Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2006-4343

Published: 28/09/2006 Updated: 17/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 440
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Openssl

Vulnerability Summary

The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl 0.9.7f

openssl openssl 0.9.7g

openssl openssl 0.9.8b

openssl openssl 0.9.8c

openssl openssl 0.9.7a

openssl openssl 0.9.7b

openssl openssl 0.9.7c

openssl openssl 0.9.7j

openssl openssl 0.9.7k

openssl openssl 0.9.7d

openssl openssl 0.9.7e

openssl openssl 0.9.8

openssl openssl 0.9.8a

openssl openssl 0.9.7

openssl openssl 0.9.7h

openssl openssl 0.9.7i

debian debian linux 3.1

canonical ubuntu linux 5.04

canonical ubuntu linux 5.10

canonical ubuntu linux 6.06

Vendor Advisories

Debian CVElist Bug Report Logs: Security: OpenSSL Security Advisory [28th September 2006]
Debian Bug report logs - #389940 Security: OpenSSL Security Advisory [28th September 2006] Package: openssl; Maintainer for openssl is Debian OpenSSL Team <pkg-openssl-devel@listsaliothdebianorg>; Source for openssl is src:openssl (PTS, buildd, popcon) Reported by: "debian-bts@spamblocknetzgehirnde" <debian-bts@spamb ...
Ubuntu Security Notice: openssl vulnerabilities
Dr Henson of the OpenSSL core team and Open Network Security discovered a mishandled error condition in the ASN1 parser By sending specially crafted packet data, a remote attacker could exploit this to trigger an infinite loop, which would render the service unusable and consume all available system memory (CVE-2006-2937) ...
Debian Security Advisories: DSA-1195-1 openssl096 -- denial of service (multiple)
Multiple vulnerabilities have been discovered in the OpenSSL cryptographic software package that could allow an attacker to launch a denial of service attack by exhausting system resources or crashing processes on a victim's computer CVE-2006-3738 Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overfl ...
Debian Security Advisories: DSA-1185-2 openssl -- denial of service
The fix used to correct CVE-2006-2940 introduced code that could lead to the use of uninitialized memory Such use is likely to cause the application using the openssl library to crash, and has the potential to allow an attacker to cause the execution of arbitrary code For reference please find below the original advisory text: Multiple vulnerabi ...

Exploits

Exploit DB: openssl-dos.txt
OpenSSL versions below 097l and 098d SSLv2 client crash exploit ...
Exploit DB: OpenSSL SSLv2 - Null Pointer Dereference Client Denial of Service
source: wwwsecurityfocuscom/bid/20246/info OpenSSL is prone to a denial-of-service vulnerability A malicious server could cause a vulnerable client application to crash, effectively denying service #!/usr/bin/perl # Copyright(c) Beyond Security # Written by Noam Rathaus - based on beSTORM's SSL Server module # Exploits vulnerability C ...
Exploit DB: OpenSSL < 0.9.7l/0.9.8d - SSLv2 Client Crash
#!/usr/bin/perl # Copyright(c) Beyond Security # Written by Noam Rathaus - based on beSTORM's SSL Server module # Exploits vulnerability CVE-2006-4343 - where the SSL client can be crashed by special SSL serverhello response use strict; use IO::Socket; my $sock = new IO::Socket::INET ( LocalPort =&gt; '443', Proto =&gt; 'tcp', Listen =&gt; 1, Reus ...

References

CWE-476http://www.openssl.org/news/secadv_20060928.txthttp://www.kb.cert.org/vuls/id/386964http://www.securityfocus.com/bid/20246http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.htmlhttp://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.aschttp://www.redhat.com/support/errata/RHSA-2006-0695.htmlhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946http://www.ubuntu.com/usn/usn-353-1http://secunia.com/advisories/22130http://secunia.com/advisories/22094http://secunia.com/advisories/22165http://secunia.com/advisories/22186http://secunia.com/advisories/22193http://secunia.com/advisories/22207http://secunia.com/advisories/22259http://secunia.com/advisories/22260http://kolab.org/security/kolab-vendor-notice-11.txthttp://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.htmlhttp://www.novell.com/linux/security/advisories/2006_58_openssl.htmlhttp://www.trustix.org/errata/2006/0054http://securitytracker.com/id?1016943http://secunia.com/advisories/22166http://secunia.com/advisories/22172http://secunia.com/advisories/22212http://secunia.com/advisories/22240http://secunia.com/advisories/22216http://secunia.com/advisories/22116http://secunia.com/advisories/22220http://openvpn.net/changelog.htmlhttp://www.serv-u.com/releasenotes/http://openbsd.org/errata.html#openssl2http://secunia.com/advisories/22284http://secunia.com/advisories/22330http://support.avaya.com/elmodocs2/security/ASA-2006-220.htmhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1http://www.novell.com/linux/security/advisories/2006_24_sr.htmlhttp://www.osvdb.org/29263http://secunia.com/advisories/22385http://secunia.com/advisories/22460http://security.gentoo.org/glsa/glsa-200610-11.xmlhttp://secunia.com/advisories/22500http://secunia.com/advisories/22544ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.aschttp://secunia.com/advisories/22626http://secunia.com/advisories/22487http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtmlhttp://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.htmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1http://secunia.com/advisories/22758http://secunia.com/advisories/22799http://secunia.com/advisories/22791http://secunia.com/advisories/22772http://secunia.com/advisories/23038http://docs.info.apple.com/article.html?artnum=304829http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.htmlhttp://www.us-cert.gov/cas/techalerts/TA06-333A.htmlhttp://secunia.com/advisories/23155http://secunia.com/advisories/22298http://support.avaya.com/elmodocs2/security/ASA-2006-260.htmhttp://www.gentoo.org/security/en/glsa/glsa-200612-11.xmlhttp://secunia.com/advisories/23309http://secunia.com/advisories/23280http://secunia.com/advisories/23340http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.htmlhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.htmlhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.htmlhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.htmlhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.htmlhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.htmlhttp://secunia.com/advisories/23680http://secunia.com/advisories/23794http://securitytracker.com/id?1017522http://secunia.com/advisories/23915http://secunia.com/advisories/24950http://www.ingate.com/relnote-452.phphttp://issues.rpath.com/browse/RPL-613http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdfhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:172http://www.mandriva.com/security/advisories?name=MDKSA-2006:177http://www.mandriva.com/security/advisories?name=MDKSA-2006:178http://www.securityfocus.com/bid/22083http://secunia.com/advisories/25420http://secunia.com/advisories/25889http://secunia.com/advisories/26329http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1http://lists.vmware.com/pipermail/security-announce/2008/000008.htmlhttp://www.vmware.com/security/advisories/VMSA-2008-0005.htmlhttp://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlhttp://www.vmware.com/support/player/doc/releasenotes_player.htmlhttp://www.vmware.com/support/player2/doc/releasenotes_player2.htmlhttp://www.vmware.com/support/server/doc/releasenotes_server.htmlhttp://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlhttp://www.vmware.com/support/ws6/doc/releasenotes_ws6.htmlhttp://www.securityfocus.com/bid/28276ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.aschttp://secunia.com/advisories/30124http://secunia.com/advisories/31492http://www.redhat.com/support/errata/RHSA-2008-0629.htmlhttp://www.vupen.com/english/advisories/2006/3860http://www.vupen.com/english/advisories/2006/4264http://www.vupen.com/english/advisories/2006/4417http://www.vupen.com/english/advisories/2007/1401http://www.vupen.com/english/advisories/2006/4750http://www.vupen.com/english/advisories/2006/3936https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144http://www.vupen.com/english/advisories/2006/3902http://www.vupen.com/english/advisories/2006/4401http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771http://www.vupen.com/english/advisories/2006/3820http://www.vupen.com/english/advisories/2007/1973http://www.vupen.com/english/advisories/2007/0343http://www.vupen.com/english/advisories/2006/3869http://www.vupen.com/english/advisories/2008/0905/referenceshttp://www.vupen.com/english/advisories/2006/4036http://www.vupen.com/english/advisories/2007/2783http://www.vupen.com/english/advisories/2006/4443http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100http://marc.info/?l=bugtraq&m=130497311408250&w=2http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.htmlhttp://www.debian.org/security/2006/dsa-1185http://www.debian.org/security/2006/dsa-1195https://exchange.xforce.ibmcloud.com/vulnerabilities/29240https://www.exploit-db.com/exploits/4773https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4356https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10207http://www.securityfocus.com/archive/1/489739/100/0/threadedhttp://www.securityfocus.com/archive/1/456546/100/200/threadedhttp://www.securityfocus.com/archive/1/447393/100/0/threadedhttp://www.securityfocus.com/archive/1/447318/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389940https://usn.ubuntu.com/353-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/28726/https://www.kb.cert.org/vuls/id/386964
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook