ByteOS Network

CVE Vulnerability Details :

CVE-2005-2969

PUBLISHED

More Info Official Page

Assigner-redhat

Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749

Published At-18 Oct, 2005 | 04:00

Updated At-07 Aug, 2024 | 22:53

▼CVE Numbering Authority (CNA)

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

References

Hyperlink	Resource
http://secunia.com/advisories/17259	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/23915	third-party-advisory x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2005_61_openssl.html	vendor-advisory x_refsource_SUSE
http://secunia.com/advisories/26893	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/17389	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/3056	vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/2457	vdb-entry x_refsource_VUPEN
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm	x_refsource_CONFIRM
http://secunia.com/advisories/17813	third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/bid/15071	vdb-entry x_refsource_BID
http://secunia.com/advisories/18165	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/23340	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/18123	third-party-advisory x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-881	vendor-advisory x_refsource_DEBIAN
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754	x_refsource_MISC
http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.html	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2005/2659	vdb-entry x_refsource_VUPEN
http://www.securityfocus.com/bid/24799	vdb-entry x_refsource_BID
http://www.debian.org/security/2005/dsa-882	vendor-advisory x_refsource_DEBIAN
http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtml	vendor-advisory x_refsource_CISCO
http://secunia.com/advisories/17153	third-party-advisory x_refsource_SECUNIA
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540	vendor-advisory x_refsource_HP
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html	vendor-advisory x_refsource_TRUSTIX
http://secunia.com/advisories/17191	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2908	vdb-entry x_refsource_VUPEN
http://securitytracker.com/id?1015032	vdb-entry x_refsource_SECTRACK
https://issues.rpath.com/browse/RPL-1633	x_refsource_CONFIRM
http://secunia.com/advisories/17344	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/19185	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2036	vdb-entry x_refsource_VUPEN
http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txt	x_refsource_MISC
http://secunia.com/advisories/17589	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2710	vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2005/3002	vdb-entry x_refsource_VUPEN
http://secunia.com/advisories/31492	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/17466	third-party-advisory x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0629.html	vendor-advisory x_refsource_REDHAT
http://secunia.com/advisories/17146	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/17169	third-party-advisory x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/35287	vdb-entry x_refsource_XF
http://www.vupen.com/english/advisories/2007/0343	vdb-entry x_refsource_VUPEN
http://support.avaya.com/elmodocs2/security/ASA-2006-031.htm	x_refsource_CONFIRM
http://secunia.com/advisories/23280	third-party-advisory x_refsource_SECUNIA
http://docs.info.apple.com/article.html?artnum=302847	vendor-advisory x_refsource_APPLE
http://secunia.com/advisories/23843	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/17189	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21827	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/17288	third-party-advisory x_refsource_SECUNIA
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540	vendor-advisory x_refsource_HP
ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf	x_refsource_MISC
http://www.mandriva.com/security/advisories?name=MDKSA-2005:179	vendor-advisory x_refsource_MANDRIVA
http://secunia.com/advisories/17632	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0326	vdb-entry x_refsource_VUPEN
http://secunia.com/advisories/17409	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/25973	third-party-advisory x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11454	vdb-entry signature x_refsource_OVAL
http://secunia.com/advisories/17888	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/17210	third-party-advisory x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-875	vendor-advisory x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2006/3531	vdb-entry x_refsource_VUPEN
http://www.openssl.org/news/secadv_20051011.txt	x_refsource_CONFIRM
http://secunia.com/advisories/17178	third-party-advisory x_refsource_SECUNIA
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100	vendor-advisory x_refsource_HP
http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html	x_refsource_CONFIRM
http://secunia.com/advisories/17432	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/17180	third-party-advisory x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1	vendor-advisory x_refsource_SUNALERT
http://www.securityfocus.com/bid/15647	vdb-entry x_refsource_BID
http://secunia.com/advisories/17335	third-party-advisory x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-762.html	vendor-advisory x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-800.html	vendor-advisory x_refsource_REDHAT
http://secunia.com/advisories/17151	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/18663	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/17617	third-party-advisory x_refsource_SECUNIA
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100	vendor-advisory x_refsource_HP
http://secunia.com/advisories/18045	third-party-advisory x_refsource_SECUNIA

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://secunia.com/advisories/17259	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/23915	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.novell.com/linux/security/advisories/2005_61_openssl.html	vendor-advisory x_refsource_SUSE x_transferred
http://secunia.com/advisories/26893	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/17389	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2005/3056	vdb-entry x_refsource_VUPEN x_transferred
http://www.vupen.com/english/advisories/2007/2457	vdb-entry x_refsource_VUPEN x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/17813	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.securityfocus.com/bid/15071	vdb-entry x_refsource_BID x_transferred
http://secunia.com/advisories/18165	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/23340	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/18123	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.debian.org/security/2005/dsa-881	vendor-advisory x_refsource_DEBIAN x_transferred
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754	x_refsource_MISC x_transferred
http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.html	x_refsource_CONFIRM x_transferred
http://www.vupen.com/english/advisories/2005/2659	vdb-entry x_refsource_VUPEN x_transferred
http://www.securityfocus.com/bid/24799	vdb-entry x_refsource_BID x_transferred
http://www.debian.org/security/2005/dsa-882	vendor-advisory x_refsource_DEBIAN x_transferred
http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtml	vendor-advisory x_refsource_CISCO x_transferred
http://secunia.com/advisories/17153	third-party-advisory x_refsource_SECUNIA x_transferred
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540	vendor-advisory x_refsource_HP x_transferred
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html	vendor-advisory x_refsource_TRUSTIX x_transferred
http://secunia.com/advisories/17191	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2005/2908	vdb-entry x_refsource_VUPEN x_transferred
http://securitytracker.com/id?1015032	vdb-entry x_refsource_SECTRACK x_transferred
https://issues.rpath.com/browse/RPL-1633	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/17344	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/19185	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2005/2036	vdb-entry x_refsource_VUPEN x_transferred
http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txt	x_refsource_MISC x_transferred
http://secunia.com/advisories/17589	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2005/2710	vdb-entry x_refsource_VUPEN x_transferred
http://www.vupen.com/english/advisories/2005/3002	vdb-entry x_refsource_VUPEN x_transferred
http://secunia.com/advisories/31492	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/17466	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0629.html	vendor-advisory x_refsource_REDHAT x_transferred
http://secunia.com/advisories/17146	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/17169	third-party-advisory x_refsource_SECUNIA x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/35287	vdb-entry x_refsource_XF x_transferred
http://www.vupen.com/english/advisories/2007/0343	vdb-entry x_refsource_VUPEN x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2006-031.htm	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/23280	third-party-advisory x_refsource_SECUNIA x_transferred
http://docs.info.apple.com/article.html?artnum=302847	vendor-advisory x_refsource_APPLE x_transferred
http://secunia.com/advisories/23843	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/17189	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/21827	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/17288	third-party-advisory x_refsource_SECUNIA x_transferred
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540	vendor-advisory x_refsource_HP x_transferred
ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf	x_refsource_MISC x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2005:179	vendor-advisory x_refsource_MANDRIVA x_transferred
http://secunia.com/advisories/17632	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2007/0326	vdb-entry x_refsource_VUPEN x_transferred
http://secunia.com/advisories/17409	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/25973	third-party-advisory x_refsource_SECUNIA x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11454	vdb-entry signature x_refsource_OVAL x_transferred
http://secunia.com/advisories/17888	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/17210	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.debian.org/security/2005/dsa-875	vendor-advisory x_refsource_DEBIAN x_transferred
http://www.vupen.com/english/advisories/2006/3531	vdb-entry x_refsource_VUPEN x_transferred
http://www.openssl.org/news/secadv_20051011.txt	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/17178	third-party-advisory x_refsource_SECUNIA x_transferred
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100	vendor-advisory x_refsource_HP x_transferred
http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/17432	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/17180	third-party-advisory x_refsource_SECUNIA x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1	vendor-advisory x_refsource_SUNALERT x_transferred
http://www.securityfocus.com/bid/15647	vdb-entry x_refsource_BID x_transferred
http://secunia.com/advisories/17335	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.redhat.com/support/errata/RHSA-2005-762.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.redhat.com/support/errata/RHSA-2005-800.html	vendor-advisory x_refsource_REDHAT x_transferred
http://secunia.com/advisories/17151	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/18663	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/17617	third-party-advisory x_refsource_SECUNIA x_transferred
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100	vendor-advisory x_refsource_HP x_transferred
http://secunia.com/advisories/18045	third-party-advisory x_refsource_SECUNIA x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References