CVE-2004-0081

Currently unrated

Key Information:

Vendor: Cisco
Status: Firewall Services Module; Clientless Vpn Gateway 4400; Apache-based Web Server; Aaa Server
Vendor: CVE Published:; 23 November 2004

Summary

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

References

http://www.securityfocus.com/bid/9899

vdb-entryx_refsource_BID

http://www.linuxsecurity.com/advisories/engarde_advisory-...

vendor-advisoryx_refsource_ENGARDE

http://marc.info/?l=bugtraq&m=107955049331965&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Nov 23, 2004
Vulnerability Reserved
Jan 19, 2004