National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2004-0079 Detail

Description

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

Source:  MITRE
Description Last Modified:  11/23/2004

Impact

CVSS v2.0 Severity and Metrics:

Base Score: 5.0 MEDIUM
Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) (V2 legend)
Impact Subscore: 2.9
Exploitability Subscore: 10.0


Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (AU): None
Confidentiality (C): None
Integrity (I): None
Availability (A): Partial
Additional Information:
Allows disruption of service

Vendor Statements (disclaimer)

Official Statement from Red Hat (03/14/2007)

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834
http://docs.info.apple.com/article.html?artnum=61798
http://fedoranews.org/updates/FEDORA-2004-095.shtml
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://lists.apple.com/mhonarc/security-announce/msg00045.html
http://marc.info/?l=bugtraq&m=107953412903636&w=2
http://marc.info/?l=bugtraq&m=108403806509920&w=2
http://security.gentoo.org/glsa/glsa-200403-03.xml
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524
http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm
http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US
http://www.ciac.org/ciac/bulletins/o-101.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml
http://www.debian.org/security/2004/dsa-465
http://www.kb.cert.org/vuls/id/288574 US Government Resource
http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html
http://www.mandriva.com/security/advisories?name=MDKSA-2004:023
http://www.novell.com/linux/security/advisories/2004_07_openssl.html
http://www.openssl.org/news/secadv_20040317.txt
http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html
http://www.redhat.com/support/errata/RHSA-2004-120.html
http://www.redhat.com/support/errata/RHSA-2004-121.html
http://www.redhat.com/support/errata/RHSA-2004-139.html
http://www.redhat.com/support/errata/RHSA-2005-829.html
http://www.redhat.com/support/errata/RHSA-2005-830.html
http://www.securityfocus.com/bid/9899 Vendor Advisory
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961
http://www.trustix.org/errata/2004/0012
http://www.uniras.gov.uk/vuls/2004/224012/index.htm
http://www.us-cert.gov/cas/techalerts/TA04-078A.html Third Party Advisory US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/15505
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779

References to Check Content

Identifier:
oval:org.mitre.oval:def:2621
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:2621
Identifier:
oval:org.mitre.oval:def:5770
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:5770
Identifier:
oval:org.mitre.oval:def:870
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:870
Identifier:
oval:org.mitre.oval:def:975
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:975
Identifier:
oval:org.mitre.oval:def:9779
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9779

Technical Details

Vulnerability Type (View All)

Vulnerable software and versions Switch to CPE 2.2

Configuration 1
OR
cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firewall_services_module:1.1_\(3.005\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:firewall_services_module:2.1_\(0.208\):*:*:*:*:*:*:*
cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*
cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*
cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*
Configuration 2
OR
cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*
cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*
cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*
cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*
cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*
cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*
cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*
cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*
cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*
cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*
cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*
cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*
Configuration 3
AND
OR
cpe:2.3:o:cisco:ios:12.1\(11\)e:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.1\(11b\)e:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.1\(11b\)e12:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.1\(11b\)e14:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.1\(13\)e9:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.1\(19\)e1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(14\)sy:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(14\)sy1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*
OR
cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*
cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*
cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*
cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*
cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*
cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*
cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*
cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*
cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*
cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*
cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*
cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*
cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*
cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*
cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*
cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*
cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*
cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*
Showing 100 of 252 CPEs, view all CPEs here.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

4 change records found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2004-0079
NVD Published Date:
11/23/2004
NVD Last Modified:
10/10/2017