MidnightBSD

Advisories for lite

CVE-2004-0079 MEDIUM

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
freebsd freebsd 5.2.1
securecomputing sidewinder 5.2.0.04
checkpoint firewall-1 *
openssl openssl 0.9.7c
sgi propack 3.0
checkpoint provider-1 4.1
redhat linux 8.0
sco openserver 5.0.6
lite speed_technologies_litespeed_web_server 1.0.2
checkpoint vpn-1 next_generation_fp2
novell imanager 1.5
avaya sg200 4.31.29
cisco application_and_content_networking_software *
stonesoft stonegate 1.7.2
lite speed_technologies_litespeed_web_server 1.3
novell imanager 2.0
stonesoft stonegate 1.6.2
avaya intuity_audix 5.1.46
avaya sg208 4.4
stonesoft stonegate_vpn_client 2.0
securecomputing sidewinder 5.2.0.02
stonesoft stonegate 2.0.9
stonesoft stonegate_vpn_client 2.0.9
cisco pix_firewall_software 6.2
avaya sg203 4.4
lite speed_technologies_litespeed_web_server 1.2_rc2
freebsd freebsd 5.2
cisco ios 12.2(14)sy1
cisco mds_9000 *
cisco ios 12.1(11b)e
openssl openssl 0.9.6j
lite speed_technologies_litespeed_web_server 1.0.1
cisco pix_firewall_software 6.2(3)
avaya sg5 4.2
stonesoft stonegate 1.7.1
cisco secure_content_accelerator 10000
cisco css_secure_content_accelerator 2.0
cisco pix_firewall 6.2.2_.111
neoteris instant_virtual_extranet 3.3.1
hp apache-based_web_server 2.0.43.00
avaya intuity_audix s3210
stonesoft servercluster 2.5.2
cisco pix_firewall_software 6.3(3.102)
cisco gss_4480_global_site_selector *
cisco ios 12.1(11b)e12
4d webstar 4.0
cisco pix_firewall_software 6.3(1)
symantec clientless_vpn_gateway_4400 5.0
cisco pix_firewall_software 6.1(2)
checkpoint firewall-1 next_generation_fp1
avaya sg5 4.3
cisco okena_stormwatch 3.2
stonesoft stonegate 2.0.7
openssl openssl 0.9.7
openssl openssl 0.9.6f
checkpoint vpn-1 next_generation_fp0
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco pix_firewall_software 6.1(1)
cisco firewall_services_module 1.1_(3.005)
avaya vsu 5x
dell bsafe_ssl-j 3.1
avaya s8500 r2.0.0
cisco pix_firewall_software 6.1(5)
avaya converged_communications_server 2.0
cisco pix_firewall_software 6.0(2)
avaya sg5 4.4
cisco firewall_services_module 2.1_(0.208)
cisco ios 12.2za
openssl openssl 0.9.7a
stonesoft stonegate 2.0.4
freebsd freebsd 5.1
neoteris instant_virtual_extranet 3.0
neoteris instant_virtual_extranet 3.1
openssl openssl 0.9.6g
redhat linux 7.3
vmware gsx_server 2.5.1_build_5336
sgi propack 2.4
4d webstar 5.2.2
stonesoft stonegate_vpn_client 1.7.2
securecomputing sidewinder 5.2.0.03
sco openserver 5.0.7
novell edirectory 8.5.27
cisco webns 7.10_.0.06s
cisco call_manager *
avaya s8300 r2.0.0
4d webstar 5.2.4
4d webstar 5.2.1
openssl openssl 0.9.6k
cisco ios 12.1(13)e9
novell edirectory 8.0
bluecoat cacheos_ca_sa 4.1.12
lite speed_technologies_litespeed_web_server 1.2.1
redhat openssl 0.9.7a-2
cisco ios 12.1(19)e1
openssl openssl 0.9.6h
tarantella tarantella_enterprise 3.20
stonesoft stonebeat_fullcluster 2.5
securecomputing sidewinder 5.2.1.02
cisco pix_firewall_software 6.1(3)
cisco ios 12.1(11)e
lite speed_technologies_litespeed_web_server 1.3.1
stonesoft stonegate 2.0.6
cisco ciscoworks_common_services 2.2
stonesoft stonegate_vpn_client 1.7
4d webstar 5.2
neoteris instant_virtual_extranet 3.2
lite speed_technologies_litespeed_web_server 1.2.2
hp hp-ux 8.05
openssl openssl 0.9.6e
cisco pix_firewall_software 6.3(3.109)
stonesoft stonebeat_fullcluster 2.0
novell edirectory 8.5
openbsd openbsd 3.3
redhat openssl 0.9.6-15
stonesoft stonebeat_webcluster 2.5
stonesoft stonegate 2.0.5
stonesoft stonegate 1.5.17
stonesoft stonegate 1.7
cisco gss_4490_global_site_selector *
cisco pix_firewall_software 6.1
cisco pix_firewall_software 6.2(1)
novell edirectory 8.7.1
stonesoft stonebeat_fullcluster 3.0
hp wbem a.02.00.00
cisco content_services_switch_11500 *
cisco webns 6.10_b4
vmware gsx_server 3.0_build_7592
stonesoft stonegate 2.0.1
checkpoint firewall-1 next_generation_fp0
redhat enterprise_linux_desktop 3.0
avaya s8700 r2.0.0
stonesoft stonegate 2.0.8
apple mac_os_x 10.3.3
cisco pix_firewall_software 6.3(2)
hp aaa_server *
avaya intuity_audix *
cisco css_secure_content_accelerator 1.0
apple mac_os_x_server 10.3.3
securecomputing sidewinder 5.2.0.01
redhat enterprise_linux 3.0
cisco webns 6.10
cisco css11000_content_services_switch *
avaya s8700 r2.0.1
cisco pix_firewall_software 6.3
4d webstar 5.2.3
freebsd freebsd 4.9
4d webstar 5.3
sgi propack 2.3
cisco pix_firewall_software 6.0
stonesoft stonegate 2.1
cisco webns 7.10
lite speed_technologies_litespeed_web_server 1.1
cisco ios 12.1(11b)e14
lite speed_technologies_litespeed_web_server 1.1.1
checkpoint firewall-1 next_generation_fp2
lite speed_technologies_litespeed_web_server 1.3_rc3
tarantella tarantella_enterprise 3.30
avaya vsu 7500_r2.0.1
novell edirectory 8.6.2
securecomputing sidewinder 5.2
openssl openssl 0.9.6c
hp apache-based_web_server 2.0.43.04
vmware gsx_server 2.0.1_build_2129
stonesoft stonebeat_fullcluster 1_2.0
stonesoft stonebeat_securitycluster 2.0
vmware gsx_server 2.0
cisco pix_firewall_software 6.1(4)
stonesoft stonegate_vpn_client 2.0.7
avaya vsu 2000_r2.0.1
cisco ciscoworks_common_management_foundation 2.1
redhat linux 7.2
avaya vsu 100_r2.0.1
cisco firewall_services_module 1.1.2
stonesoft stonebeat_fullcluster 1_3.0
stonesoft stonebeat_webcluster 2.0
stonesoft stonegate 2.2.1
hp hp-ux 11.23
cisco pix_firewall_software 6.2(2)
novell edirectory 8.5.12a
stonesoft stonegate 1.6.3
sun crypto_accelerator_4000 1.0
cisco webns 7.1_0.1.02
openbsd openbsd 3.4
openssl openssl 0.9.7b
cisco firewall_services_module *
avaya intuity_audix s3400
avaya vsu 10000_r2.0.1
cisco ios 12.2(14)sy
dell bsafe_ssl-j 3.0.1
stonesoft stonegate_vpn_client 2.0.8
cisco webns 7.1_0.2.06
lite speed_technologies_litespeed_web_server 1.3_rc2
hp wbem a.02.00.01
cisco firewall_services_module 1.1.3
checkpoint firewall-1 2.0
openssl openssl 0.9.6d
hp wbem a.01.05.08
bluecoat proxysg *
lite speed_technologies_litespeed_web_server 1.3_rc1
avaya vsu 500
cisco pix_firewall_software 6.0(3)
vmware gsx_server 2.5.1
hp hp-ux 11.11
novell edirectory 8.7
avaya sg200 4.4
avaya sg203 4.31.29
cisco pix_firewall_software 6.0(4.101)
hp hp-ux 11.00
stonesoft stonegate 2.2.4
lite speed_technologies_litespeed_web_server 1.2_rc1
4d webstar 5.3.1
neoteris instant_virtual_extranet 3.3
lite speed_technologies_litespeed_web_server 1.0.3
tarantella tarantella_enterprise 3.40
cisco webns 7.2_0.0.03
cisco access_registrar *
stonesoft servercluster 2.5
stonesoft stonegate 1.5.18
freebsd freebsd 4.8
avaya vsu 5000_r2.0.1
checkpoint vpn-1 next_generation_fp1
stonesoft stonegate 2.2
avaya sg208 *
cisco pix_firewall_software 6.2(3.100)
cisco pix_firewall_software 6.0(1)
cisco pix_firewall_software 6.0(4)
securecomputing sidewinder 5.2.1
cisco ios 12.2sy
avaya vsu 5
bluecoat cacheos_ca_sa 4.1.10
avaya s8300 r2.0.1
dell bsafe_ssl-j 3.0
stonesoft stonebeat_securitycluster 2.5
openssl openssl 0.9.6i
cisco threat_response *
avaya s8500 r2.0.1
redhat openssl 0.9.6b-3
CVE-2004-0081 MEDIUM

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 5.2.1
securecomputing sidewinder 5.2.0.04
checkpoint firewall-1 *
openssl openssl 0.9.7c
sgi propack 3.0
checkpoint provider-1 4.1
redhat linux 8.0
sco openserver 5.0.6
lite speed_technologies_litespeed_web_server 1.0.2
novell imanager 1.5
avaya sg200 4.31.29
cisco application_and_content_networking_software *
stonesoft stonegate 1.7.2
lite speed_technologies_litespeed_web_server 1.3
novell imanager 2.0
stonesoft stonegate 1.6.2
avaya intuity_audix 5.1.46
avaya sg208 4.4
stonesoft stonegate_vpn_client 2.0
securecomputing sidewinder 5.2.0.02
stonesoft stonegate 2.0.9
stonesoft stonegate_vpn_client 2.0.9
cisco pix_firewall_software 6.2
avaya sg203 4.4
lite speed_technologies_litespeed_web_server 1.2_rc2
freebsd freebsd 5.2
cisco ios 12.2(14)sy1
cisco mds_9000 *
cisco ios 12.1(11b)e
openssl openssl 0.9.6j
lite speed_technologies_litespeed_web_server 1.0.1
cisco pix_firewall_software 6.2(3)
avaya sg5 4.2
stonesoft stonegate 1.7.1
cisco secure_content_accelerator 10000
cisco css_secure_content_accelerator 2.0
cisco pix_firewall 6.2.2_.111
neoteris instant_virtual_extranet 3.3.1
hp apache-based_web_server 2.0.43.00
avaya intuity_audix s3210
stonesoft servercluster 2.5.2
cisco pix_firewall_software 6.3(3.102)
cisco gss_4480_global_site_selector *
cisco ios 12.1(11b)e12
4d webstar 4.0
cisco pix_firewall_software 6.3(1)
symantec clientless_vpn_gateway_4400 5.0
cisco pix_firewall_software 6.1(2)
checkpoint firewall-1 next_generation_fp1
avaya sg5 4.3
cisco okena_stormwatch 3.2
stonesoft stonegate 2.0.7
openssl openssl 0.9.7
openssl openssl 0.9.6f
checkpoint vpn-1 next_generation_fp0
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco pix_firewall_software 6.1(1)
cisco firewall_services_module 1.1_(3.005)
avaya vsu 5x
dell bsafe_ssl-j 3.1
avaya s8500 r2.0.0
cisco pix_firewall_software 6.1(5)
avaya converged_communications_server 2.0
cisco pix_firewall_software 6.0(2)
avaya sg5 4.4
cisco firewall_services_module 2.1_(0.208)
cisco ios 12.2za
openssl openssl 0.9.7a
stonesoft stonegate 2.0.4
freebsd freebsd 5.1
neoteris instant_virtual_extranet 3.0
neoteris instant_virtual_extranet 3.1
openssl openssl 0.9.6g
redhat linux 7.3
vmware gsx_server 2.5.1_build_5336
sgi propack 2.4
4d webstar 5.2.2
stonesoft stonegate_vpn_client 1.7.2
securecomputing sidewinder 5.2.0.03
sco openserver 5.0.7
novell edirectory 8.5.27
cisco webns 7.10_.0.06s
cisco call_manager *
avaya s8300 r2.0.0
4d webstar 5.2.4
4d webstar 5.2.1
openssl openssl 0.9.6k
cisco ios 12.1(13)e9
novell edirectory 8.0
bluecoat cacheos_ca_sa 4.1.12
lite speed_technologies_litespeed_web_server 1.2.1
redhat openssl 0.9.7a-2
cisco ios 12.1(19)e1
openssl openssl 0.9.6h
tarantella tarantella_enterprise 3.20
stonesoft stonebeat_fullcluster 2.5
securecomputing sidewinder 5.2.1.02
cisco pix_firewall_software 6.1(3)
cisco ios 12.1(11)e
lite speed_technologies_litespeed_web_server 1.3.1
stonesoft stonegate 2.0.6
cisco ciscoworks_common_services 2.2
stonesoft stonegate_vpn_client 1.7
4d webstar 5.2
neoteris instant_virtual_extranet 3.2
lite speed_technologies_litespeed_web_server 1.2.2
hp hp-ux 8.05
openssl openssl 0.9.6e
cisco pix_firewall_software 6.3(3.109)
stonesoft stonebeat_fullcluster 2.0
novell edirectory 8.5
openbsd openbsd 3.3
redhat openssl 0.9.6-15
stonesoft stonebeat_webcluster 2.5
stonesoft stonegate 2.0.5
stonesoft stonegate 1.5.17
stonesoft stonegate 1.7
cisco gss_4490_global_site_selector *
cisco pix_firewall_software 6.1
cisco pix_firewall_software 6.2(1)
novell edirectory 8.7.1
stonesoft stonebeat_fullcluster 3.0
hp wbem a.02.00.00
cisco content_services_switch_11500 *
cisco webns 6.10_b4
vmware gsx_server 3.0_build_7592
stonesoft stonegate 2.0.1
checkpoint firewall-1 next_generation_fp0
redhat enterprise_linux_desktop 3.0
avaya s8700 r2.0.0
stonesoft stonegate 2.0.8
apple mac_os_x 10.3.3
cisco pix_firewall_software 6.3(2)
hp aaa_server *
avaya intuity_audix *
cisco css_secure_content_accelerator 1.0
apple mac_os_x_server 10.3.3
securecomputing sidewinder 5.2.0.01
redhat enterprise_linux 3.0
cisco webns 6.10
cisco css11000_content_services_switch *
avaya s8700 r2.0.1
cisco pix_firewall_software 6.3
4d webstar 5.2.3
freebsd freebsd 4.9
4d webstar 5.3
sgi propack 2.3
cisco pix_firewall_software 6.0
stonesoft stonegate 2.1
cisco webns 7.10
lite speed_technologies_litespeed_web_server 1.1
cisco ios 12.1(11b)e14
lite speed_technologies_litespeed_web_server 1.1.1
checkpoint firewall-1 next_generation_fp2
lite speed_technologies_litespeed_web_server 1.3_rc3
tarantella tarantella_enterprise 3.30
avaya vsu 7500_r2.0.1
novell edirectory 8.6.2
securecomputing sidewinder 5.2
openssl openssl 0.9.6c
hp apache-based_web_server 2.0.43.04
checkpoint vpn-1 next_generation
vmware gsx_server 2.0.1_build_2129
stonesoft stonebeat_fullcluster 1_2.0
stonesoft stonebeat_securitycluster 2.0
vmware gsx_server 2.0
cisco pix_firewall_software 6.1(4)
stonesoft stonegate_vpn_client 2.0.7
avaya vsu 2000_r2.0.1
cisco ciscoworks_common_management_foundation 2.1
redhat linux 7.2
avaya vsu 100_r2.0.1
cisco firewall_services_module 1.1.2
stonesoft stonebeat_fullcluster 1_3.0
stonesoft stonebeat_webcluster 2.0
stonesoft stonegate 2.2.1
hp hp-ux 11.23
cisco pix_firewall_software 6.2(2)
novell edirectory 8.5.12a
stonesoft stonegate 1.6.3
sun crypto_accelerator_4000 1.0
cisco webns 7.1_0.1.02
openbsd openbsd 3.4
openssl openssl 0.9.7b
cisco firewall_services_module *
avaya intuity_audix s3400
avaya vsu 10000_r2.0.1
cisco ios 12.2(14)sy
dell bsafe_ssl-j 3.0.1
stonesoft stonegate_vpn_client 2.0.8
cisco webns 7.1_0.2.06
lite speed_technologies_litespeed_web_server 1.3_rc2
hp wbem a.02.00.01
cisco firewall_services_module 1.1.3
checkpoint firewall-1 2.0
openssl openssl 0.9.6d
hp wbem a.01.05.08
bluecoat proxysg *
lite speed_technologies_litespeed_web_server 1.3_rc1
avaya vsu 500
cisco pix_firewall_software 6.0(3)
vmware gsx_server 2.5.1
hp hp-ux 11.11
novell edirectory 8.7
avaya sg200 4.4
avaya sg203 4.31.29
cisco pix_firewall_software 6.0(4.101)
hp hp-ux 11.00
stonesoft stonegate 2.2.4
lite speed_technologies_litespeed_web_server 1.2_rc1
4d webstar 5.3.1
neoteris instant_virtual_extranet 3.3
lite speed_technologies_litespeed_web_server 1.0.3
tarantella tarantella_enterprise 3.40
cisco webns 7.2_0.0.03
cisco access_registrar *
stonesoft servercluster 2.5
stonesoft stonegate 1.5.18
freebsd freebsd 4.8
avaya vsu 5000_r2.0.1
checkpoint vpn-1 next_generation_fp1
stonesoft stonegate 2.2
avaya sg208 *
cisco pix_firewall_software 6.2(3.100)
cisco pix_firewall_software 6.0(1)
cisco pix_firewall_software 6.0(4)
securecomputing sidewinder 5.2.1
cisco ios 12.2sy
avaya vsu 5
bluecoat cacheos_ca_sa 4.1.10
avaya s8300 r2.0.1
dell bsafe_ssl-j 3.0
stonesoft stonebeat_securitycluster 2.5
openssl openssl 0.9.6i
cisco threat_response *
avaya s8500 r2.0.1
redhat openssl 0.9.6b-3