SecuritySpace - CVE-2002-1568

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2002-1568

Description: OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c.

Test IDs: 1.3.6.1.4.1.25623.1.0.117027

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2002-1568
Bugtraq: 20031002 New OpenSSL remote vulnerability (issue date 2003/10/02) (Google Search)
http://marc.info/?l=bugtraq&m=106511018214983
http://www.ebitech.sk/patrik/SA/SA-20031002.txt

CVE ID:	CVE-2002-1568
Description:	OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c.
Test IDs:	1.3.6.1.4.1.25623.1.0.117027
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1568 Bugtraq: 20031002 New OpenSSL remote vulnerability (issue date 2003/10/02) (Google Search) http://marc.info/?l=bugtraq&m=106511018214983 http://www.ebitech.sk/patrik/SA/SA-20031002.txt