 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.112919 |
| Kategorie: | Denial of Service |
| Titel: | OpenSSL: Denial of Service in ASN.1 parsing (CVE-2003-0851) - Windows |
| Zusammenfassung: | OpenSSL is prone to a denial of service (DoS) vulnerability. |
| Beschreibung: | Summary: OpenSSL is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: A flaw in OpenSSL would cause certain ASN.1 sequences to trigger a large recursion. On platforms such as Windows this large recursion cannot be handled correctly and so the bug causes OpenSSL to crash. Vulnerability Impact: A remote attacker could exploit this flaw if they can send arbitrary ASN.1 sequences which would cause OpenSSL to crash. This could be performed for example by sending a client certificate to a SSL/TLS enabled server which is configured to accept them. Affected Software/OS: OpenSSL 0.9.6k. Solution: Update to version 0.9.6l or later. See the references for more details. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2003-0851 BugTraq ID: 8970 http://www.securityfocus.com/bid/8970 Bugtraq: 20031104 [OpenSSL Advisory] Denial of Service in ASN.1 parsing (Google Search) http://marc.info/?l=bugtraq&m=106796246511667&w=2 Bugtraq: 20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability (Google Search) http://marc.info/?l=bugtraq&m=108403850228012&w=2 CERT/CC vulnerability note: VU#412478 http://www.kb.cert.org/vuls/id/412478 Cisco Security Advisory: 20030930 SSL Implementation Vulnerabilities http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml En Garde Linux Advisory: ESA-20031104-029 http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html NETBSD Security Advisory: NetBSD-SA2004-003 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-003.txt.asc https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5528 RedHat Security Advisories: RHSA-2004:119 http://rhn.redhat.com/errata/RHSA-2004-119.html http://secunia.com/advisories/17381 SGI Security Advisory: 20040304-01-U ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc |
| Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |