CVE-2004-0079
- EPSS 2.06%
- Veröffentlicht 23.11.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
- EPSS 2.27%
- Veröffentlicht 23.11.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
- EPSS 0.67%
- Veröffentlicht 23.11.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a ...
CVE-2001-1176
- EPSS 2.31%
- Veröffentlicht 12.07.2001 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection.