w=2http://marc.info/?l=bugtraq&m=108403806509920&w=2http://secunia.com/advisories/11139