Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2005-2969

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-18 Oct, 2005 | 04:00
Updated At-07 Aug, 2024 | 22:53
Rejected At-
Credits

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:18 Oct, 2005 | 04:00
Updated At:07 Aug, 2024 | 22:53
Rejected At:
▼CVE Numbering Authority (CNA)

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/17259
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/23915
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2005_61_openssl.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/26893
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17389
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/3056
vdb-entry
x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/2457
vdb-entry
x_refsource_VUPEN
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
x_refsource_CONFIRM
http://secunia.com/advisories/17813
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/15071
vdb-entry
x_refsource_BID
http://secunia.com/advisories/18165
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/23340
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/18123
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-881
vendor-advisory
x_refsource_DEBIAN
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
x_refsource_MISC
http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.html
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2005/2659
vdb-entry
x_refsource_VUPEN
http://www.securityfocus.com/bid/24799
vdb-entry
x_refsource_BID
http://www.debian.org/security/2005/dsa-882
vendor-advisory
x_refsource_DEBIAN
http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtml
vendor-advisory
x_refsource_CISCO
http://secunia.com/advisories/17153
third-party-advisory
x_refsource_SECUNIA
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
vendor-advisory
x_refsource_HP
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
vendor-advisory
x_refsource_TRUSTIX
http://secunia.com/advisories/17191
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2908
vdb-entry
x_refsource_VUPEN
http://securitytracker.com/id?1015032
vdb-entry
x_refsource_SECTRACK
https://issues.rpath.com/browse/RPL-1633
x_refsource_CONFIRM
http://secunia.com/advisories/17344
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/19185
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2036
vdb-entry
x_refsource_VUPEN
http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txt
x_refsource_MISC
http://secunia.com/advisories/17589
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2710
vdb-entry
x_refsource_VUPEN
http://www.vupen.com/english/advisories/2005/3002
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/31492
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17466
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0629.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/17146
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17169
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/35287
vdb-entry
x_refsource_XF
http://www.vupen.com/english/advisories/2007/0343
vdb-entry
x_refsource_VUPEN
http://support.avaya.com/elmodocs2/security/ASA-2006-031.htm
x_refsource_CONFIRM
http://secunia.com/advisories/23280
third-party-advisory
x_refsource_SECUNIA
http://docs.info.apple.com/article.html?artnum=302847
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/23843
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17189
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21827
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17288
third-party-advisory
x_refsource_SECUNIA
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
vendor-advisory
x_refsource_HP
ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf
x_refsource_MISC
http://www.mandriva.com/security/advisories?name=MDKSA-2005:179
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/17632
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0326
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/17409
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/25973
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11454
vdb-entry
signature
x_refsource_OVAL
http://secunia.com/advisories/17888
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17210
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-875
vendor-advisory
x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2006/3531
vdb-entry
x_refsource_VUPEN
http://www.openssl.org/news/secadv_20051011.txt
x_refsource_CONFIRM
http://secunia.com/advisories/17178
third-party-advisory
x_refsource_SECUNIA
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
vendor-advisory
x_refsource_HP
http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html
x_refsource_CONFIRM
http://secunia.com/advisories/17432
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17180
third-party-advisory
x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1
vendor-advisory
x_refsource_SUNALERT
http://www.securityfocus.com/bid/15647
vdb-entry
x_refsource_BID
http://secunia.com/advisories/17335
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-762.html
vendor-advisory
x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-800.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/17151
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/18663
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17617
third-party-advisory
x_refsource_SECUNIA
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
vendor-advisory
x_refsource_HP
http://secunia.com/advisories/18045
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17259
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/23915
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/2005_61_openssl.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/26893
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17389
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2005/3056
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2007/2457
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/17813
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/15071
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/18165
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/23340
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/18123
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2005/dsa-881
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
Resource:
x_refsource_MISC
Hyperlink: http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2005/2659
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.securityfocus.com/bid/24799
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.debian.org/security/2005/dsa-882
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtml
Resource:
vendor-advisory
x_refsource_CISCO
Hyperlink: http://secunia.com/advisories/17153
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
Resource:
vendor-advisory
x_refsource_TRUSTIX
Hyperlink: http://secunia.com/advisories/17191
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2005/2908
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://securitytracker.com/id?1015032
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://issues.rpath.com/browse/RPL-1633
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/17344
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/19185
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2005/2036
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txt
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/17589
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2005/2710
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2005/3002
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/31492
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17466
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0629.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/17146
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17169
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/35287
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.vupen.com/english/advisories/2007/0343
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-031.htm
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/23280
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://docs.info.apple.com/article.html?artnum=302847
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/23843
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17189
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21827
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17288
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf
Resource:
x_refsource_MISC
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:179
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/17632
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/0326
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/17409
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/25973
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11454
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://secunia.com/advisories/17888
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17210
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2005/dsa-875
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.vupen.com/english/advisories/2006/3531
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.openssl.org/news/secadv_20051011.txt
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/17178
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/17432
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17180
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://www.securityfocus.com/bid/15647
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/17335
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-762.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-800.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/17151
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/18663
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17617
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://secunia.com/advisories/18045
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/17259
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/23915
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.novell.com/linux/security/advisories/2005_61_openssl.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/26893
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17389
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2005/3056
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vupen.com/english/advisories/2007/2457
vdb-entry
x_refsource_VUPEN
x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/17813
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/15071
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/18165
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/23340
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/18123
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2005/dsa-881
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
x_refsource_MISC
x_transferred
http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.html
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2005/2659
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.securityfocus.com/bid/24799
vdb-entry
x_refsource_BID
x_transferred
http://www.debian.org/security/2005/dsa-882
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtml
vendor-advisory
x_refsource_CISCO
x_transferred
http://secunia.com/advisories/17153
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
vendor-advisory
x_refsource_HP
x_transferred
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
vendor-advisory
x_refsource_TRUSTIX
x_transferred
http://secunia.com/advisories/17191
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2005/2908
vdb-entry
x_refsource_VUPEN
x_transferred
http://securitytracker.com/id?1015032
vdb-entry
x_refsource_SECTRACK
x_transferred
https://issues.rpath.com/browse/RPL-1633
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/17344
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/19185
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2005/2036
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txt
x_refsource_MISC
x_transferred
http://secunia.com/advisories/17589
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2005/2710
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vupen.com/english/advisories/2005/3002
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/31492
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17466
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0629.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/17146
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17169
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/35287
vdb-entry
x_refsource_XF
x_transferred
http://www.vupen.com/english/advisories/2007/0343
vdb-entry
x_refsource_VUPEN
x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2006-031.htm
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/23280
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://docs.info.apple.com/article.html?artnum=302847
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/23843
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17189
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21827
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17288
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
vendor-advisory
x_refsource_HP
x_transferred
ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf
x_refsource_MISC
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2005:179
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/17632
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/0326
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/17409
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/25973
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11454
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://secunia.com/advisories/17888
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17210
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2005/dsa-875
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.vupen.com/english/advisories/2006/3531
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.openssl.org/news/secadv_20051011.txt
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/17178
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
vendor-advisory
x_refsource_HP
x_transferred
http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/17432
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17180
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://www.securityfocus.com/bid/15647
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/17335
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-762.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-800.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/17151
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/18663
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17617
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
vendor-advisory
x_refsource_HP
x_transferred
http://secunia.com/advisories/18045
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17259
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/23915
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2005_61_openssl.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/26893
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17389
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2005/3056
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2457
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/17813
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/15071
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/18165
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/23340
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/18123
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2005/dsa-881
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2005/2659
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/24799
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.debian.org/security/2005/dsa-882
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtml
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: http://secunia.com/advisories/17153
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
Resource:
vendor-advisory
x_refsource_TRUSTIX
x_transferred
Hyperlink: http://secunia.com/advisories/17191
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2005/2908
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://securitytracker.com/id?1015032
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-1633
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/17344
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/19185
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2005/2036
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/17589
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2005/2710
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2005/3002
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/31492
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17466
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0629.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/17146
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17169
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/35287
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/0343
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-031.htm
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/23280
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://docs.info.apple.com/article.html?artnum=302847
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/23843
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17189
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21827
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17288
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:179
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/17632
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/0326
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/17409
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/25973
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11454
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://secunia.com/advisories/17888
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17210
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2005/dsa-875
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/3531
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.openssl.org/news/secadv_20051011.txt
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/17178
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/17432
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17180
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://www.securityfocus.com/bid/15647
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/17335
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-762.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-800.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/17151
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/18663
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17617
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://secunia.com/advisories/18045
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:18 Oct, 2005 | 21:02
Updated At:03 Apr, 2025 | 01:03

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N
CPE Matches
OpenSSL
openssl
>>openssl>>0.9.7
cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>0.9.7a
cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>0.9.7b
cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>0.9.7c
cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>0.9.7d
cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>0.9.7e
cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>0.9.7f
cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>0.9.7g
cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>0.9.8
cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-03-14T00:00:00

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References
HyperlinkSourceResource
ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdfsecalert@redhat.com
N/A
http://docs.info.apple.com/article.html?artnum=302847secalert@redhat.com
N/A
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100secalert@redhat.com
N/A
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100secalert@redhat.com
N/A
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540secalert@redhat.com
N/A
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540secalert@redhat.com
N/A
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.htmlsecalert@redhat.com
N/A
http://secunia.com/advisories/17146secalert@redhat.com
N/A
http://secunia.com/advisories/17151secalert@redhat.com
N/A
http://secunia.com/advisories/17153secalert@redhat.com
N/A
http://secunia.com/advisories/17169secalert@redhat.com
N/A
http://secunia.com/advisories/17178secalert@redhat.com
N/A
http://secunia.com/advisories/17180secalert@redhat.com
N/A
http://secunia.com/advisories/17189secalert@redhat.com
N/A
http://secunia.com/advisories/17191secalert@redhat.com
N/A
http://secunia.com/advisories/17210secalert@redhat.com
N/A
http://secunia.com/advisories/17259secalert@redhat.com
N/A
http://secunia.com/advisories/17288secalert@redhat.com
N/A
http://secunia.com/advisories/17335secalert@redhat.com
N/A
http://secunia.com/advisories/17344secalert@redhat.com
N/A
http://secunia.com/advisories/17389secalert@redhat.com
N/A
http://secunia.com/advisories/17409secalert@redhat.com
N/A
http://secunia.com/advisories/17432secalert@redhat.com
N/A
http://secunia.com/advisories/17466secalert@redhat.com
N/A
http://secunia.com/advisories/17589secalert@redhat.com
N/A
http://secunia.com/advisories/17617secalert@redhat.com
N/A
http://secunia.com/advisories/17632secalert@redhat.com
N/A
http://secunia.com/advisories/17813secalert@redhat.com
N/A
http://secunia.com/advisories/17888secalert@redhat.com
N/A
http://secunia.com/advisories/18045secalert@redhat.com
N/A
http://secunia.com/advisories/18123secalert@redhat.com
N/A
http://secunia.com/advisories/18165secalert@redhat.com
N/A
http://secunia.com/advisories/18663secalert@redhat.com
N/A
http://secunia.com/advisories/19185secalert@redhat.com
N/A
http://secunia.com/advisories/21827secalert@redhat.com
N/A
http://secunia.com/advisories/23280secalert@redhat.com
N/A
http://secunia.com/advisories/23340secalert@redhat.com
N/A
http://secunia.com/advisories/23843secalert@redhat.com
N/A
http://secunia.com/advisories/23915secalert@redhat.com
N/A
http://secunia.com/advisories/25973secalert@redhat.com
N/A
http://secunia.com/advisories/26893secalert@redhat.com
N/A
http://secunia.com/advisories/31492secalert@redhat.com
N/A
http://securitytracker.com/id?1015032secalert@redhat.com
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1secalert@redhat.com
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-031.htmsecalert@redhat.com
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htmsecalert@redhat.com
N/A
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754secalert@redhat.com
N/A
http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtmlsecalert@redhat.com
N/A
http://www.debian.org/security/2005/dsa-875secalert@redhat.com
N/A
http://www.debian.org/security/2005/dsa-881secalert@redhat.com
N/A
http://www.debian.org/security/2005/dsa-882secalert@redhat.com
N/A
http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.htmlsecalert@redhat.com
N/A
http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.htmlsecalert@redhat.com
N/A
http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txtsecalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2005:179secalert@redhat.com
N/A
http://www.novell.com/linux/security/advisories/2005_61_openssl.htmlsecalert@redhat.com
N/A
http://www.openssl.org/news/secadv_20051011.txtsecalert@redhat.com
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-762.htmlsecalert@redhat.com
N/A
http://www.redhat.com/support/errata/RHSA-2005-800.htmlsecalert@redhat.com
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0629.htmlsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/15071secalert@redhat.com
N/A
http://www.securityfocus.com/bid/15647secalert@redhat.com
N/A
http://www.securityfocus.com/bid/24799secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2005/2036secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2005/2659secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2005/2710secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2005/2908secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2005/3002secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2005/3056secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2006/3531secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2007/0326secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2007/0343secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2007/2457secalert@redhat.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/35287secalert@redhat.com
N/A
https://issues.rpath.com/browse/RPL-1633secalert@redhat.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11454secalert@redhat.com
N/A
ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdfaf854a3a-2127-422b-91ae-364da2661108
N/A
http://docs.info.apple.com/article.html?artnum=302847af854a3a-2127-422b-91ae-364da2661108
N/A
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100af854a3a-2127-422b-91ae-364da2661108
N/A
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100af854a3a-2127-422b-91ae-364da2661108
N/A
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540af854a3a-2127-422b-91ae-364da2661108
N/A
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17146af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17151af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17153af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17169af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17178af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17180af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17189af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17191af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17210af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17259af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17288af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17335af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17344af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17389af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17409af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17432af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17466af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17589af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17617af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17632af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17813af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17888af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/18045af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/18123af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/18165af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/18663af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/19185af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21827af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/23280af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/23340af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/23843af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/23915af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/25973af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/26893af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/31492af854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1015032af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-031.htmaf854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htmaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2005/dsa-875af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2005/dsa-881af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2005/dsa-882af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txtaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2005:179af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2005_61_openssl.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openssl.org/news/secadv_20051011.txtaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-762.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2005-800.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0629.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/15071af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/15647af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/24799af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2005/2036af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2005/2659af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2005/2710af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2005/2908af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2005/3002af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2005/3056af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/3531af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/0326af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/0343af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/2457af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/35287af854a3a-2127-422b-91ae-364da2661108
N/A
https://issues.rpath.com/browse/RPL-1633af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11454af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://docs.info.apple.com/article.html?artnum=302847
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17146
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17151
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17153
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17169
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17178
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17180
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17189
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17191
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17210
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17259
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17288
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17335
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17344
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17389
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17409
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17432
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17466
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17589
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17617
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17632
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17813
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/17888
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/18045
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/18123
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/18165
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/18663
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/19185
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/21827
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/23280
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/23340
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/23843
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/23915
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/25973
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/26893
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/31492
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://securitytracker.com/id?1015032
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-031.htm
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtml
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-875
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-881
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-882
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txt
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:179
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2005_61_openssl.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.openssl.org/news/secadv_20051011.txt
Source: secalert@redhat.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-762.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-800.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0629.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/15071
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/15647
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/24799
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/2036
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/2659
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/2710
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/2908
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/3002
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/3056
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/3531
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/0326
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/0343
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/2457
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/35287
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-1633
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11454
Source: secalert@redhat.com
Resource: N/A
Hyperlink: ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://docs.info.apple.com/article.html?artnum=302847
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17146
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17151
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17153
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17169
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17178
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17180
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17189
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17191
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17210
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17259
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17288
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17335
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17344
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17389
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17409
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17432
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17466
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17589
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17617
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17632
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17813
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17888
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/18045
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/18123
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/18165
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/18663
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/19185
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21827
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/23280
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/23340
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/23843
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/23915
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/25973
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/26893
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/31492
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1015032
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-031.htm
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-875
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-881
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-882
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:179
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2005_61_openssl.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openssl.org/news/secadv_20051011.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-762.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-800.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0629.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/15071
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/15647
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/24799
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/2036
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/2659
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/2710
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/2908
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/3002
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2005/3056
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/3531
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/0326
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/0343
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/2457
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/35287
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-1633
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11454
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

9Records found
CVE-2015-0205
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-13.88% / 94.05%
||
7 Day CHG~0.00%
Published-09 Jan, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support.

Action-Not Available
Vendor-n/aOpenSSL
Product-openssln/a
CVE-2014-8275
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-5||MEDIUM
EPSS-6.61% / 90.80%
||
7 Day CHG~0.00%
Published-09 Jan, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c.

Action-Not Available
Vendor-n/aOpenSSL
Product-openssln/a
CVE-2014-3572
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-4.96% / 89.25%
||
7 Day CHG~0.00%
Published-09 Jan, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message.

Action-Not Available
Vendor-n/aOpenSSL
Product-openssln/a
CVE-2017-3735
Matching Score-8
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-8
Assigner-OpenSSL Software Foundation
CVSS Score-5.3||MEDIUM
EPSS-26.74% / 96.16%
||
7 Day CHG+1.68%
Published-28 Aug, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

Action-Not Available
Vendor-OpenSSLDebian GNU/Linux
Product-openssldebian_linuxOpenSSL
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-7042
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.49% / 64.46%
||
7 Day CHG~0.00%
Published-27 Feb, 2020 | 17:30
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (only a malformed certificate may be accepted).

Action-Not Available
Vendor-openfortivpn_projectn/aOpenSSLopenSUSEFedora Project
Product-opensslfedorabackports_sleopenfortivpnleapn/a
CWE ID-CWE-295
Improper Certificate Validation
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2020-7041
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.93% / 75.11%
||
7 Day CHG~0.00%
Published-27 Feb, 2020 | 17:29
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.

Action-Not Available
Vendor-openfortivpn_projectn/aOpenSSLopenSUSEFedora Project
Product-opensslfedorabackports_sleopenfortivpnleapn/a
CWE ID-CWE-295
Improper Certificate Validation
CVE-2005-2946
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.57%
||
7 Day CHG~0.00%
Published-16 Sep, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.

Action-Not Available
Vendor-n/aCanonical Ltd.OpenSSL
Product-opensslubuntu_linuxn/a
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2011-3207
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-2.47% / 84.66%
||
7 Day CHG~0.00%
Published-22 Sep, 2011 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.

Action-Not Available
Vendor-n/aOpenSSL
Product-openssln/a
CVE-2000-0535
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.45% / 62.55%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.

Action-Not Available
Vendor-n/aOpenSSLFreeBSD Foundation
Product-opensslfreebsdn/a
Details not found