4.3

CVE-2006-4343

The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenSSLOpenSSL Version0.9.7
OpenSSLOpenSSL Version0.9.7a
OpenSSLOpenSSL Version0.9.7b
OpenSSLOpenSSL Version0.9.7c
OpenSSLOpenSSL Version0.9.7d
OpenSSLOpenSSL Version0.9.7e
OpenSSLOpenSSL Version0.9.7f
OpenSSLOpenSSL Version0.9.7g
OpenSSLOpenSSL Version0.9.7h
OpenSSLOpenSSL Version0.9.7i
OpenSSLOpenSSL Version0.9.7j
OpenSSLOpenSSL Version0.9.7k
OpenSSLOpenSSL Version0.9.8
OpenSSLOpenSSL Version0.9.8a
OpenSSLOpenSSL Version0.9.8b
OpenSSLOpenSSL Version0.9.8c
DebianDebian Linux Version3.1
CanonicalUbuntu Linux Version5.04
CanonicalUbuntu Linux Version5.10
CanonicalUbuntu Linux Version6.06 SwEditionlts
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 17.42% 0.967
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

http://secunia.com/advisories/23794
Third Party Advisory
http://securitytracker.com/id?1017522
Third Party Advisory
VDB Entry
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
Third Party Advisory
http://www.securityfocus.com/bid/22083
Third Party Advisory
VDB Entry
http://marc.info/?l=bugtraq&m=130497311408250&w=2
Third Party Advisory
Mailing List
http://secunia.com/advisories/23680
Third Party Advisory
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
Third Party Advisory
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
Third Party Advisory
http://secunia.com/advisories/31492
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0629.html
Third Party Advisory
http://openvpn.net/changelog.html
Third Party Advisory
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
Broken Link
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
Broken Link
http://secunia.com/advisories/23280
Third Party Advisory
http://secunia.com/advisories/23340
Third Party Advisory
http://secunia.com/advisories/23915
Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
Third Party Advisory
http://www.vupen.com/english/advisories/2007/0343
Third Party Advisory
Permissions Required
http://docs.info.apple.com/article.html?artnum=304829
Third Party Advisory
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/23155
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2006/4750
Third Party Advisory
Permissions Required
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
Third Party Advisory
http://secunia.com/advisories/22487
Third Party Advisory
http://www.securityfocus.com/archive/1/456546/100/200/threaded
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
Third Party Advisory
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
Third Party Advisory
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
Third Party Advisory
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
Broken Link
http://secunia.com/advisories/26329
Third Party Advisory
http://www.vupen.com/english/advisories/2007/2783
Third Party Advisory
Permissions Required
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/22259
Third Party Advisory
http://secunia.com/advisories/22260
Third Party Advisory
http://secunia.com/advisories/22284
Third Party Advisory
http://secunia.com/advisories/22758
Third Party Advisory
http://secunia.com/advisories/22799
Third Party Advisory
http://secunia.com/advisories/24950
Third Party Advisory
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
Third Party Advisory
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
Broken Link
http://www.securityfocus.com/archive/1/489739/100/0/threaded
http://www.securityfocus.com/bid/28276
Third Party Advisory
VDB Entry
http://www.serv-u.com/releasenotes/
Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
Third Party Advisory
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
Third Party Advisory
http://www.vmware.com/support/player/doc/releasenotes_player.html
Third Party Advisory
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
Third Party Advisory
http://www.vmware.com/support/server/doc/releasenotes_server.html
Third Party Advisory
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
Third Party Advisory
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
Third Party Advisory
http://www.vupen.com/english/advisories/2006/3936
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2006/4417
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2007/1401
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2008/0905/references
Third Party Advisory
Permissions Required
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Broken Link
http://secunia.com/advisories/22298
Third Party Advisory
http://www.novell.com/linux/security/advisories/2006_24_sr.html
Broken Link
http://secunia.com/advisories/22116
Third Party Advisory
http://secunia.com/advisories/23038
Third Party Advisory
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
Broken Link
http://www.trustix.org/errata/2006/0054
Broken Link
http://www.vupen.com/english/advisories/2006/4401
Third Party Advisory
Permissions Required
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc
Third Party Advisory
http://issues.rpath.com/browse/RPL-613
Broken Link
http://kolab.org/security/kolab-vendor-notice-11.txt
Broken Link
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html
Third Party Advisory
Mailing List
http://openbsd.org/errata.html#openssl2
Third Party Advisory
http://secunia.com/advisories/22094
Third Party Advisory
http://secunia.com/advisories/22130
Third Party Advisory
http://secunia.com/advisories/22165
Third Party Advisory
http://secunia.com/advisories/22166
Third Party Advisory
http://secunia.com/advisories/22172
Third Party Advisory
http://secunia.com/advisories/22186
Third Party Advisory
http://secunia.com/advisories/22193
Third Party Advisory
http://secunia.com/advisories/22207
Third Party Advisory
http://secunia.com/advisories/22212
Third Party Advisory
http://secunia.com/advisories/22216
Third Party Advisory
http://secunia.com/advisories/22220
Third Party Advisory
http://secunia.com/advisories/22240
Third Party Advisory
http://secunia.com/advisories/22330
Third Party Advisory
http://secunia.com/advisories/22385
Third Party Advisory
http://secunia.com/advisories/22460
Third Party Advisory
http://secunia.com/advisories/22544
Third Party Advisory
http://secunia.com/advisories/22626
Third Party Advisory
http://secunia.com/advisories/22772
Third Party Advisory
http://secunia.com/advisories/23309
Third Party Advisory
http://secunia.com/advisories/25889
Third Party Advisory
http://secunia.com/advisories/30124
Third Party Advisory
http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200610-11.xml
Third Party Advisory
http://securitytracker.com/id?1016943
Third Party Advisory
VDB Entry
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946
Third Party Advisory
Mailing List
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm
Third Party Advisory
http://www.debian.org/security/2006/dsa-1185
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:172
Third Party Advisory
http://www.novell.com/linux/security/advisories/2006_58_openssl.html
Broken Link
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html
Third Party Advisory
http://www.openssl.org/news/secadv_20060928.txt
Patch
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0695.html
Third Party Advisory
http://www.securityfocus.com/archive/1/447318/100/0/threaded
http://www.securityfocus.com/archive/1/447393/100/0/threaded
http://www.ubuntu.com/usn/usn-353-1
Third Party Advisory
http://www.vupen.com/english/advisories/2006/3820
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2006/3860
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2006/3869
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2006/3902
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2006/4036
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2006/4264
Third Party Advisory
Permissions Required
http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf
Third Party Advisory
http://secunia.com/advisories/22500
Third Party Advisory
http://www.debian.org/security/2006/dsa-1195
Third Party Advisory
http://secunia.com/advisories/22791
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1
Broken Link
http://www.vupen.com/english/advisories/2006/4443
Third Party Advisory
Permissions Required
http://secunia.com/advisories/25420
Third Party Advisory
http://www.ingate.com/relnote-452.php
Broken Link
http://www.kb.cert.org/vuls/id/386964
Patch
Third Party Advisory
US Government Resource
http://www.osvdb.org/29263
Broken Link
http://www.securityfocus.com/bid/20246
Patch
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2007/1973
Third Party Advisory
Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/29240
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10207
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4356
Third Party Advisory
https://www.exploit-db.com/exploits/4773
Third Party Advisory
VDB Entry