CVE-2004-0079

Published: Mar 18, 2004

Modified: Jan 16, 2025

PUBLISHED

Description

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

9899

vdb-entry

x_refsource_BID

FEDORA-2005-1042

vendor-advisory

x_refsource_FEDORA

ESA-20040317-003

vendor-advisory

x_refsource_ENGARDE

SSRT4717

vendor-advisory

x_refsource_HP

RHSA-2004:121

vendor-advisory

x_refsource_REDHAT

MDKSA-2004:023

vendor-advisory

x_refsource_MANDRAKE

oval:org.mitre.oval:def:2621

vdb-entry

signature

x_refsource_OVAL

CLA-2004:834

vendor-advisory

x_refsource_CONECTIVA

17381

third-party-advisory

x_refsource_SECUNIA

http://www.uniras.gov.uk/vuls/2004/224012/index.htm

x_refsource_MISC

FEDORA-2004-095

vendor-advisory

x_refsource_FEDORA

oval:org.mitre.oval:def:9779

vdb-entry

signature

x_refsource_OVAL

oval:org.mitre.oval:def:975

vdb-entry

signature

x_refsource_OVAL

57524

vendor-advisory

x_refsource_SUNALERT

SuSE-SA:2004:007

vendor-advisory

x_refsource_SUSE

http://lists.apple.com/mhonarc/security-announce/msg00045.html

x_refsource_CONFIRM

http://www.openssl.org/news/secadv_20040317.txt

x_refsource_CONFIRM

O-101

third-party-advisory

government-resource

x_refsource_CIAC

TA04-078A

third-party-advisory

x_refsource_CERT

17401

third-party-advisory

x_refsource_SECUNIA

RHSA-2005:829

vendor-advisory

x_refsource_REDHAT

http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm

x_refsource_CONFIRM

oval:org.mitre.oval:def:870

vdb-entry

signature

x_refsource_OVAL

RHSA-2005:830

vendor-advisory

x_refsource_REDHAT

GLSA-200403-03

vendor-advisory

x_refsource_GENTOO

11139

third-party-advisory

x_refsource_SECUNIA

RHSA-2004:120

vendor-advisory

x_refsource_REDHAT

20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]

mailing-list

x_refsource_BUGTRAQ

http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US

x_refsource_CONFIRM

APPLE-SA-2005-08-15

vendor-advisory

x_refsource_APPLE

17398

third-party-advisory

x_refsource_SECUNIA

SSA:2004-077

vendor-advisory

x_refsource_SLACKWARE

RHSA-2004:139

vendor-advisory

x_refsource_REDHAT

openssl-dochangecipherspec-dos(15505)

vdb-entry

x_refsource_XF

2004-0012

vendor-advisory

x_refsource_TRUSTIX

20040317 Cisco OpenSSL Implementation Vulnerability

vendor-advisory

x_refsource_CISCO

http://docs.info.apple.com/article.html?artnum=61798

x_refsource_CONFIRM

VU#288574

third-party-advisory

x_refsource_CERT-VN

DSA-465

vendor-advisory

x_refsource_DEBIAN

APPLE-SA-2005-08-17

vendor-advisory

x_refsource_APPLE

18247

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:5770

vdb-entry

signature

x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2004-0079

Description

Affected Products

References