Search

Find a vulnerability

Search criteria

    20 vulnerabilities found for mds_9000 by cisco

    CVE-2015-6277 (GCVE-0-2015-6277)

    Vulnerability from nvd – Published: 2015-09-02 16:00 – Updated: 2024-08-06 07:15
    VLAI
    Summary
    The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1033443 vdb-entryx_refsource_SECTRACK
    http://tools.cisco.com/security/center/viewAlert.… vendor-advisoryx_refsource_CISCO
    Date Public
    2015-09-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T07:15:13.302Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1033443",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1033443"
              },
              {
                "name": "20150901 Cisco NX-OS Malformed ARP Header Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-09-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-19T09:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "1033443",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1033443"
            },
            {
              "name": "20150901 Cisco NX-OS Malformed ARP Header Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2015-6277",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1033443",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1033443"
                },
                {
                  "name": "20150901 Cisco NX-OS Malformed ARP Header Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2015-6277",
        "datePublished": "2015-09-02T16:00:00.000Z",
        "dateReserved": "2015-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T07:15:13.302Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2201 (GCVE-0-2014-2201)

    Vulnerability from nvd – Published: 2014-05-24 01:00 – Updated: 2024-08-06 10:06
    VLAI
    Summary
    The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Date Public
    2014-05-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:06:00.199Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20140521 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-05-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-05-24T01:57:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20140521 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2014-2201",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20140521 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2014-2201",
        "datePublished": "2014-05-24T01:00:00.000Z",
        "dateReserved": "2014-02-25T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:06:00.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1192 (GCVE-0-2013-1192)

    Vulnerability from nvd – Published: 2013-04-25 10:00 – Updated: 2024-09-16 20:22
    VLAI
    Summary
    The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:57:03.530Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130424 Cisco Device Manager Command Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-fmdm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-04-25T10:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130424 Cisco Device Manager Command Execution Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-fmdm"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-1192",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130424 Cisco Device Manager Command Execution Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-fmdm"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-1192",
        "datePublished": "2013-04-25T10:00:00.000Z",
        "dateReserved": "2013-01-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:22:27.150Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1180 (GCVE-0-2013-1180)

    Vulnerability from nvd – Published: 2013-04-25 10:00 – Updated: 2024-09-16 22:19
    VLAI
    Summary
    Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:49:20.937Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-04-25T10:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-1180",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-1180",
        "datePublished": "2013-04-25T10:00:00.000Z",
        "dateReserved": "2013-01-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:19:44.167Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1179 (GCVE-0-2013-1179)

    Vulnerability from nvd – Published: 2013-04-25 10:00 – Updated: 2024-09-16 19:51
    VLAI
    Summary
    Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:49:20.699Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-04-25T10:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-1179",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-1179",
        "datePublished": "2013-04-25T10:00:00.000Z",
        "dateReserved": "2013-01-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:51:24.503Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1178 (GCVE-0-2013-1178)

    Vulnerability from nvd – Published: 2013-04-25 10:00 – Updated: 2024-09-17 00:17
    VLAI
    Summary
    Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:49:20.703Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-04-25T10:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-1178",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-1178",
        "datePublished": "2013-04-25T10:00:00.000Z",
        "dateReserved": "2013-01-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:17:30.568Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3669 (GCVE-0-2005-3669)

    Vulnerability from nvd – Published: 2005-11-18 21:00 – Updated: 2024-08-07 23:17
    VLAI
    Summary
    Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015200 vdb-entryx_refsource_SECTRACK
    http://securitytracker.com/id?1015202 vdb-entryx_refsource_SECTRACK
    http://www.niscc.gov.uk/niscc/docs/br-20051114-01… x_refsource_MISC
    http://jvn.jp/niscc/NISCC-273756/index.html x_refsource_MISC
    http://securitytracker.com/id?1015201 vdb-entryx_refsource_SECTRACK
    http://www.ee.oulu.fi/research/ouspg/protos/testi… x_refsource_MISC
    http://www.securityfocus.com/bid/15401 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/226364 third-party-advisoryx_refsource_CERT-VN
    http://securitytracker.com/id?1015199 vdb-entryx_refsource_SECTRACK
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://securitytracker.com/id?1015198 vdb-entryx_refsource_SECTRACK
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://secunia.com/advisories/17553 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-11-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:23.435Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015200",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015200"
              },
              {
                "name": "1015202",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015202"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
              },
              {
                "name": "1015201",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015201"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
              },
              {
                "name": "15401",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15401"
              },
              {
                "name": "VU#226364",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/226364"
              },
              {
                "name": "1015199",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015199"
              },
              {
                "name": "oval:org.mitre.oval:def:5226",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5226"
              },
              {
                "name": "1015198",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015198"
              },
              {
                "name": "20051114 Multiple Vulnerabilities Found by PROTOS IPSec Test Suite",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
              },
              {
                "name": "17553",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17553"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015200",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015200"
            },
            {
              "name": "1015202",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015202"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
            },
            {
              "name": "1015201",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015201"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
            },
            {
              "name": "15401",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15401"
            },
            {
              "name": "VU#226364",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/226364"
            },
            {
              "name": "1015199",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015199"
            },
            {
              "name": "oval:org.mitre.oval:def:5226",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5226"
            },
            {
              "name": "1015198",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015198"
            },
            {
              "name": "20051114 Multiple Vulnerabilities Found by PROTOS IPSec Test Suite",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
            },
            {
              "name": "17553",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17553"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3669",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015200",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015200"
                },
                {
                  "name": "1015202",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015202"
                },
                {
                  "name": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en",
                  "refsource": "MISC",
                  "url": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en"
                },
                {
                  "name": "http://jvn.jp/niscc/NISCC-273756/index.html",
                  "refsource": "MISC",
                  "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
                },
                {
                  "name": "1015201",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015201"
                },
                {
                  "name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/",
                  "refsource": "MISC",
                  "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
                },
                {
                  "name": "15401",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15401"
                },
                {
                  "name": "VU#226364",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/226364"
                },
                {
                  "name": "1015199",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015199"
                },
                {
                  "name": "oval:org.mitre.oval:def:5226",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5226"
                },
                {
                  "name": "1015198",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015198"
                },
                {
                  "name": "20051114 Multiple Vulnerabilities Found by PROTOS IPSec Test Suite",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
                },
                {
                  "name": "17553",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17553"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3669",
        "datePublished": "2005-11-18T21:00:00.000Z",
        "dateReserved": "2005-11-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:17:23.435Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0112 (GCVE-0-2004-0112)

    Vulnerability from nvd – Published: 2004-03-18 05:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/9899 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=108403806509920&w=2 vendor-advisoryx_refsource_HP
    http://www.redhat.com/support/errata/RHSA-2004-121.html vendor-advisoryx_refsource_REDHAT
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20… vendor-advisoryx_refsource_SCO
    http://www.uniras.gov.uk/vuls/2004/224012/index.htm x_refsource_MISC
    http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=f… vendor-advisoryx_refsource_SUNALERT
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://lists.apple.com/mhonarc/security-announce/… x_refsource_CONFIRM
    http://www.openssl.org/news/secadv_20040317.txt x_refsource_CONFIRM
    ftp://ftp.netbsd.org/pub/NetBSD/security/advisori… vendor-advisoryx_refsource_NETBSD
    http://www.ciac.org/ciac/bulletins/o-101.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    http://www.us-cert.gov/cas/techalerts/TA04-078A.html third-party-advisoryx_refsource_CERT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/484726 third-party-advisoryx_refsource_CERT-VN
    http://security.gentoo.org/glsa/glsa-200403-03.xml vendor-advisoryx_refsource_GENTOO
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/11139 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2004-120.html vendor-advisoryx_refsource_REDHAT
    http://marc.info/?l=bugtraq&m=107953412903636&w=2 mailing-listx_refsource_BUGTRAQ
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://www.slackware.org/security/viewer.php?l=sl… vendor-advisoryx_refsource_SLACKWARE
    http://www.trustix.org/errata/2004/0012 vendor-advisoryx_refsource_TRUSTIX
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://docs.info.apple.com/article.html?artnum=61798 x_refsource_CONFIRM
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    Date Public
    2004-03-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.359Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "9899",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9899"
              },
              {
                "name": "SSRT4717",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
              },
              {
                "name": "RHSA-2004:121",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
              },
              {
                "name": "MDKSA-2004:023",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
              },
              {
                "name": "CLA-2004:834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
              },
              {
                "name": "SCOSA-2004.10",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
              },
              {
                "name": "57524",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
              },
              {
                "name": "SuSE-SA:2004:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.openssl.org/news/secadv_20040317.txt"
              },
              {
                "name": "NetBSD-SA2004-005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
              },
              {
                "name": "O-101",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
              },
              {
                "name": "TA04-078A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
              },
              {
                "name": "oval:org.mitre.oval:def:1049",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
              },
              {
                "name": "openssl-kerberos-ciphersuites-dos(15508)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
              },
              {
                "name": "VU#484726",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/484726"
              },
              {
                "name": "GLSA-200403-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
              },
              {
                "name": "oval:org.mitre.oval:def:9580",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
              },
              {
                "name": "11139",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11139"
              },
              {
                "name": "RHSA-2004:120",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
              },
              {
                "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
              },
              {
                "name": "APPLE-SA-2005-08-15",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
              },
              {
                "name": "SSA:2004-077",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
              },
              {
                "name": "2004-0012",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TRUSTIX",
                  "x_transferred"
                ],
                "url": "http://www.trustix.org/errata/2004/0012"
              },
              {
                "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://docs.info.apple.com/article.html?artnum=61798"
              },
              {
                "name": "APPLE-SA-2005-08-17",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
              },
              {
                "name": "oval:org.mitre.oval:def:928",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "9899",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9899"
            },
            {
              "name": "SSRT4717",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
            },
            {
              "name": "RHSA-2004:121",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
            },
            {
              "name": "MDKSA-2004:023",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
            },
            {
              "name": "CLA-2004:834",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
            },
            {
              "name": "SCOSA-2004.10",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
            },
            {
              "name": "57524",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
            },
            {
              "name": "SuSE-SA:2004:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.openssl.org/news/secadv_20040317.txt"
            },
            {
              "name": "NetBSD-SA2004-005",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
            },
            {
              "name": "O-101",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
            },
            {
              "name": "TA04-078A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:1049",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
            },
            {
              "name": "openssl-kerberos-ciphersuites-dos(15508)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
            },
            {
              "name": "VU#484726",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/484726"
            },
            {
              "name": "GLSA-200403-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:9580",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
            },
            {
              "name": "11139",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11139"
            },
            {
              "name": "RHSA-2004:120",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
            },
            {
              "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
            },
            {
              "name": "APPLE-SA-2005-08-15",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
            },
            {
              "name": "SSA:2004-077",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
            },
            {
              "name": "2004-0012",
              "tags": [
                "vendor-advisory",
                "x_refsource_TRUSTIX"
              ],
              "url": "http://www.trustix.org/errata/2004/0012"
            },
            {
              "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://docs.info.apple.com/article.html?artnum=61798"
            },
            {
              "name": "APPLE-SA-2005-08-17",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
            },
            {
              "name": "oval:org.mitre.oval:def:928",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0112",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "9899",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9899"
                },
                {
                  "name": "SSRT4717",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
                },
                {
                  "name": "RHSA-2004:121",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
                },
                {
                  "name": "MDKSA-2004:023",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
                },
                {
                  "name": "CLA-2004:834",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
                },
                {
                  "name": "SCOSA-2004.10",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
                },
                {
                  "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
                  "refsource": "MISC",
                  "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
                },
                {
                  "name": "57524",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
                },
                {
                  "name": "SuSE-SA:2004:007",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
                },
                {
                  "name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html",
                  "refsource": "CONFIRM",
                  "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
                },
                {
                  "name": "http://www.openssl.org/news/secadv_20040317.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.openssl.org/news/secadv_20040317.txt"
                },
                {
                  "name": "NetBSD-SA2004-005",
                  "refsource": "NETBSD",
                  "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
                },
                {
                  "name": "O-101",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
                },
                {
                  "name": "TA04-078A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:1049",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
                },
                {
                  "name": "openssl-kerberos-ciphersuites-dos(15508)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
                },
                {
                  "name": "VU#484726",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/484726"
                },
                {
                  "name": "GLSA-200403-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
                },
                {
                  "name": "oval:org.mitre.oval:def:9580",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
                },
                {
                  "name": "11139",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11139"
                },
                {
                  "name": "RHSA-2004:120",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
                },
                {
                  "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
                },
                {
                  "name": "APPLE-SA-2005-08-15",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
                },
                {
                  "name": "SSA:2004-077",
                  "refsource": "SLACKWARE",
                  "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
                },
                {
                  "name": "2004-0012",
                  "refsource": "TRUSTIX",
                  "url": "http://www.trustix.org/errata/2004/0012"
                },
                {
                  "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
                },
                {
                  "name": "http://docs.info.apple.com/article.html?artnum=61798",
                  "refsource": "CONFIRM",
                  "url": "http://docs.info.apple.com/article.html?artnum=61798"
                },
                {
                  "name": "APPLE-SA-2005-08-17",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:928",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0112",
        "datePublished": "2004-03-18T05:00:00.000Z",
        "dateReserved": "2004-02-02T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.359Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0081 (GCVE-0-2004-0081)

    Vulnerability from nvd – Published: 2004-03-18 05:00 – Updated: 2024-08-08 00:01
    VLAI
    Summary
    OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/9899 vdb-entryx_refsource_BID
    http://www.linuxsecurity.com/advisories/engarde_a… vendor-advisoryx_refsource_ENGARDE
    http://marc.info/?l=bugtraq&m=107955049331965&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.redhat.com/support/errata/RHSA-2004-121.html vendor-advisoryx_refsource_REDHAT
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20… vendor-advisoryx_refsource_SCO
    ftp://patches.sgi.com/support/free/security/advis… vendor-advisoryx_refsource_SGI
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.uniras.gov.uk/vuls/2004/224012/index.htm x_refsource_MISC
    http://fedoranews.org/updates/FEDORA-2004-095.shtml vendor-advisoryx_refsource_FEDORA
    http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=f… vendor-advisoryx_refsource_SUNALERT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.kb.cert.org/vuls/id/465542 third-party-advisoryx_refsource_CERT-VN
    http://www.us-cert.gov/cas/techalerts/TA04-078A.html third-party-advisoryx_refsource_CERT
    http://security.gentoo.org/glsa/glsa-200403-03.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/11139 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2004-120.html vendor-advisoryx_refsource_REDHAT
    http://rhn.redhat.com/errata/RHSA-2004-119.html vendor-advisoryx_refsource_REDHAT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2004-139.html vendor-advisoryx_refsource_REDHAT
    http://www.trustix.org/errata/2004/0012 vendor-advisoryx_refsource_TRUSTIX
    http://marc.info/?l=bugtraq&m=108403850228012&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://www.debian.org/security/2004/dsa-465 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2004-03-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:01:23.650Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "9899",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9899"
              },
              {
                "name": "ESA-20040317-003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_ENGARDE",
                  "x_transferred"
                ],
                "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
              },
              {
                "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17  March 2004]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
              },
              {
                "name": "RHSA-2004:121",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
              },
              {
                "name": "CLA-2004:834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
              },
              {
                "name": "SCOSA-2004.10",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
              },
              {
                "name": "20040304-01-U",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SGI",
                  "x_transferred"
                ],
                "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
              },
              {
                "name": "openssl-tls-dos(15509)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
              },
              {
                "name": "FEDORA-2004-095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
              },
              {
                "name": "57524",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
              },
              {
                "name": "oval:org.mitre.oval:def:871",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
              },
              {
                "name": "oval:org.mitre.oval:def:11755",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
              },
              {
                "name": "VU#465542",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/465542"
              },
              {
                "name": "TA04-078A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
              },
              {
                "name": "GLSA-200403-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
              },
              {
                "name": "11139",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11139"
              },
              {
                "name": "RHSA-2004:120",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
              },
              {
                "name": "RHSA-2004:119",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
              },
              {
                "name": "oval:org.mitre.oval:def:902",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
              },
              {
                "name": "RHSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
              },
              {
                "name": "2004-0012",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TRUSTIX",
                  "x_transferred"
                ],
                "url": "http://www.trustix.org/errata/2004/0012"
              },
              {
                "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
              },
              {
                "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
              },
              {
                "name": "DSA-465",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-465"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "9899",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9899"
            },
            {
              "name": "ESA-20040317-003",
              "tags": [
                "vendor-advisory",
                "x_refsource_ENGARDE"
              ],
              "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
            },
            {
              "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17  March 2004]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
            },
            {
              "name": "RHSA-2004:121",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
            },
            {
              "name": "CLA-2004:834",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
            },
            {
              "name": "SCOSA-2004.10",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
            },
            {
              "name": "20040304-01-U",
              "tags": [
                "vendor-advisory",
                "x_refsource_SGI"
              ],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
            },
            {
              "name": "openssl-tls-dos(15509)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
            },
            {
              "name": "FEDORA-2004-095",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
            },
            {
              "name": "57524",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
            },
            {
              "name": "oval:org.mitre.oval:def:871",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
            },
            {
              "name": "oval:org.mitre.oval:def:11755",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
            },
            {
              "name": "VU#465542",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/465542"
            },
            {
              "name": "TA04-078A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
            },
            {
              "name": "GLSA-200403-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
            },
            {
              "name": "11139",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11139"
            },
            {
              "name": "RHSA-2004:120",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
            },
            {
              "name": "RHSA-2004:119",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
            },
            {
              "name": "oval:org.mitre.oval:def:902",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
            },
            {
              "name": "RHSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
            },
            {
              "name": "2004-0012",
              "tags": [
                "vendor-advisory",
                "x_refsource_TRUSTIX"
              ],
              "url": "http://www.trustix.org/errata/2004/0012"
            },
            {
              "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
            },
            {
              "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
            },
            {
              "name": "DSA-465",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-465"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0081",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "9899",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9899"
                },
                {
                  "name": "ESA-20040317-003",
                  "refsource": "ENGARDE",
                  "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
                },
                {
                  "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17  March 2004]",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
                },
                {
                  "name": "RHSA-2004:121",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
                },
                {
                  "name": "CLA-2004:834",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
                },
                {
                  "name": "SCOSA-2004.10",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
                },
                {
                  "name": "20040304-01-U",
                  "refsource": "SGI",
                  "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
                },
                {
                  "name": "openssl-tls-dos(15509)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
                },
                {
                  "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
                  "refsource": "MISC",
                  "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
                },
                {
                  "name": "FEDORA-2004-095",
                  "refsource": "FEDORA",
                  "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
                },
                {
                  "name": "57524",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
                },
                {
                  "name": "oval:org.mitre.oval:def:871",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
                },
                {
                  "name": "oval:org.mitre.oval:def:11755",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
                },
                {
                  "name": "VU#465542",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/465542"
                },
                {
                  "name": "TA04-078A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
                },
                {
                  "name": "GLSA-200403-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
                },
                {
                  "name": "11139",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11139"
                },
                {
                  "name": "RHSA-2004:120",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
                },
                {
                  "name": "RHSA-2004:119",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:902",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
                },
                {
                  "name": "RHSA-2004:139",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
                },
                {
                  "name": "2004-0012",
                  "refsource": "TRUSTIX",
                  "url": "http://www.trustix.org/errata/2004/0012"
                },
                {
                  "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
                },
                {
                  "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
                },
                {
                  "name": "DSA-465",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-465"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0081",
        "datePublished": "2004-03-18T05:00:00.000Z",
        "dateReserved": "2004-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:01:23.650Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0079 (GCVE-0-2004-0079)

    Vulnerability from nvd – Published: 2004-03-18 05:00 – Updated: 2025-01-16 17:33
    VLAI
    Summary
    The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/9899 vdb-entryx_refsource_BID
    http://www.redhat.com/archives/fedora-announce-li… vendor-advisoryx_refsource_FEDORA
    http://www.linuxsecurity.com/advisories/engarde_a… vendor-advisoryx_refsource_ENGARDE
    http://marc.info/?l=bugtraq&m=108403806509920&w=2 vendor-advisoryx_refsource_HP
    http://www.redhat.com/support/errata/RHSA-2004-121.html vendor-advisoryx_refsource_REDHAT
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20… vendor-advisoryx_refsource_SCO
    http://secunia.com/advisories/17381 third-party-advisoryx_refsource_SECUNIA
    http://www.uniras.gov.uk/vuls/2004/224012/index.htm x_refsource_MISC
    http://fedoranews.org/updates/FEDORA-2004-095.shtml vendor-advisoryx_refsource_FEDORA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=f… vendor-advisoryx_refsource_SUNALERT
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://lists.apple.com/mhonarc/security-announce/… x_refsource_CONFIRM
    http://www.openssl.org/news/secadv_20040317.txt x_refsource_CONFIRM
    ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories… vendor-advisoryx_refsource_FREEBSD
    ftp://ftp.netbsd.org/pub/NetBSD/security/advisori… vendor-advisoryx_refsource_NETBSD
    http://www.ciac.org/ciac/bulletins/o-101.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    http://www.us-cert.gov/cas/techalerts/TA04-078A.html third-party-advisoryx_refsource_CERT
    http://secunia.com/advisories/17401 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-829.html vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2005-830.html vendor-advisoryx_refsource_REDHAT
    http://security.gentoo.org/glsa/glsa-200403-03.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/11139 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2004-120.html vendor-advisoryx_refsource_REDHAT
    http://marc.info/?l=bugtraq&m=107953412903636&w=2 mailing-listx_refsource_BUGTRAQ
    http://support.lexmark.com/index?page=content&id=… x_refsource_CONFIRM
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://secunia.com/advisories/17398 third-party-advisoryx_refsource_SECUNIA
    http://www.slackware.org/security/viewer.php?l=sl… vendor-advisoryx_refsource_SLACKWARE
    http://www.redhat.com/support/errata/RHSA-2004-139.html vendor-advisoryx_refsource_REDHAT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.trustix.org/errata/2004/0012 vendor-advisoryx_refsource_TRUSTIX
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://docs.info.apple.com/article.html?artnum=61798 x_refsource_CONFIRM
    http://www.kb.cert.org/vuls/id/288574 third-party-advisoryx_refsource_CERT-VN
    http://www.debian.org/security/2004/dsa-465 vendor-advisoryx_refsource_DEBIAN
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://secunia.com/advisories/18247 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    Date Public
    2004-03-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:01:23.689Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "9899",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9899"
              },
              {
                "name": "FEDORA-2005-1042",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
              },
              {
                "name": "ESA-20040317-003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_ENGARDE",
                  "x_transferred"
                ],
                "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
              },
              {
                "name": "SSRT4717",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
              },
              {
                "name": "RHSA-2004:121",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
              },
              {
                "name": "MDKSA-2004:023",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
              },
              {
                "name": "oval:org.mitre.oval:def:2621",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
              },
              {
                "name": "CLA-2004:834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
              },
              {
                "name": "SCOSA-2004.10",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
              },
              {
                "name": "17381",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17381"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
              },
              {
                "name": "FEDORA-2004-095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
              },
              {
                "name": "oval:org.mitre.oval:def:9779",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
              },
              {
                "name": "oval:org.mitre.oval:def:975",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
              },
              {
                "name": "57524",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
              },
              {
                "name": "SuSE-SA:2004:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.openssl.org/news/secadv_20040317.txt"
              },
              {
                "name": "FreeBSD-SA-04:05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FREEBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
              },
              {
                "name": "NetBSD-SA2004-005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
              },
              {
                "name": "O-101",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
              },
              {
                "name": "TA04-078A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
              },
              {
                "name": "17401",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17401"
              },
              {
                "name": "RHSA-2005:829",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
              },
              {
                "name": "oval:org.mitre.oval:def:870",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
              },
              {
                "name": "RHSA-2005:830",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
              },
              {
                "name": "GLSA-200403-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
              },
              {
                "name": "11139",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11139"
              },
              {
                "name": "RHSA-2004:120",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
              },
              {
                "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
              },
              {
                "name": "APPLE-SA-2005-08-15",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
              },
              {
                "name": "17398",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17398"
              },
              {
                "name": "SSA:2004-077",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
              },
              {
                "name": "RHSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
              },
              {
                "name": "openssl-dochangecipherspec-dos(15505)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
              },
              {
                "name": "2004-0012",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TRUSTIX",
                  "x_transferred"
                ],
                "url": "http://www.trustix.org/errata/2004/0012"
              },
              {
                "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://docs.info.apple.com/article.html?artnum=61798"
              },
              {
                "name": "VU#288574",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/288574"
              },
              {
                "name": "DSA-465",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-465"
              },
              {
                "name": "APPLE-SA-2005-08-17",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
              },
              {
                "name": "18247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18247"
              },
              {
                "name": "oval:org.mitre.oval:def:5770",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2004-0079",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-08T16:21:54.985893Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-476",
                    "description": "CWE-476 NULL Pointer Dereference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-16T17:33:22.869Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "9899",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9899"
            },
            {
              "name": "FEDORA-2005-1042",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
            },
            {
              "name": "ESA-20040317-003",
              "tags": [
                "vendor-advisory",
                "x_refsource_ENGARDE"
              ],
              "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
            },
            {
              "name": "SSRT4717",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
            },
            {
              "name": "RHSA-2004:121",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
            },
            {
              "name": "MDKSA-2004:023",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
            },
            {
              "name": "oval:org.mitre.oval:def:2621",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
            },
            {
              "name": "CLA-2004:834",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
            },
            {
              "name": "SCOSA-2004.10",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
            },
            {
              "name": "17381",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17381"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
            },
            {
              "name": "FEDORA-2004-095",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
            },
            {
              "name": "oval:org.mitre.oval:def:9779",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
            },
            {
              "name": "oval:org.mitre.oval:def:975",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
            },
            {
              "name": "57524",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
            },
            {
              "name": "SuSE-SA:2004:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.openssl.org/news/secadv_20040317.txt"
            },
            {
              "name": "FreeBSD-SA-04:05",
              "tags": [
                "vendor-advisory",
                "x_refsource_FREEBSD"
              ],
              "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
            },
            {
              "name": "NetBSD-SA2004-005",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
            },
            {
              "name": "O-101",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
            },
            {
              "name": "TA04-078A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
            },
            {
              "name": "17401",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17401"
            },
            {
              "name": "RHSA-2005:829",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
            },
            {
              "name": "oval:org.mitre.oval:def:870",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
            },
            {
              "name": "RHSA-2005:830",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
            },
            {
              "name": "GLSA-200403-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
            },
            {
              "name": "11139",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11139"
            },
            {
              "name": "RHSA-2004:120",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
            },
            {
              "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
            },
            {
              "name": "APPLE-SA-2005-08-15",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
            },
            {
              "name": "17398",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17398"
            },
            {
              "name": "SSA:2004-077",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
            },
            {
              "name": "RHSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
            },
            {
              "name": "openssl-dochangecipherspec-dos(15505)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
            },
            {
              "name": "2004-0012",
              "tags": [
                "vendor-advisory",
                "x_refsource_TRUSTIX"
              ],
              "url": "http://www.trustix.org/errata/2004/0012"
            },
            {
              "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://docs.info.apple.com/article.html?artnum=61798"
            },
            {
              "name": "VU#288574",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/288574"
            },
            {
              "name": "DSA-465",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-465"
            },
            {
              "name": "APPLE-SA-2005-08-17",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
            },
            {
              "name": "18247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18247"
            },
            {
              "name": "oval:org.mitre.oval:def:5770",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0079",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "9899",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9899"
                },
                {
                  "name": "FEDORA-2005-1042",
                  "refsource": "FEDORA",
                  "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
                },
                {
                  "name": "ESA-20040317-003",
                  "refsource": "ENGARDE",
                  "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
                },
                {
                  "name": "SSRT4717",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
                },
                {
                  "name": "RHSA-2004:121",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
                },
                {
                  "name": "MDKSA-2004:023",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
                },
                {
                  "name": "oval:org.mitre.oval:def:2621",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
                },
                {
                  "name": "CLA-2004:834",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
                },
                {
                  "name": "SCOSA-2004.10",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
                },
                {
                  "name": "17381",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17381"
                },
                {
                  "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
                  "refsource": "MISC",
                  "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
                },
                {
                  "name": "FEDORA-2004-095",
                  "refsource": "FEDORA",
                  "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
                },
                {
                  "name": "oval:org.mitre.oval:def:9779",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
                },
                {
                  "name": "oval:org.mitre.oval:def:975",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
                },
                {
                  "name": "57524",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
                },
                {
                  "name": "SuSE-SA:2004:007",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
                },
                {
                  "name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html",
                  "refsource": "CONFIRM",
                  "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
                },
                {
                  "name": "http://www.openssl.org/news/secadv_20040317.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.openssl.org/news/secadv_20040317.txt"
                },
                {
                  "name": "FreeBSD-SA-04:05",
                  "refsource": "FREEBSD",
                  "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
                },
                {
                  "name": "NetBSD-SA2004-005",
                  "refsource": "NETBSD",
                  "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
                },
                {
                  "name": "O-101",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
                },
                {
                  "name": "TA04-078A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
                },
                {
                  "name": "17401",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17401"
                },
                {
                  "name": "RHSA-2005:829",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
                },
                {
                  "name": "oval:org.mitre.oval:def:870",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
                },
                {
                  "name": "RHSA-2005:830",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
                },
                {
                  "name": "GLSA-200403-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
                },
                {
                  "name": "11139",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11139"
                },
                {
                  "name": "RHSA-2004:120",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
                },
                {
                  "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
                },
                {
                  "name": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US",
                  "refsource": "CONFIRM",
                  "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
                },
                {
                  "name": "APPLE-SA-2005-08-15",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
                },
                {
                  "name": "17398",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17398"
                },
                {
                  "name": "SSA:2004-077",
                  "refsource": "SLACKWARE",
                  "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
                },
                {
                  "name": "RHSA-2004:139",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
                },
                {
                  "name": "openssl-dochangecipherspec-dos(15505)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
                },
                {
                  "name": "2004-0012",
                  "refsource": "TRUSTIX",
                  "url": "http://www.trustix.org/errata/2004/0012"
                },
                {
                  "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
                },
                {
                  "name": "http://docs.info.apple.com/article.html?artnum=61798",
                  "refsource": "CONFIRM",
                  "url": "http://docs.info.apple.com/article.html?artnum=61798"
                },
                {
                  "name": "VU#288574",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/288574"
                },
                {
                  "name": "DSA-465",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-465"
                },
                {
                  "name": "APPLE-SA-2005-08-17",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
                },
                {
                  "name": "18247",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18247"
                },
                {
                  "name": "oval:org.mitre.oval:def:5770",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0079",
        "datePublished": "2004-03-18T05:00:00.000Z",
        "dateReserved": "2004-01-19T00:00:00.000Z",
        "dateUpdated": "2025-01-16T17:33:22.869Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-6277 (GCVE-0-2015-6277)

    Vulnerability from cvelistv5 – Published: 2015-09-02 16:00 – Updated: 2024-08-06 07:15
    VLAI
    Summary
    The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1033443 vdb-entryx_refsource_SECTRACK
    http://tools.cisco.com/security/center/viewAlert.… vendor-advisoryx_refsource_CISCO
    Date Public
    2015-09-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T07:15:13.302Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1033443",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1033443"
              },
              {
                "name": "20150901 Cisco NX-OS Malformed ARP Header Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-09-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-19T09:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "1033443",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1033443"
            },
            {
              "name": "20150901 Cisco NX-OS Malformed ARP Header Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2015-6277",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1033443",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1033443"
                },
                {
                  "name": "20150901 Cisco NX-OS Malformed ARP Header Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2015-6277",
        "datePublished": "2015-09-02T16:00:00.000Z",
        "dateReserved": "2015-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T07:15:13.302Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2201 (GCVE-0-2014-2201)

    Vulnerability from cvelistv5 – Published: 2014-05-24 01:00 – Updated: 2024-08-06 10:06
    VLAI
    Summary
    The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Date Public
    2014-05-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:06:00.199Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20140521 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-05-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-05-24T01:57:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20140521 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2014-2201",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20140521 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2014-2201",
        "datePublished": "2014-05-24T01:00:00.000Z",
        "dateReserved": "2014-02-25T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:06:00.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1192 (GCVE-0-2013-1192)

    Vulnerability from cvelistv5 – Published: 2013-04-25 10:00 – Updated: 2024-09-16 20:22
    VLAI
    Summary
    The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:57:03.530Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130424 Cisco Device Manager Command Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-fmdm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-04-25T10:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130424 Cisco Device Manager Command Execution Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-fmdm"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-1192",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130424 Cisco Device Manager Command Execution Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-fmdm"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-1192",
        "datePublished": "2013-04-25T10:00:00.000Z",
        "dateReserved": "2013-01-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:22:27.150Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1179 (GCVE-0-2013-1179)

    Vulnerability from cvelistv5 – Published: 2013-04-25 10:00 – Updated: 2024-09-16 19:51
    VLAI
    Summary
    Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:49:20.699Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-04-25T10:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-1179",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-1179",
        "datePublished": "2013-04-25T10:00:00.000Z",
        "dateReserved": "2013-01-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:51:24.503Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1180 (GCVE-0-2013-1180)

    Vulnerability from cvelistv5 – Published: 2013-04-25 10:00 – Updated: 2024-09-16 22:19
    VLAI
    Summary
    Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:49:20.937Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-04-25T10:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-1180",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-1180",
        "datePublished": "2013-04-25T10:00:00.000Z",
        "dateReserved": "2013-01-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:19:44.167Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1178 (GCVE-0-2013-1178)

    Vulnerability from cvelistv5 – Published: 2013-04-25 10:00 – Updated: 2024-09-17 00:17
    VLAI
    Summary
    Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:49:20.703Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-04-25T10:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-1178",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-1178",
        "datePublished": "2013-04-25T10:00:00.000Z",
        "dateReserved": "2013-01-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:17:30.568Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3669 (GCVE-0-2005-3669)

    Vulnerability from cvelistv5 – Published: 2005-11-18 21:00 – Updated: 2024-08-07 23:17
    VLAI
    Summary
    Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015200 vdb-entryx_refsource_SECTRACK
    http://securitytracker.com/id?1015202 vdb-entryx_refsource_SECTRACK
    http://www.niscc.gov.uk/niscc/docs/br-20051114-01… x_refsource_MISC
    http://jvn.jp/niscc/NISCC-273756/index.html x_refsource_MISC
    http://securitytracker.com/id?1015201 vdb-entryx_refsource_SECTRACK
    http://www.ee.oulu.fi/research/ouspg/protos/testi… x_refsource_MISC
    http://www.securityfocus.com/bid/15401 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/226364 third-party-advisoryx_refsource_CERT-VN
    http://securitytracker.com/id?1015199 vdb-entryx_refsource_SECTRACK
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://securitytracker.com/id?1015198 vdb-entryx_refsource_SECTRACK
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://secunia.com/advisories/17553 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-11-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:23.435Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015200",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015200"
              },
              {
                "name": "1015202",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015202"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
              },
              {
                "name": "1015201",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015201"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
              },
              {
                "name": "15401",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15401"
              },
              {
                "name": "VU#226364",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/226364"
              },
              {
                "name": "1015199",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015199"
              },
              {
                "name": "oval:org.mitre.oval:def:5226",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5226"
              },
              {
                "name": "1015198",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015198"
              },
              {
                "name": "20051114 Multiple Vulnerabilities Found by PROTOS IPSec Test Suite",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
              },
              {
                "name": "17553",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17553"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015200",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015200"
            },
            {
              "name": "1015202",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015202"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
            },
            {
              "name": "1015201",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015201"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
            },
            {
              "name": "15401",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15401"
            },
            {
              "name": "VU#226364",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/226364"
            },
            {
              "name": "1015199",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015199"
            },
            {
              "name": "oval:org.mitre.oval:def:5226",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5226"
            },
            {
              "name": "1015198",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015198"
            },
            {
              "name": "20051114 Multiple Vulnerabilities Found by PROTOS IPSec Test Suite",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
            },
            {
              "name": "17553",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17553"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3669",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015200",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015200"
                },
                {
                  "name": "1015202",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015202"
                },
                {
                  "name": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en",
                  "refsource": "MISC",
                  "url": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en"
                },
                {
                  "name": "http://jvn.jp/niscc/NISCC-273756/index.html",
                  "refsource": "MISC",
                  "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
                },
                {
                  "name": "1015201",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015201"
                },
                {
                  "name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/",
                  "refsource": "MISC",
                  "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
                },
                {
                  "name": "15401",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15401"
                },
                {
                  "name": "VU#226364",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/226364"
                },
                {
                  "name": "1015199",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015199"
                },
                {
                  "name": "oval:org.mitre.oval:def:5226",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5226"
                },
                {
                  "name": "1015198",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015198"
                },
                {
                  "name": "20051114 Multiple Vulnerabilities Found by PROTOS IPSec Test Suite",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
                },
                {
                  "name": "17553",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17553"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3669",
        "datePublished": "2005-11-18T21:00:00.000Z",
        "dateReserved": "2005-11-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:17:23.435Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0112 (GCVE-0-2004-0112)

    Vulnerability from cvelistv5 – Published: 2004-03-18 05:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/9899 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=108403806509920&w=2 vendor-advisoryx_refsource_HP
    http://www.redhat.com/support/errata/RHSA-2004-121.html vendor-advisoryx_refsource_REDHAT
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20… vendor-advisoryx_refsource_SCO
    http://www.uniras.gov.uk/vuls/2004/224012/index.htm x_refsource_MISC
    http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=f… vendor-advisoryx_refsource_SUNALERT
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://lists.apple.com/mhonarc/security-announce/… x_refsource_CONFIRM
    http://www.openssl.org/news/secadv_20040317.txt x_refsource_CONFIRM
    ftp://ftp.netbsd.org/pub/NetBSD/security/advisori… vendor-advisoryx_refsource_NETBSD
    http://www.ciac.org/ciac/bulletins/o-101.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    http://www.us-cert.gov/cas/techalerts/TA04-078A.html third-party-advisoryx_refsource_CERT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/484726 third-party-advisoryx_refsource_CERT-VN
    http://security.gentoo.org/glsa/glsa-200403-03.xml vendor-advisoryx_refsource_GENTOO
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/11139 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2004-120.html vendor-advisoryx_refsource_REDHAT
    http://marc.info/?l=bugtraq&m=107953412903636&w=2 mailing-listx_refsource_BUGTRAQ
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://www.slackware.org/security/viewer.php?l=sl… vendor-advisoryx_refsource_SLACKWARE
    http://www.trustix.org/errata/2004/0012 vendor-advisoryx_refsource_TRUSTIX
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://docs.info.apple.com/article.html?artnum=61798 x_refsource_CONFIRM
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    Date Public
    2004-03-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.359Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "9899",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9899"
              },
              {
                "name": "SSRT4717",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
              },
              {
                "name": "RHSA-2004:121",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
              },
              {
                "name": "MDKSA-2004:023",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
              },
              {
                "name": "CLA-2004:834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
              },
              {
                "name": "SCOSA-2004.10",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
              },
              {
                "name": "57524",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
              },
              {
                "name": "SuSE-SA:2004:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.openssl.org/news/secadv_20040317.txt"
              },
              {
                "name": "NetBSD-SA2004-005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
              },
              {
                "name": "O-101",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
              },
              {
                "name": "TA04-078A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
              },
              {
                "name": "oval:org.mitre.oval:def:1049",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
              },
              {
                "name": "openssl-kerberos-ciphersuites-dos(15508)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
              },
              {
                "name": "VU#484726",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/484726"
              },
              {
                "name": "GLSA-200403-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
              },
              {
                "name": "oval:org.mitre.oval:def:9580",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
              },
              {
                "name": "11139",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11139"
              },
              {
                "name": "RHSA-2004:120",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
              },
              {
                "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
              },
              {
                "name": "APPLE-SA-2005-08-15",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
              },
              {
                "name": "SSA:2004-077",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
              },
              {
                "name": "2004-0012",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TRUSTIX",
                  "x_transferred"
                ],
                "url": "http://www.trustix.org/errata/2004/0012"
              },
              {
                "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://docs.info.apple.com/article.html?artnum=61798"
              },
              {
                "name": "APPLE-SA-2005-08-17",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
              },
              {
                "name": "oval:org.mitre.oval:def:928",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "9899",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9899"
            },
            {
              "name": "SSRT4717",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
            },
            {
              "name": "RHSA-2004:121",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
            },
            {
              "name": "MDKSA-2004:023",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
            },
            {
              "name": "CLA-2004:834",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
            },
            {
              "name": "SCOSA-2004.10",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
            },
            {
              "name": "57524",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
            },
            {
              "name": "SuSE-SA:2004:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.openssl.org/news/secadv_20040317.txt"
            },
            {
              "name": "NetBSD-SA2004-005",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
            },
            {
              "name": "O-101",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
            },
            {
              "name": "TA04-078A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:1049",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
            },
            {
              "name": "openssl-kerberos-ciphersuites-dos(15508)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
            },
            {
              "name": "VU#484726",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/484726"
            },
            {
              "name": "GLSA-200403-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:9580",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
            },
            {
              "name": "11139",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11139"
            },
            {
              "name": "RHSA-2004:120",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
            },
            {
              "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
            },
            {
              "name": "APPLE-SA-2005-08-15",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
            },
            {
              "name": "SSA:2004-077",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
            },
            {
              "name": "2004-0012",
              "tags": [
                "vendor-advisory",
                "x_refsource_TRUSTIX"
              ],
              "url": "http://www.trustix.org/errata/2004/0012"
            },
            {
              "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://docs.info.apple.com/article.html?artnum=61798"
            },
            {
              "name": "APPLE-SA-2005-08-17",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
            },
            {
              "name": "oval:org.mitre.oval:def:928",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0112",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "9899",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9899"
                },
                {
                  "name": "SSRT4717",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
                },
                {
                  "name": "RHSA-2004:121",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
                },
                {
                  "name": "MDKSA-2004:023",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
                },
                {
                  "name": "CLA-2004:834",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
                },
                {
                  "name": "SCOSA-2004.10",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
                },
                {
                  "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
                  "refsource": "MISC",
                  "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
                },
                {
                  "name": "57524",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
                },
                {
                  "name": "SuSE-SA:2004:007",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
                },
                {
                  "name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html",
                  "refsource": "CONFIRM",
                  "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
                },
                {
                  "name": "http://www.openssl.org/news/secadv_20040317.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.openssl.org/news/secadv_20040317.txt"
                },
                {
                  "name": "NetBSD-SA2004-005",
                  "refsource": "NETBSD",
                  "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
                },
                {
                  "name": "O-101",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
                },
                {
                  "name": "TA04-078A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:1049",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
                },
                {
                  "name": "openssl-kerberos-ciphersuites-dos(15508)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
                },
                {
                  "name": "VU#484726",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/484726"
                },
                {
                  "name": "GLSA-200403-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
                },
                {
                  "name": "oval:org.mitre.oval:def:9580",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
                },
                {
                  "name": "11139",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11139"
                },
                {
                  "name": "RHSA-2004:120",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
                },
                {
                  "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
                },
                {
                  "name": "APPLE-SA-2005-08-15",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
                },
                {
                  "name": "SSA:2004-077",
                  "refsource": "SLACKWARE",
                  "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
                },
                {
                  "name": "2004-0012",
                  "refsource": "TRUSTIX",
                  "url": "http://www.trustix.org/errata/2004/0012"
                },
                {
                  "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
                },
                {
                  "name": "http://docs.info.apple.com/article.html?artnum=61798",
                  "refsource": "CONFIRM",
                  "url": "http://docs.info.apple.com/article.html?artnum=61798"
                },
                {
                  "name": "APPLE-SA-2005-08-17",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:928",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0112",
        "datePublished": "2004-03-18T05:00:00.000Z",
        "dateReserved": "2004-02-02T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.359Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0081 (GCVE-0-2004-0081)

    Vulnerability from cvelistv5 – Published: 2004-03-18 05:00 – Updated: 2024-08-08 00:01
    VLAI
    Summary
    OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/9899 vdb-entryx_refsource_BID
    http://www.linuxsecurity.com/advisories/engarde_a… vendor-advisoryx_refsource_ENGARDE
    http://marc.info/?l=bugtraq&m=107955049331965&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.redhat.com/support/errata/RHSA-2004-121.html vendor-advisoryx_refsource_REDHAT
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20… vendor-advisoryx_refsource_SCO
    ftp://patches.sgi.com/support/free/security/advis… vendor-advisoryx_refsource_SGI
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.uniras.gov.uk/vuls/2004/224012/index.htm x_refsource_MISC
    http://fedoranews.org/updates/FEDORA-2004-095.shtml vendor-advisoryx_refsource_FEDORA
    http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=f… vendor-advisoryx_refsource_SUNALERT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.kb.cert.org/vuls/id/465542 third-party-advisoryx_refsource_CERT-VN
    http://www.us-cert.gov/cas/techalerts/TA04-078A.html third-party-advisoryx_refsource_CERT
    http://security.gentoo.org/glsa/glsa-200403-03.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/11139 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2004-120.html vendor-advisoryx_refsource_REDHAT
    http://rhn.redhat.com/errata/RHSA-2004-119.html vendor-advisoryx_refsource_REDHAT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2004-139.html vendor-advisoryx_refsource_REDHAT
    http://www.trustix.org/errata/2004/0012 vendor-advisoryx_refsource_TRUSTIX
    http://marc.info/?l=bugtraq&m=108403850228012&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://www.debian.org/security/2004/dsa-465 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2004-03-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:01:23.650Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "9899",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9899"
              },
              {
                "name": "ESA-20040317-003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_ENGARDE",
                  "x_transferred"
                ],
                "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
              },
              {
                "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17  March 2004]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
              },
              {
                "name": "RHSA-2004:121",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
              },
              {
                "name": "CLA-2004:834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
              },
              {
                "name": "SCOSA-2004.10",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
              },
              {
                "name": "20040304-01-U",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SGI",
                  "x_transferred"
                ],
                "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
              },
              {
                "name": "openssl-tls-dos(15509)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
              },
              {
                "name": "FEDORA-2004-095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
              },
              {
                "name": "57524",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
              },
              {
                "name": "oval:org.mitre.oval:def:871",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
              },
              {
                "name": "oval:org.mitre.oval:def:11755",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
              },
              {
                "name": "VU#465542",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/465542"
              },
              {
                "name": "TA04-078A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
              },
              {
                "name": "GLSA-200403-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
              },
              {
                "name": "11139",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11139"
              },
              {
                "name": "RHSA-2004:120",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
              },
              {
                "name": "RHSA-2004:119",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
              },
              {
                "name": "oval:org.mitre.oval:def:902",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
              },
              {
                "name": "RHSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
              },
              {
                "name": "2004-0012",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TRUSTIX",
                  "x_transferred"
                ],
                "url": "http://www.trustix.org/errata/2004/0012"
              },
              {
                "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
              },
              {
                "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
              },
              {
                "name": "DSA-465",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-465"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "9899",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9899"
            },
            {
              "name": "ESA-20040317-003",
              "tags": [
                "vendor-advisory",
                "x_refsource_ENGARDE"
              ],
              "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
            },
            {
              "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17  March 2004]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
            },
            {
              "name": "RHSA-2004:121",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
            },
            {
              "name": "CLA-2004:834",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
            },
            {
              "name": "SCOSA-2004.10",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
            },
            {
              "name": "20040304-01-U",
              "tags": [
                "vendor-advisory",
                "x_refsource_SGI"
              ],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
            },
            {
              "name": "openssl-tls-dos(15509)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
            },
            {
              "name": "FEDORA-2004-095",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
            },
            {
              "name": "57524",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
            },
            {
              "name": "oval:org.mitre.oval:def:871",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
            },
            {
              "name": "oval:org.mitre.oval:def:11755",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
            },
            {
              "name": "VU#465542",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/465542"
            },
            {
              "name": "TA04-078A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
            },
            {
              "name": "GLSA-200403-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
            },
            {
              "name": "11139",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11139"
            },
            {
              "name": "RHSA-2004:120",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
            },
            {
              "name": "RHSA-2004:119",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
            },
            {
              "name": "oval:org.mitre.oval:def:902",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
            },
            {
              "name": "RHSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
            },
            {
              "name": "2004-0012",
              "tags": [
                "vendor-advisory",
                "x_refsource_TRUSTIX"
              ],
              "url": "http://www.trustix.org/errata/2004/0012"
            },
            {
              "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
            },
            {
              "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
            },
            {
              "name": "DSA-465",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-465"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0081",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "9899",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9899"
                },
                {
                  "name": "ESA-20040317-003",
                  "refsource": "ENGARDE",
                  "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
                },
                {
                  "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17  March 2004]",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
                },
                {
                  "name": "RHSA-2004:121",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
                },
                {
                  "name": "CLA-2004:834",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
                },
                {
                  "name": "SCOSA-2004.10",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
                },
                {
                  "name": "20040304-01-U",
                  "refsource": "SGI",
                  "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
                },
                {
                  "name": "openssl-tls-dos(15509)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
                },
                {
                  "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
                  "refsource": "MISC",
                  "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
                },
                {
                  "name": "FEDORA-2004-095",
                  "refsource": "FEDORA",
                  "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
                },
                {
                  "name": "57524",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
                },
                {
                  "name": "oval:org.mitre.oval:def:871",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
                },
                {
                  "name": "oval:org.mitre.oval:def:11755",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
                },
                {
                  "name": "VU#465542",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/465542"
                },
                {
                  "name": "TA04-078A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
                },
                {
                  "name": "GLSA-200403-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
                },
                {
                  "name": "11139",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11139"
                },
                {
                  "name": "RHSA-2004:120",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
                },
                {
                  "name": "RHSA-2004:119",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:902",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
                },
                {
                  "name": "RHSA-2004:139",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
                },
                {
                  "name": "2004-0012",
                  "refsource": "TRUSTIX",
                  "url": "http://www.trustix.org/errata/2004/0012"
                },
                {
                  "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
                },
                {
                  "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
                },
                {
                  "name": "DSA-465",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-465"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0081",
        "datePublished": "2004-03-18T05:00:00.000Z",
        "dateReserved": "2004-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:01:23.650Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0079 (GCVE-0-2004-0079)

    Vulnerability from cvelistv5 – Published: 2004-03-18 05:00 – Updated: 2025-01-16 17:33
    VLAI
    Summary
    The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/9899 vdb-entryx_refsource_BID
    http://www.redhat.com/archives/fedora-announce-li… vendor-advisoryx_refsource_FEDORA
    http://www.linuxsecurity.com/advisories/engarde_a… vendor-advisoryx_refsource_ENGARDE
    http://marc.info/?l=bugtraq&m=108403806509920&w=2 vendor-advisoryx_refsource_HP
    http://www.redhat.com/support/errata/RHSA-2004-121.html vendor-advisoryx_refsource_REDHAT
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20… vendor-advisoryx_refsource_SCO
    http://secunia.com/advisories/17381 third-party-advisoryx_refsource_SECUNIA
    http://www.uniras.gov.uk/vuls/2004/224012/index.htm x_refsource_MISC
    http://fedoranews.org/updates/FEDORA-2004-095.shtml vendor-advisoryx_refsource_FEDORA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=f… vendor-advisoryx_refsource_SUNALERT
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://lists.apple.com/mhonarc/security-announce/… x_refsource_CONFIRM
    http://www.openssl.org/news/secadv_20040317.txt x_refsource_CONFIRM
    ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories… vendor-advisoryx_refsource_FREEBSD
    ftp://ftp.netbsd.org/pub/NetBSD/security/advisori… vendor-advisoryx_refsource_NETBSD
    http://www.ciac.org/ciac/bulletins/o-101.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    http://www.us-cert.gov/cas/techalerts/TA04-078A.html third-party-advisoryx_refsource_CERT
    http://secunia.com/advisories/17401 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-829.html vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2005-830.html vendor-advisoryx_refsource_REDHAT
    http://security.gentoo.org/glsa/glsa-200403-03.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/11139 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2004-120.html vendor-advisoryx_refsource_REDHAT
    http://marc.info/?l=bugtraq&m=107953412903636&w=2 mailing-listx_refsource_BUGTRAQ
    http://support.lexmark.com/index?page=content&id=… x_refsource_CONFIRM
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://secunia.com/advisories/17398 third-party-advisoryx_refsource_SECUNIA
    http://www.slackware.org/security/viewer.php?l=sl… vendor-advisoryx_refsource_SLACKWARE
    http://www.redhat.com/support/errata/RHSA-2004-139.html vendor-advisoryx_refsource_REDHAT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.trustix.org/errata/2004/0012 vendor-advisoryx_refsource_TRUSTIX
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://docs.info.apple.com/article.html?artnum=61798 x_refsource_CONFIRM
    http://www.kb.cert.org/vuls/id/288574 third-party-advisoryx_refsource_CERT-VN
    http://www.debian.org/security/2004/dsa-465 vendor-advisoryx_refsource_DEBIAN
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://secunia.com/advisories/18247 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    Date Public
    2004-03-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:01:23.689Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "9899",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9899"
              },
              {
                "name": "FEDORA-2005-1042",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
              },
              {
                "name": "ESA-20040317-003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_ENGARDE",
                  "x_transferred"
                ],
                "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
              },
              {
                "name": "SSRT4717",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
              },
              {
                "name": "RHSA-2004:121",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
              },
              {
                "name": "MDKSA-2004:023",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
              },
              {
                "name": "oval:org.mitre.oval:def:2621",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
              },
              {
                "name": "CLA-2004:834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
              },
              {
                "name": "SCOSA-2004.10",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
              },
              {
                "name": "17381",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17381"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
              },
              {
                "name": "FEDORA-2004-095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
              },
              {
                "name": "oval:org.mitre.oval:def:9779",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
              },
              {
                "name": "oval:org.mitre.oval:def:975",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
              },
              {
                "name": "57524",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
              },
              {
                "name": "SuSE-SA:2004:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.openssl.org/news/secadv_20040317.txt"
              },
              {
                "name": "FreeBSD-SA-04:05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FREEBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
              },
              {
                "name": "NetBSD-SA2004-005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
              },
              {
                "name": "O-101",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
              },
              {
                "name": "TA04-078A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
              },
              {
                "name": "17401",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17401"
              },
              {
                "name": "RHSA-2005:829",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
              },
              {
                "name": "oval:org.mitre.oval:def:870",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
              },
              {
                "name": "RHSA-2005:830",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
              },
              {
                "name": "GLSA-200403-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
              },
              {
                "name": "11139",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11139"
              },
              {
                "name": "RHSA-2004:120",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
              },
              {
                "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
              },
              {
                "name": "APPLE-SA-2005-08-15",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
              },
              {
                "name": "17398",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17398"
              },
              {
                "name": "SSA:2004-077",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
              },
              {
                "name": "RHSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
              },
              {
                "name": "openssl-dochangecipherspec-dos(15505)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
              },
              {
                "name": "2004-0012",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TRUSTIX",
                  "x_transferred"
                ],
                "url": "http://www.trustix.org/errata/2004/0012"
              },
              {
                "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://docs.info.apple.com/article.html?artnum=61798"
              },
              {
                "name": "VU#288574",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/288574"
              },
              {
                "name": "DSA-465",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-465"
              },
              {
                "name": "APPLE-SA-2005-08-17",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
              },
              {
                "name": "18247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18247"
              },
              {
                "name": "oval:org.mitre.oval:def:5770",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2004-0079",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-08T16:21:54.985893Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-476",
                    "description": "CWE-476 NULL Pointer Dereference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-16T17:33:22.869Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "9899",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9899"
            },
            {
              "name": "FEDORA-2005-1042",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
            },
            {
              "name": "ESA-20040317-003",
              "tags": [
                "vendor-advisory",
                "x_refsource_ENGARDE"
              ],
              "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
            },
            {
              "name": "SSRT4717",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
            },
            {
              "name": "RHSA-2004:121",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
            },
            {
              "name": "MDKSA-2004:023",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
            },
            {
              "name": "oval:org.mitre.oval:def:2621",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
            },
            {
              "name": "CLA-2004:834",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
            },
            {
              "name": "SCOSA-2004.10",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
            },
            {
              "name": "17381",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17381"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
            },
            {
              "name": "FEDORA-2004-095",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
            },
            {
              "name": "oval:org.mitre.oval:def:9779",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
            },
            {
              "name": "oval:org.mitre.oval:def:975",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
            },
            {
              "name": "57524",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
            },
            {
              "name": "SuSE-SA:2004:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.openssl.org/news/secadv_20040317.txt"
            },
            {
              "name": "FreeBSD-SA-04:05",
              "tags": [
                "vendor-advisory",
                "x_refsource_FREEBSD"
              ],
              "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
            },
            {
              "name": "NetBSD-SA2004-005",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
            },
            {
              "name": "O-101",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
            },
            {
              "name": "TA04-078A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
            },
            {
              "name": "17401",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17401"
            },
            {
              "name": "RHSA-2005:829",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
            },
            {
              "name": "oval:org.mitre.oval:def:870",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
            },
            {
              "name": "RHSA-2005:830",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
            },
            {
              "name": "GLSA-200403-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
            },
            {
              "name": "11139",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11139"
            },
            {
              "name": "RHSA-2004:120",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
            },
            {
              "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
            },
            {
              "name": "APPLE-SA-2005-08-15",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
            },
            {
              "name": "17398",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17398"
            },
            {
              "name": "SSA:2004-077",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
            },
            {
              "name": "RHSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
            },
            {
              "name": "openssl-dochangecipherspec-dos(15505)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
            },
            {
              "name": "2004-0012",
              "tags": [
                "vendor-advisory",
                "x_refsource_TRUSTIX"
              ],
              "url": "http://www.trustix.org/errata/2004/0012"
            },
            {
              "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://docs.info.apple.com/article.html?artnum=61798"
            },
            {
              "name": "VU#288574",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/288574"
            },
            {
              "name": "DSA-465",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-465"
            },
            {
              "name": "APPLE-SA-2005-08-17",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
            },
            {
              "name": "18247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18247"
            },
            {
              "name": "oval:org.mitre.oval:def:5770",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0079",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "9899",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9899"
                },
                {
                  "name": "FEDORA-2005-1042",
                  "refsource": "FEDORA",
                  "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
                },
                {
                  "name": "ESA-20040317-003",
                  "refsource": "ENGARDE",
                  "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
                },
                {
                  "name": "SSRT4717",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
                },
                {
                  "name": "RHSA-2004:121",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
                },
                {
                  "name": "MDKSA-2004:023",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
                },
                {
                  "name": "oval:org.mitre.oval:def:2621",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
                },
                {
                  "name": "CLA-2004:834",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
                },
                {
                  "name": "SCOSA-2004.10",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
                },
                {
                  "name": "17381",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17381"
                },
                {
                  "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
                  "refsource": "MISC",
                  "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
                },
                {
                  "name": "FEDORA-2004-095",
                  "refsource": "FEDORA",
                  "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
                },
                {
                  "name": "oval:org.mitre.oval:def:9779",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
                },
                {
                  "name": "oval:org.mitre.oval:def:975",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
                },
                {
                  "name": "57524",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
                },
                {
                  "name": "SuSE-SA:2004:007",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
                },
                {
                  "name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html",
                  "refsource": "CONFIRM",
                  "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
                },
                {
                  "name": "http://www.openssl.org/news/secadv_20040317.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.openssl.org/news/secadv_20040317.txt"
                },
                {
                  "name": "FreeBSD-SA-04:05",
                  "refsource": "FREEBSD",
                  "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
                },
                {
                  "name": "NetBSD-SA2004-005",
                  "refsource": "NETBSD",
                  "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
                },
                {
                  "name": "O-101",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
                },
                {
                  "name": "TA04-078A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
                },
                {
                  "name": "17401",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17401"
                },
                {
                  "name": "RHSA-2005:829",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
                },
                {
                  "name": "oval:org.mitre.oval:def:870",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
                },
                {
                  "name": "RHSA-2005:830",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
                },
                {
                  "name": "GLSA-200403-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
                },
                {
                  "name": "11139",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11139"
                },
                {
                  "name": "RHSA-2004:120",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
                },
                {
                  "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
                },
                {
                  "name": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US",
                  "refsource": "CONFIRM",
                  "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
                },
                {
                  "name": "APPLE-SA-2005-08-15",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
                },
                {
                  "name": "17398",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17398"
                },
                {
                  "name": "SSA:2004-077",
                  "refsource": "SLACKWARE",
                  "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
                },
                {
                  "name": "RHSA-2004:139",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
                },
                {
                  "name": "openssl-dochangecipherspec-dos(15505)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
                },
                {
                  "name": "2004-0012",
                  "refsource": "TRUSTIX",
                  "url": "http://www.trustix.org/errata/2004/0012"
                },
                {
                  "name": "20040317 Cisco OpenSSL Implementation Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
                },
                {
                  "name": "http://docs.info.apple.com/article.html?artnum=61798",
                  "refsource": "CONFIRM",
                  "url": "http://docs.info.apple.com/article.html?artnum=61798"
                },
                {
                  "name": "VU#288574",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/288574"
                },
                {
                  "name": "DSA-465",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-465"
                },
                {
                  "name": "APPLE-SA-2005-08-17",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
                },
                {
                  "name": "18247",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18247"
                },
                {
                  "name": "oval:org.mitre.oval:def:5770",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0079",
        "datePublished": "2004-03-18T05:00:00.000Z",
        "dateReserved": "2004-01-19T00:00:00.000Z",
        "dateUpdated": "2025-01-16T17:33:22.869Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }