Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2002-0659

Published: 12/08/2002 Updated: 10/09/2008
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Openssl

Vulnerability Summary

The ASN1 library in OpenSSL 0.9.6d and previous versions, and 0.9.7-beta2 and previous versions, allows remote malicious users to cause a denial of service via invalid encodings.

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl 0.9.1c

openssl openssl 0.9.2b

openssl openssl 0.9.3

oracle application server 1.0.2.1s

oracle application server 1.0.2.2

oracle corporate time outlook connector 3.1

oracle corporate time outlook connector 3.1.1

openssl openssl 0.9.6a

openssl openssl 0.9.6b

openssl openssl 0.9.6c

openssl openssl 0.9.6d

openssl openssl 0.9.4

openssl openssl 0.9.5a

openssl openssl 0.9.7

oracle application server 1.0.2

oracle corporate time outlook connector 3.1.2

oracle http server 9.0.1

openssl openssl 0.9.5

openssl openssl 0.9.6

oracle application server

oracle corporate time outlook connector 3.3

oracle http server 9.2.0

apple mac os x 10.1.3

apple mac os x 10.1.4

apple mac os x 10.1.5

apple mac os x 10.0

apple mac os x 10.0.1

apple mac os x 10.0.2

apple mac os x 10.0.3

apple mac os x 10.0.4

apple mac os x 10.1.1

apple mac os x 10.1

apple mac os x 10.1.2

Vendor Advisories

Debian Security Advisories: DSA-136-1 openssl -- multiple remote exploits
The OpenSSL development team has announced that a security audit by AL Digital Ltd and The Bunker, under the DARPA CHATS program, has revealed remotely exploitable buffer overflow conditions in the OpenSSL code Additionally, the ASN1 parser in OpenSSL has a potential DoS attack independently discovered by Adi Stav and James Yonan CAN-2002-0655 ...

Exploits

Exploit DB: OpenSSL - ASN.1 Parsing
source: wwwsecurityfocuscom/bid/8732/info Multiple vulnerabilities were reported in the ASN1 parsing code in OpenSSL Attackers could exploit these issues to cause a denial of service or to execute arbitrary code /* Brute forcer for OpenSSL ASN1 parsing bugs (<=096j <=097b) * written by Bram Matthys (Syzop) on Oct 9 2003 ...

References

NVD-CWE-Otherhttp://www.cert.org/advisories/CA-2002-23.htmlhttp://www.kb.cert.org/vuls/id/748355http://rhn.redhat.com/errata/RHSA-2002-164.htmlhttp://rhn.redhat.com/errata/RHSA-2002-161.htmlhttp://rhn.redhat.com/errata/RHSA-2002-160.htmlftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txtftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txtftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.aschttp://www.securityfocus.com/bid/5366http://www.iss.net/security_center/static/9718.phphttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000516https://nvd.nist.govhttps://www.debian.org/security/./dsa-136https://www.exploit-db.com/exploits/23199/https://www.kb.cert.org/vuls/id/748355
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook