QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2004-0112

Back to search

CVE-2004-0112

Published: Mar 18, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

VendorProductVersions

n/a

n/a

affected
n/a

References

9899
vdb-entry
x_refsource_BID
SSRT4717
vendor-advisory
x_refsource_HP
RHSA-2004:121
vendor-advisory
x_refsource_REDHAT
MDKSA-2004:023
vendor-advisory
x_refsource_MANDRAKE
CLA-2004:834
vendor-advisory
x_refsource_CONECTIVA
57524
vendor-advisory
x_refsource_SUNALERT
SuSE-SA:2004:007
vendor-advisory
x_refsource_SUSE
O-101
third-party-advisory
government-resource
x_refsource_CIAC
TA04-078A
third-party-advisory
x_refsource_CERT
oval:org.mitre.oval:def:1049
vdb-entry
signature
x_refsource_OVAL
VU#484726
third-party-advisory
x_refsource_CERT-VN
GLSA-200403-03
vendor-advisory
x_refsource_GENTOO
oval:org.mitre.oval:def:9580
vdb-entry
signature
x_refsource_OVAL
11139
third-party-advisory
x_refsource_SECUNIA
RHSA-2004:120
vendor-advisory
x_refsource_REDHAT
APPLE-SA-2005-08-15
vendor-advisory
x_refsource_APPLE
SSA:2004-077
vendor-advisory
x_refsource_SLACKWARE
2004-0012
vendor-advisory
x_refsource_TRUSTIX
APPLE-SA-2005-08-17
vendor-advisory
x_refsource_APPLE
oval:org.mitre.oval:def:928
vdb-entry
signature
x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2004-0112 - Security Vulnerability | QwikSec