|
|
OpenSSL SSLv2 Client_Master_Key Remote Denial Of Service Vulnerability
|
Bugtraq ID:
|
8746
|
|
Class:
|
Failure to Handle Exceptional Conditions
|
|
CVE:
|
CAN-2002-1568
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Oct 02 2003 12:00AM
|
|
Updated:
|
Oct 02 2003 12:00AM
|
|
Credit:
|
Discovery of this vulnerability has been credited to Patrik Hornik <patrik.hornik@ebitech.sk>.
|
|
Vulnerable:
|
RedHat openssl096-0.9.6-6.i386.rpm
+
RedHat Linux 7.2 i386
RedHat openssl096-0.9.6-6.i386.rpm
+
RedHat Linux 7.3 i386
RedHat openssl096-0.9.6-11.i386.rpm
+
RedHat Linux 8.0 i386
RedHat openssl095a-0.9.5a-16.i386.rpm
+
RedHat Linux 8.0 i386
RedHat openssl095a-0.9.5a-11.i386.rpm
+
RedHat Linux 7.2 i386
RedHat openssl095a-0.9.5a-11.i386.rpm
+
RedHat Linux 7.3 i386
RedHat openssl-python-0.9.6-3.i386.rpm
+
RedHat Linux 7.1 i386
RedHat openssl-python-0.9.5a-14.i386.rpm
+
RedHat Linux 7.0 i386
RedHat openssl-perl-0.9.6b-8.i386.rpm
+
RedHat Linux 7.2 i386
RedHat openssl-perl-0.9.6b-29.i386.rpm
+
RedHat Linux 8.0 i386
RedHat openssl-perl-0.9.6b-18.i386.rpm
+
RedHat Linux 7.3 i386
RedHat openssl-perl-0.9.6-3.i386.rpm
+
RedHat Linux 7.1 i386
RedHat openssl-perl-0.9.5a-14.i386.rpm
+
RedHat Linux 7.0 i386
RedHat openssl-devel-0.9.6b-8.i386.rpm
+
RedHat Linux 7.2 i386
RedHat openssl-devel-0.9.6b-29.i386.rpm
+
RedHat Linux 8.0 i386
RedHat openssl-devel-0.9.6b-18.i386.rpm
+
RedHat Linux 7.3 i386
RedHat openssl-devel-0.9.6-3.i386.rpm
+
RedHat Linux 7.1 i386
RedHat openssl-devel-0.9.5a-14.i386.rpm
+
RedHat Linux 7.0 i386
RedHat openssl-0.9.6b-8.i386.rpm
+
RedHat Linux 7.2 i386
RedHat openssl-0.9.6b-29.i386.rpm
+
RedHat Linux 8.0 i386
RedHat openssl-0.9.6b-18.i386.rpm
+
RedHat Linux 7.3 i386
RedHat openssl-0.9.6-3.i386.rpm
+
RedHat Linux 7.1 i386
RedHat openssl-0.9.5a-14.i386.rpm
+
RedHat Linux 7.0 i386
OpenSSL Project OpenSSL 0.9.6 e
+
FreeBSD FreeBSD 4.6 -RELEASE
+
FreeBSD FreeBSD 4.6
OpenSSL Project OpenSSL 0.9.6 d
+
Slackware Linux 8.1
OpenSSL Project OpenSSL 0.9.6 c
+
Conectiva Linux 8.0
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0
+
MandrakeSoft Linux Mandrake 8.2
+
S.u.S.E. Linux 8.0 i386
+
S.u.S.E. Linux 8.0
OpenSSL Project OpenSSL 0.9.6 b
+
MandrakeSoft Linux Mandrake 8.1 ia64
+
MandrakeSoft Linux Mandrake 8.1
+
OpenBSD OpenBSD 3.1
+
OpenBSD OpenBSD 3.0
+
RedHat Enterprise Linux AS 2.1 IA64
+
RedHat Enterprise Linux AS 2.1
+
RedHat Enterprise Linux ES 2.1 IA64
+
RedHat Enterprise Linux ES 2.1
+
RedHat Enterprise Linux WS 2.1 IA64
+
RedHat Enterprise Linux WS 2.1
+
RedHat Linux 7.3 i386
+
RedHat Linux 7.3
+
RedHat Linux 7.2 ia64
+
RedHat Linux 7.2 i686
+
RedHat Linux 7.2 i386
+
RedHat Linux 7.2
+
RedHat Linux Advanced Work Station 2.1
+
S.u.S.E. Linux 7.3 sparc
+
S.u.S.E. Linux 7.3 ppc
+
S.u.S.E. Linux 7.3 i386
+
S.u.S.E. Linux Connectivity Server
+
S.u.S.E. Linux Database Server 0
+
S.u.S.E. Linux Enterprise Server 7
+
S.u.S.E. Linux Firewall on CD
+
S.u.S.E. Office Server
+
S.u.S.E. SuSE eMail Server III
+
Sun Linux 5.0.7
+
Sun Linux 5.0.6
+
Sun Linux 5.0.5
+
Sun Linux 5.0.3
+
Sun Linux 5.0
OpenSSL Project OpenSSL 0.9.6 a
+
Conectiva Linux 7.0
+
NetBSD NetBSD 1.5.3
+
NetBSD NetBSD 1.5.2
+
NetBSD NetBSD 1.5.1
+
NetBSD NetBSD 1.5
+
S.u.S.E. Linux 7.2 i386
+
S.u.S.E. Linux 7.1 sparc
+
S.u.S.E. Linux 7.1 ppc
+
S.u.S.E. Linux 7.1 alpha
+
S.u.S.E. Linux 7.1
OpenSSL Project OpenSSL 0.9.6
+
Caldera OpenLinux Server 3.1.1
+
Caldera OpenLinux Server 3.1
+
Caldera OpenLinux Workstation 3.1.1
+
Caldera OpenLinux Workstation 3.1
+
Conectiva Linux 6.0
+
EnGarde Secure Linux 1.0.1
+
HP Secure OS software for Linux 1.0
+
MandrakeSoft Linux Mandrake 8.0 ppc
+
MandrakeSoft Linux Mandrake 8.0
+
NetBSD NetBSD 1.6 beta
+
NetBSD NetBSD 1.6
+
NetBSD NetBSD 1.5.3
+
NetBSD NetBSD 1.5.2
+
NetBSD NetBSD 1.5.1
+
NetBSD NetBSD 1.5
+
OpenBSD OpenBSD 2.9
+
OpenPKG OpenPKG 1.0
+
RedHat Linux 7.3 i386
+
RedHat Linux 7.3
+
RedHat Linux 7.2 i386
+
RedHat Linux 7.2 alpha
+
RedHat Linux 7.1 i386
+
RedHat Linux 7.1 alpha
+
RedHat Linux 7.0 sparc
+
RedHat Linux 7.0 i386
+
RedHat Linux 7.0 alpha
+
Trustix Secure Linux 1.5
+
Trustix Secure Linux 1.2
+
Trustix Secure Linux 1.1
IBM HTTP Server 1.3.28
IBM HTTP Server 1.3.26 .2
IBM HTTP Server 1.3.26 .1
IBM HTTP Server 1.3.26
IBM HTTP Server 1.3.19 .5
IBM HTTP Server 1.3.19 .4
IBM HTTP Server 1.3.19 .3
IBM HTTP Server 1.3.19 .2
IBM HTTP Server 1.3.19 .1
IBM HTTP Server 1.3.19
-
HP HP-UX 11.0
-
IBM AIX 4.3.3
-
Microsoft Windows NT 4.0 SP6a
-
Microsoft Windows NT 4.0 SP5
-
Microsoft Windows NT 4.0 SP4
-
RedHat Linux 7.1
-
S.u.S.E. Linux 7.1
-
Sun Solaris 7.0
-
Sun Solaris 2.6
IBM HTTP Server 1.3.12 .7
IBM HTTP Server 1.3.12 .6
IBM HTTP Server 1.3.12 .5
IBM HTTP Server 1.3.12 .4
-
IBM AIX 4.3.3
-
IBM AIX 5.1
-
RedHat Linux 7.1
-
S.u.S.E. Linux 7.2
IBM HTTP Server 1.3.12 .3
-
HP HP-UX 11.0
-
Microsoft Windows NT 4.0 SP6a
-
Microsoft Windows NT 4.0 SP5
-
Microsoft Windows NT 4.0 SP4
-
Sun Solaris 8
-
Sun Solaris 7.0
-
Sun Solaris 2.6
IBM HTTP Server 1.3.12 .2
-
Caldera OpenLinux 2.4
-
Caldera OpenLinux 2.3
-
HP HP-UX 11.0
-
IBM AIX 4.3.3
-
Microsoft Windows NT 4.0
-
RedHat Linux 6.2 sparc
-
Sun Solaris 2.6
-
Turbolinux Turbolinux 6.0
IBM HTTP Server 1.3.12 .1
IBM HTTP Server 1.3.12
|
|
|
|
Not Vulnerable:
|
OpenSSL Project OpenSSL 0.9.6 k
+
BlueCoat Systems CacheOS CA/SA 4.1.10
+
BlueCoat Systems Security Gateway OS 3.1
+
BlueCoat Systems Security Gateway OS 3.0
+
BlueCoat Systems Security Gateway OS 2.1.5001 SP1
+
BlueCoat Systems Security Gateway OS 2.1.9
+
BlueCoat Systems Security Gateway OS 2.0
+
Slackware Linux 8.1
OpenSSL Project OpenSSL 0.9.6 j
OpenSSL Project OpenSSL 0.9.6 i
+
HP Apache-Based Web Server 1.3.27 .01
+
HP Apache-Based Web Server 1.3.27 .00
+
HP HP-UX Apache-Based Web Server 1.0.1 .01
+
HP HP-UX Apache-Based Web Server 1.0 .07.01
+
HP HP-UX Apache-Based Web Server 1.0 .06.02
+
HP HP-UX Apache-Based Web Server 1.0 .06.01
+
HP HP-UX Apache-Based Web Server 1.0 .05.01
+
HP HP-UX Apache-Based Web Server 1.0 .04.01
+
HP HP-UX Apache-Based Web Server 1.0 .03.01
+
HP HP-UX Apache-Based Web Server 1.0 .02.01
+
HP HP-UX Apache-Based Web Server 1.0 .01
+
MandrakeSoft Corporate Server 2.1 x86_64
+
MandrakeSoft Corporate Server 2.1
+
MandrakeSoft Linux Mandrake 9.1 ppc
+
MandrakeSoft Linux Mandrake 9.1
+
MandrakeSoft Linux Mandrake 9.0
+
S.u.S.E. Linux Personal 8.2
OpenSSL Project OpenSSL 0.9.6 h
OpenSSL Project OpenSSL 0.9.6 g
+
Conectiva Linux Enterprise Edition 1.0
+
FreeBSD FreeBSD 4.7 -RELEASE
+
FreeBSD FreeBSD 4.7
+
HP Apache-Based Web Server 2.0.43 .04
+
HP Apache-Based Web Server 2.0.43 .00
+
HP Webmin-Based Admin 1.0 .01
+
Immunix Immunix OS 7+
+
NetBSD NetBSD 1.6
+
OpenPKG OpenPKG 1.1
OpenSSL Project OpenSSL 0.9.6 f
|
|
|
