Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2004-0112

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

Published

2004-11-23T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-125

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Hardware	cisco	firewall_services_module	*	Yes
Hardware	cisco	firewall_services_module	1.1.2	Yes
Hardware	cisco	firewall_services_module	1.1.3	Yes
Hardware	cisco	firewall_services_module	1.1_\(3.005\)	Yes
Hardware	cisco	firewall_services_module	2.1_\(0.208\)	Yes
Hardware	hp	aaa_server	*	Yes
Hardware	hp	apache-based_web_server	2.0.43.00	Yes
Hardware	hp	apache-based_web_server	2.0.43.04	Yes
Hardware	symantec	clientless_vpn_gateway_4400	5.0	Yes
Application	cisco	ciscoworks_common_management_foundation	2.1	Yes
Application	cisco	ciscoworks_common_services	2.2	Yes
Hardware	avaya	converged_communications_server	2.0	Yes
Hardware	avaya	sg200	4.4	Yes
Hardware	avaya	sg200	4.31.29	Yes
Hardware	avaya	sg203	4.4	Yes
Hardware	avaya	sg203	4.31.29	Yes
Hardware	avaya	sg208	*	Yes
Hardware	avaya	sg208	4.4	Yes
Hardware	avaya	sg5	4.2	Yes
Hardware	avaya	sg5	4.3	Yes
Hardware	avaya	sg5	4.4	Yes
Operating System	apple	mac_os_x	10.3.3	Yes
Operating System	apple	mac_os_x_server	10.3.3	Yes
Operating System	freebsd	freebsd	4.8	Yes
Operating System	freebsd	freebsd	4.8	Yes
Operating System	freebsd	freebsd	4.9	Yes
Operating System	freebsd	freebsd	5.1	Yes
Operating System	freebsd	freebsd	5.1	Yes
Operating System	freebsd	freebsd	5.1	Yes
Operating System	freebsd	freebsd	5.2	Yes
Operating System	freebsd	freebsd	5.2.1	Yes
Operating System	hp	hp-ux	8.05	Yes
Operating System	hp	hp-ux	11.00	Yes
Operating System	hp	hp-ux	11.11	Yes
Operating System	hp	hp-ux	11.23	Yes
Operating System	openbsd	openbsd	3.3	Yes
Operating System	openbsd	openbsd	3.4	Yes
Operating System	redhat	enterprise_linux	3.0	Yes
Operating System	redhat	enterprise_linux	3.0	Yes
Operating System	redhat	enterprise_linux	3.0	Yes
Operating System	redhat	enterprise_linux_desktop	3.0	Yes
Operating System	redhat	linux	7.2	Yes
Operating System	redhat	linux	7.3	Yes
Operating System	redhat	linux	8.0	Yes
Operating System	sco	openserver	5.0.6	Yes
Operating System	sco	openserver	5.0.7	Yes
Operating System	cisco	ios	12.1\(11\)e	Yes
Operating System	cisco	ios	12.1\(11b\)e	Yes
Operating System	cisco	ios	12.1\(11b\)e12	Yes
Operating System	cisco	ios	12.1\(11b\)e14	Yes
Operating System	cisco	ios	12.1\(13\)e9	Yes
Operating System	cisco	ios	12.1\(19\)e1	Yes
Operating System	cisco	ios	12.2\(14\)sy	Yes
Operating System	cisco	ios	12.2\(14\)sy1	Yes
Operating System	cisco	ios	12.2sy	Yes
Operating System	cisco	ios	12.2za	Yes
Application	4d	webstar	4.0	Yes
Application	4d	webstar	5.2	Yes
Application	4d	webstar	5.2.1	Yes
Application	4d	webstar	5.2.2	Yes
Application	4d	webstar	5.2.3	Yes
Application	4d	webstar	5.2.4	Yes
Application	4d	webstar	5.3	Yes
Application	4d	webstar	5.3.1	Yes
Application	avaya	intuity_audix	*	Yes
Application	avaya	intuity_audix	5.1.46	Yes
Application	avaya	intuity_audix	s3210	Yes
Application	avaya	intuity_audix	s3400	Yes
Application	avaya	vsu	5	Yes
Application	avaya	vsu	5x	Yes
Application	avaya	vsu	100_r2.0.1	Yes
Application	avaya	vsu	500	Yes
Application	avaya	vsu	2000_r2.0.1	Yes
Application	avaya	vsu	5000_r2.0.1	Yes
Application	avaya	vsu	7500_r2.0.1	Yes
Application	avaya	vsu	10000_r2.0.1	Yes
Application	checkpoint	firewall-1	*	Yes
Application	checkpoint	firewall-1	2.0	Yes
Application	checkpoint	firewall-1	next_generation_fp0	Yes
Application	checkpoint	firewall-1	next_generation_fp1	Yes
Application	checkpoint	firewall-1	next_generation_fp2	Yes
Application	checkpoint	provider-1	4.1	Yes
Application	checkpoint	provider-1	4.1	Yes
Application	checkpoint	provider-1	4.1	Yes
Application	checkpoint	provider-1	4.1	Yes
Application	checkpoint	provider-1	4.1	Yes
Application	checkpoint	vpn-1	next_generation_fp0	Yes
Application	checkpoint	vpn-1	next_generation_fp1	Yes
Application	checkpoint	vpn-1	next_generation_fp2	Yes
Application	checkpoint	vpn-1	vsx_ng_with_application_intelligence	Yes
Application	cisco	access_registrar	*	Yes
Application	cisco	application_and_content_networking_software	*	Yes
Application	cisco	css_secure_content_accelerator	1.0	Yes
Application	cisco	css_secure_content_accelerator	2.0	Yes
Application	cisco	css11000_content_services_switch	*	Yes
Application	cisco	okena_stormwatch	3.2	Yes
Application	cisco	pix_firewall	6.2.2_.111	Yes
Application	cisco	threat_response	*	Yes
Application	cisco	webns	6.10	Yes
Application	cisco	webns	6.10_b4	Yes
Application	cisco	webns	7.1_0.1.02	Yes
Application	cisco	webns	7.1_0.2.06	Yes
Application	cisco	webns	7.2_0.0.03	Yes
Application	cisco	webns	7.10	Yes
Application	cisco	webns	7.10_.0.06s	Yes
Application	dell	bsafe_ssl-j	3.0	Yes
Application	dell	bsafe_ssl-j	3.0.1	Yes
Application	dell	bsafe_ssl-j	3.1	Yes
Application	forcepoint	stonegate	1.5.17	Yes
Application	forcepoint	stonegate	1.5.18	Yes
Application	forcepoint	stonegate	1.6.2	Yes
Application	forcepoint	stonegate	1.6.3	Yes
Application	forcepoint	stonegate	1.7	Yes
Application	forcepoint	stonegate	1.7.1	Yes
Application	forcepoint	stonegate	1.7.2	Yes
Application	forcepoint	stonegate	2.0.1	Yes
Application	forcepoint	stonegate	2.0.4	Yes
Application	forcepoint	stonegate	2.0.5	Yes
Application	forcepoint	stonegate	2.0.6	Yes
Application	forcepoint	stonegate	2.0.7	Yes
Application	forcepoint	stonegate	2.0.8	Yes
Application	forcepoint	stonegate	2.0.9	Yes
Application	forcepoint	stonegate	2.1	Yes
Application	forcepoint	stonegate	2.2	Yes
Application	forcepoint	stonegate	2.2.1	Yes
Application	forcepoint	stonegate	2.2.4	Yes
Application	hp	wbem	a.01.05.08	Yes
Application	hp	wbem	a.02.00.00	Yes
Application	hp	wbem	a.02.00.01	Yes
Application	litespeedtech	litespeed_web_server	1.0.1	Yes
Application	litespeedtech	litespeed_web_server	1.0.2	No
Application	litespeedtech	litespeed_web_server	1.0.3	No
Application	litespeedtech	litespeed_web_server	1.1	No
Application	litespeedtech	litespeed_web_server	1.1.1	No
Application	litespeedtech	litespeed_web_server	1.2	No
Application	litespeedtech	litespeed_web_server	1.2	No
Application	litespeedtech	litespeed_web_server	1.2.1	No
Application	litespeedtech	litespeed_web_server	1.2.2	No
Application	litespeedtech	litespeed_web_server	1.3	No
Application	litespeedtech	litespeed_web_server	1.3	No
Application	litespeedtech	litespeed_web_server	1.3	No
Application	litespeedtech	litespeed_web_server	1.3	No
Application	neoteris	instant_virtual_extranet	3.0	Yes
Application	neoteris	instant_virtual_extranet	3.1	Yes
Application	neoteris	instant_virtual_extranet	3.2	Yes
Application	neoteris	instant_virtual_extranet	3.3	Yes
Application	neoteris	instant_virtual_extranet	3.3.1	Yes
Application	novell	edirectory	8.0	Yes
Application	novell	edirectory	8.5	Yes
Application	novell	edirectory	8.5.12a	Yes
Application	novell	edirectory	8.5.27	Yes
Application	novell	edirectory	8.6.2	Yes
Application	novell	edirectory	8.7	Yes
Application	novell	edirectory	8.7.1	Yes
Application	novell	edirectory	8.7.1	Yes
Application	novell	imanager	1.5	Yes
Application	novell	imanager	2.0	Yes
Application	openssl	openssl	0.9.6c	Yes
Application	openssl	openssl	0.9.6d	Yes
Application	openssl	openssl	0.9.6e	Yes
Application	openssl	openssl	0.9.6f	Yes
Application	openssl	openssl	0.9.6g	Yes
Application	openssl	openssl	0.9.6h	Yes
Application	openssl	openssl	0.9.6i	Yes
Application	openssl	openssl	0.9.6j	Yes
Application	openssl	openssl	0.9.6k	Yes
Application	openssl	openssl	0.9.7	Yes
Application	openssl	openssl	0.9.7	Yes
Application	openssl	openssl	0.9.7	Yes
Application	openssl	openssl	0.9.7	Yes
Application	openssl	openssl	0.9.7a	Yes
Application	openssl	openssl	0.9.7b	Yes
Application	openssl	openssl	0.9.7c	Yes
Application	redhat	openssl	0.9.6-15	Yes
Application	redhat	openssl	0.9.6b-3	Yes
Application	redhat	openssl	0.9.7a-2	Yes
Application	redhat	openssl	0.9.7a-2	Yes
Application	redhat	openssl	0.9.7a-2	Yes
Application	sgi	propack	2.3	Yes
Application	sgi	propack	2.4	Yes
Application	sgi	propack	3.0	Yes
Application	stonesoft	servercluster	2.5	Yes
Application	stonesoft	servercluster	2.5.2	Yes
Application	stonesoft	stonebeat_fullcluster	1_2.0	Yes
Application	stonesoft	stonebeat_fullcluster	1_3.0	Yes
Application	stonesoft	stonebeat_fullcluster	2.0	Yes
Application	stonesoft	stonebeat_fullcluster	2.5	Yes
Application	stonesoft	stonebeat_fullcluster	3.0	Yes
Application	stonesoft	stonebeat_securitycluster	2.0	Yes
Application	stonesoft	stonebeat_securitycluster	2.5	Yes
Application	stonesoft	stonebeat_webcluster	2.0	Yes
Application	stonesoft	stonebeat_webcluster	2.5	Yes
Application	tarantella	tarantella_enterprise	3.20	Yes
Application	tarantella	tarantella_enterprise	3.30	Yes
Application	tarantella	tarantella_enterprise	3.40	Yes
Application	vmware	gsx_server	2.0	Yes
Application	vmware	gsx_server	2.0.1_build_2129	Yes
Application	vmware	gsx_server	2.5.1	Yes
Application	vmware	gsx_server	2.5.1_build_5336	Yes
Application	vmware	gsx_server	3.0_build_7592	Yes
Hardware	avaya	s8300	r2.0.0	Yes
Hardware	avaya	s8300	r2.0.1	Yes
Hardware	avaya	s8500	r2.0.0	Yes
Hardware	avaya	s8500	r2.0.1	Yes
Hardware	avaya	s8700	r2.0.0	Yes
Hardware	avaya	s8700	r2.0.1	Yes
Hardware	bluecoat	proxysg	*	Yes
Hardware	cisco	call_manager	*	Yes
Hardware	cisco	content_services_switch_11500	*	Yes
Hardware	cisco	gss_4480_global_site_selector	*	Yes
Hardware	cisco	gss_4490_global_site_selector	*	Yes
Hardware	cisco	mds_9000	*	Yes
Hardware	cisco	secure_content_accelerator	10000	Yes
Hardware	securecomputing	sidewinder	5.2	Yes
Hardware	securecomputing	sidewinder	5.2.0.01	Yes
Hardware	securecomputing	sidewinder	5.2.0.02	Yes
Hardware	securecomputing	sidewinder	5.2.0.03	Yes
Hardware	securecomputing	sidewinder	5.2.0.04	Yes
Hardware	securecomputing	sidewinder	5.2.1	Yes
Hardware	securecomputing	sidewinder	5.2.1.02	Yes
Hardware	sun	crypto_accelerator_4000	1.0	Yes
Operating System	bluecoat	cacheos_ca_sa	4.1.10	Yes
Operating System	bluecoat	cacheos_ca_sa	4.1.12	Yes
Operating System	cisco	pix_firewall_software	6.0	Yes
Operating System	cisco	pix_firewall_software	6.0\(1\)	Yes
Operating System	cisco	pix_firewall_software	6.0\(2\)	Yes
Operating System	cisco	pix_firewall_software	6.0\(3\)	Yes
Operating System	cisco	pix_firewall_software	6.0\(4\)	Yes
Operating System	cisco	pix_firewall_software	6.0\(4.101\)	Yes
Operating System	cisco	pix_firewall_software	6.1	Yes
Operating System	cisco	pix_firewall_software	6.1\(1\)	Yes
Operating System	cisco	pix_firewall_software	6.1\(2\)	Yes
Operating System	cisco	pix_firewall_software	6.1\(3\)	Yes
Operating System	cisco	pix_firewall_software	6.1\(4\)	Yes
Operating System	cisco	pix_firewall_software	6.1\(5\)	Yes
Operating System	cisco	pix_firewall_software	6.2	Yes
Operating System	cisco	pix_firewall_software	6.2\(1\)	Yes
Operating System	cisco	pix_firewall_software	6.2\(2\)	Yes
Operating System	cisco	pix_firewall_software	6.2\(3\)	Yes
Operating System	cisco	pix_firewall_software	6.2\(3.100\)	Yes
Operating System	cisco	pix_firewall_software	6.3	Yes
Operating System	cisco	pix_firewall_software	6.3\(1\)	Yes
Operating System	cisco	pix_firewall_software	6.3\(2\)	Yes
Operating System	cisco	pix_firewall_software	6.3\(3.102\)	Yes
Operating System	cisco	pix_firewall_software	6.3\(3.109\)	Yes

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc Broken Link ([email protected])
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt Broken Link ([email protected])
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 Broken Link ([email protected])
http://docs.info.apple.com/article.html?artnum=61798 Broken Link ([email protected])
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html Mailing List ([email protected])
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html Mailing List ([email protected])
http://lists.apple.com/mhonarc/security-announce/msg00045.html Broken Link ([email protected])
http://marc.info/?l=bugtraq&m=107953412903636&w=2 Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=108403806509920&w=2 Mailing List, Third Party Advisory ([email protected])
http://secunia.com/advisories/11139 Broken Link ([email protected])
http://security.gentoo.org/glsa/glsa-200403-03.xml Third Party Advisory ([email protected])
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524 Broken Link ([email protected])
http://www.ciac.org/ciac/bulletins/o-101.shtml Broken Link ([email protected])
http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml Broken Link ([email protected])
http://www.kb.cert.org/vuls/id/484726 Third Party Advisory, US Government Resource ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2004:023 Third Party Advisory ([email protected])
http://www.novell.com/linux/security/advisories/2004_07_openssl.html Broken Link ([email protected])
http://www.openssl.org/news/secadv_20040317.txt Broken Link ([email protected])
http://www.redhat.com/support/errata/RHSA-2004-120.html Broken Link ([email protected])
http://www.redhat.com/support/errata/RHSA-2004-121.html Broken Link ([email protected])
http://www.securityfocus.com/bid/9899 Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory ([email protected])
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961 Broken Link ([email protected])
http://www.trustix.org/errata/2004/0012 Broken Link ([email protected])
http://www.uniras.gov.uk/vuls/2004/224012/index.htm Broken Link ([email protected])
http://www.us-cert.gov/cas/techalerts/TA04-078A.html Broken Link, Third Party Advisory, US Government Resource ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/15508 Third Party Advisory, VDB Entry ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049 Broken Link ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928 Broken Link ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580 Broken Link ([email protected])
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc Broken Link (af854a3a-2127-422b-91ae-364da2661108)
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://docs.info.apple.com/article.html?artnum=61798 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/mhonarc/security-announce/msg00045.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=107953412903636&w=2 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=108403806509920&w=2 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/11139 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200403-03.xml Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.ciac.org/ciac/bulletins/o-101.shtml Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/484726 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2004:023 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2004_07_openssl.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.openssl.org/news/secadv_20040317.txt Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2004-120.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2004-121.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/9899 Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.trustix.org/errata/2004/0012 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.uniras.gov.uk/vuls/2004/224012/index.htm Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA04-078A.html Broken Link, Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15508 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580 Broken Link (af854a3a-2127-422b-91ae-364da2661108)