OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability

Bugtraq ID: 5363
Class: Boundary Condition Error
CVE: CVE-2002-0656
Remote: Yes
Local: No
Published: Jul 30 2002 12:00AM
Updated: Dec 20 2007 05:11PM
Credit: Discovered independantly by John McDonald <jm@neohapsis.com> and A.L. Digital Ltd and The Bunker.
Vulnerable: SonicWALL SSL-RX 4.0 .18
SonicWALL SSL-R6 4.0 .18
SonicWALL SSL-R3 4.0 .18
SonicWALL SSL-R 4.0 .18
Securecomputing SafeWord PremierAccess 3.1
Rsa BSAFE SSL-C 2.3
Rsa BSAFE SSL-C 2.2
Rsa BSAFE SSL-C 2.1
Redhat mgetty-sendfax-1.1.14-8.i386.rpm 2.2
Oracle Oracle9i Application Server 1.0.2 .2
Oracle Oracle9i Application Server 1.0.2 .1s
Oracle Oracle9i Application Server 1.0.2
Oracle Oracle9i Application Server
Oracle Oracle HTTP Server 9.2 .0
Oracle Oracle HTTP Server 9.0.1
Oracle CorporateTime Outlook Connector 3.3
Oracle CorporateTime Outlook Connector 3.1.2
Oracle CorporateTime Outlook Connector 3.1.1
Oracle CorporateTime Outlook Connector 3.1
OpenSSL Project OpenSSL 0.9.7 beta2
OpenSSL Project OpenSSL 0.9.7 beta1
OpenSSL Project OpenSSL 0.9.6 d
OpenSSL Project OpenSSL 0.9.6 c
OpenSSL Project OpenSSL 0.9.6 b
OpenSSL Project OpenSSL 0.9.6 a
OpenSSL Project OpenSSL 0.9.6
OpenSSL Project OpenSSL 0.9.5 a
OpenSSL Project OpenSSL 0.9.5
OpenSSL Project OpenSSL 0.9.4
OpenSSL Project OpenSSL 0.9.3
OpenSSL Project OpenSSL 0.9.2 b
OpenSSL Project OpenSSL 0.9.1 c
Novell NetMail 3.10 d
Novell NetMail 3.10 c
Novell NetMail 3.10 b
Novell NetMail 3.10 a
Novell NetMail 3.10
Juniper SDX-300 3.1.1
Juniper SDX-300 3.1
Juniper JUNOS 5.6
Juniper JUNOS 5.5
Juniper JUNOS 5.4
Juniper JUNOS 5.3
Juniper JUNOS 5.2
Juniper JUNOS 5.1
Juniper JUNOS 5.0
IBM Linux Affinity Toolkit
IBM HTTP Server 1.3.19
HP Webproxy 2.0
HP Webproxy 1.0
HP VirtualVault 4.6
HP VirtualVault 4.5
HP Tru64 UNIX INTERNET EXPRESS 5.9
HP Tru64 UNIX Compaq Secure Web Server 5.8.1
HP TCP/IP Services for OpenVMS 5.3
HP Secure OS software for Linux 1.0
HP OpenVMS Secure Web Server 1.2
HP OpenVMS Secure Web Server 1.1 -1
HP OpenSSL for OpenVMS Alpha 1.0
HP INTERNET EXPRESS EAK 2.0
Gentoo Linux 1.4 _rc3
Gentoo Linux 1.4 _rc2
Gentoo Linux 1.4 _rc1
Gentoo Linux 1.2
Gentoo Linux 1.1 a
Gentoo Linux 0.7
Gentoo Linux 0.5
Covalent Fast Start Server 3.1
Covalent Enterprise Ready Server 2.2
Covalent Enterprise Ready Server 2.1
Cisco Secure Content Accelerator 10000
Apple Mac OS X Server 10.0
Apple Mac OS X 10.2
Apple Mac OS X 10.1.5
Apple Mac OS X 10.1.4
Apple Mac OS X 10.1.3
Apple Mac OS X 10.1.2
Apple Mac OS X 10.1.1
Apple Mac OS X 10.1
Apple Mac OS X 10.1
Apple Mac OS X 10.0.4
Apple Mac OS X 10.0.3
Apple Mac OS X 10.0.2
Apple Mac OS X 10.0.1
Apple Mac OS X 10.0
Apache Apache 2.0.40
Apache Apache 2.0.39
Apache Apache 2.0.38
Apache Apache 2.0.37
Apache Apache 2.0.36
Apache Apache 2.0.35
Apache Apache 2.0.34 -BETA
Apache Apache 2.0.32 -BETA
Apache Apache 2.0.32
Apache Apache 2.0.28 -BETA
Apache Apache 2.0.28 Beta
Apache Apache 2.0.28
Apache Apache 2.0
Apache Apache 1.3.26
Apache Apache 1.3.26
Apache Apache 1.3.25
Apache Apache 1.3.25
Apache Apache 1.3.24
Apache Apache 1.3.24
Apache Apache 1.3.23
Apache Apache 1.3.23
Apache Apache 1.3.22
Apache Apache 1.3.22
Apache Apache 1.3.20
Apache Apache 1.3.20
Apache Apache 1.3.19
Apache Apache 1.3.19
Apache Apache 1.3.18
Apache Apache 1.3.18
Apache Apache 1.3.17
Apache Apache 1.3.17
Apache Apache 1.3.16
Apache Apache 1.3.15
Apache Apache 1.3.14 Mac
Apache Apache 1.3.14
Apache Apache 1.3.14
Apache Apache 1.3.13
Apache Apache 1.3.12
Apache Apache 1.3.12
Apache Apache 1.3.11
Apache Apache 1.3.11
Apache Apache 1.3.9
Apache Apache 1.3.9
Apache Apache 1.3.7 -dev
Apache Apache 1.3.6
Apache Apache 1.3.6
Apache Apache 1.3.4
Apache Apache 1.3.3
Apache Apache 1.3.1
Apache Apache 1.3
Apache Apache 1.2.5
Apache Apache 1.2
Apache Apache 1.1.1
Apache Apache 1.1
Apache Apache 1.0.5
Apache Apache 1.0.3
Apache Apache 1.0.2
Apache Apache 1.0
Not Vulnerable: Rsa BSAFE SSL-J SDK 3.1
Rsa BSAFE SSL-J SDK 3.0.1
Rsa BSAFE SSL-J SDK 3.0
Rsa BSAFE SSL-C ME
OpenSSL Project OpenSSL 0.9.7 beta3
OpenSSL Project OpenSSL 0.9.6 g
OpenSSL Project OpenSSL 0.9.6 e
Novell NetMail 3.10 e
HP Tru64 UNIX Compaq Secure Web Server 5.9.2
HP Tru64 UNIX Compaq Secure Web Server 5.9.1
HP Tru64 UNIX Compaq Secure Web Server 5.8.2
HP OpenSSL for OpenVMS Alpha 1.0 -A


 

Privacy Statement
Copyright 2010, SecurityFocus