ID

VAR-200311-0089


CVE

CVE-2003-0543


TITLE

Multiple vulnerabilities in SSL/TLS implementations

Trust: 0.8

sources: CERT/CC: VU#104280

DESCRIPTION

Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values. Multiple vulnerabilities exist in different vendors' SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL Is X.509 With a certificate etc. ASN.1 Authentication information is exchanged using objects. OpenSSL 0.9.6j/0.9.7b Before ASN.1 An integer overflow vulnerability exists due to insufficient bounds checking on the value of the object's tag field. In addition, SSL/TLS Implement the protocol OpenSSL Many other products also contain this vulnerability ASN.1 The existence of vulnerabilities related to processing has been confirmed.Third party crafted ASN.1 The client certificate containing the object SSL/TSL Etc. OpenSSL By passing it through an application implemented using OpenSSL Service disruption (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE----- OpenSSL Security Advisory [30 September 2003] Vulnerabilities in ASN.1 parsing ================================ NISCC (www.niscc.gov.uk) prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificates. Dr Stephen Henson (steve@openssl.org) of the OpenSSL core team identified and prepared fixes for a number of vulnerabilities in the OpenSSL ASN1 code when running the test suite. Vulnerabilities - --------------- 1. Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure, corrupting the stack. This can be used as a denial of service attack. It is currently unknown whether this can be exploited to run malicious code. This issue does not affect OpenSSL 0.9.6. 2. 3. Exploitation of an affected application would result in a denial of service vulnerability. 4. This by itself is not strictly speaking a vulnerability but it does mean that *all* SSL/TLS servers that use OpenSSL can be attacked using vulnerabilities 1, 2 and 3 even if they don't enable client authentication. Who is affected? - ---------------- All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all versions of SSLeay are affected. Any application that makes use of OpenSSL's ASN1 library to parse untrusted data. This includes all SSL or TLS applications, those using S/MIME (PKCS#7) or certificate generation routines. Recommendations - --------------- Upgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications statically linked to OpenSSL libraries. References - ---------- The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0545 for issue 1: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545 and CAN-2003-0543 and CAN-2003-0544 for issue 2: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544 URL for this Security Advisory: http://www.openssl.org/news/secadv_20030930.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q x4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS 3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un xjGKYbcITrM= =fFTe -----END PGP SIGNATURE-----

Trust: 6.3

sources: NVD: CVE-2003-0543 // CERT/CC: VU#104280 // CERT/CC: VU#732952 // CERT/CC: VU#686224 // CERT/CC: VU#935264 // CERT/CC: VU#380864 // CERT/CC: VU#255484 // JVNDB: JVNDB-2003-000286 // BID: 8732 // PACKETSTORM: 31738

AFFECTED PRODUCTS

vendor:opensslmodel: - scope: - version: -

Trust: 4.0

vendor:mandrakesoftmodel: - scope: - version: -

Trust: 1.6

vendor:red hatmodel: - scope: - version: -

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.7

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.6

Trust: 1.6

vendor:ciscomodel:ios 12.1 escope: - version: -

Trust: 1.2

vendor:oraclemodel:http serverscope:eqversion:9.0.1

Trust: 1.1

vendor:oraclemodel:http serverscope:eqversion:8.1.7

Trust: 1.1

vendor:appgate network security abmodel: - scope: - version: -

Trust: 0.8

vendor:apple computermodel: - scope: - version: -

Trust: 0.8

vendor:check pointmodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:conectivamodel: - scope: - version: -

Trust: 0.8

vendor:craymodel: - scope: - version: -

Trust: 0.8

vendor:debianmodel: - scope: - version: -

Trust: 0.8

vendor:f5model: - scope: - version: -

Trust: 0.8

vendor:freebsdmodel: - scope: - version: -

Trust: 0.8

vendor:gentoo linuxmodel: - scope: - version: -

Trust: 0.8

vendor:guardian digitalmodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel: - scope: - version: -

Trust: 0.8

vendor:hitachimodel: - scope: - version: -

Trust: 0.8

vendor:ibmmodel: - scope: - version: -

Trust: 0.8

vendor:ingrianmodel: - scope: - version: -

Trust: 0.8

vendor:junipermodel: - scope: - version: -

Trust: 0.8

vendor:netbsdmodel: - scope: - version: -

Trust: 0.8

vendor:nortelmodel: - scope: - version: -

Trust: 0.8

vendor:novellmodel: - scope: - version: -

Trust: 0.8

vendor:openbsdmodel: - scope: - version: -

Trust: 0.8

vendor:rsa securitymodel: - scope: - version: -

Trust: 0.8

vendor:scomodel: - scope: - version: -

Trust: 0.8

vendor:sgimodel: - scope: - version: -

Trust: 0.8

vendor:ssh securitymodel: - scope: - version: -

Trust: 0.8

vendor:secure computingmodel: - scope: - version: -

Trust: 0.8

vendor:slackwaremodel: - scope: - version: -

Trust: 0.8

vendor:stonesoftmodel: - scope: - version: -

Trust: 0.8

vendor:stunnelmodel: - scope: - version: -

Trust: 0.8

vendor:susemodel: - scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel: - scope: - version: -

Trust: 0.8

vendor:tawie server linuxmodel: - scope: - version: -

Trust: 0.8

vendor:turbolinuxmodel: - scope: - version: -

Trust: 0.8

vendor:wirexmodel: - scope: - version: -

Trust: 0.8

vendor:opensslmodel:opensslscope:lteversion:0.9.6j

Trust: 0.8

vendor:opensslmodel:opensslscope:lteversion:0.9.7b

Trust: 0.8

vendor:oraclemodel:application serverscope:eqversion:1.0.2.2

Trust: 0.8

vendor:oraclemodel:application serverscope:eqversion:1.0.2.2s

Trust: 0.8

vendor:oraclemodel:application serverscope:eqversion:9.0.2

Trust: 0.8

vendor:oraclemodel:application serverscope:eqversion:9.0.3

Trust: 0.8

vendor:oraclemodel:databasescope:eqversion:8.1.7

Trust: 0.8

vendor:oraclemodel:databasescope:eqversion:9.0.1

Trust: 0.8

vendor:oraclemodel:databasescope:eqversion:9.2.0

Trust: 0.8

vendor:oraclemodel:http serverscope:eqversion:9.2

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:1.1

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:2.0

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:2.1

Trust: 0.8

vendor:sun microsystemsmodel:cobalt qube3scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel:cobalt raq3scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel:cobalt raq4scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel:cobalt raq550scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel:cobalt raqxtrscope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel:java system application serverscope:lteversion:7 platform edition update 2

Trust: 0.8

vendor:sun microsystemsmodel:java system application serverscope:lteversion:7 standard edition update 2

Trust: 0.8

vendor:sun microsystemsmodel:java system directory serverscope:eqversion:5.1

Trust: 0.8

vendor:sun microsystemsmodel:java system web serverscope:lteversion:4.1 sp13

Trust: 0.8

vendor:sun microsystemsmodel:java system web serverscope:lteversion:6.0 sp6

Trust: 0.8

vendor:sun microsystemsmodel:java system web serverscope:eqversion:6.1

Trust: 0.8

vendor:sun microsystemsmodel:linux 5.0scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:9 (sparc)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:9 (x86)

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.1

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.2

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.0

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.1

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.2

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.3

Trust: 0.8

vendor:turbo linuxmodel:turbolinux advanced serverscope:eqversion:6

Trust: 0.8

vendor:turbo linuxmodel:turbolinux desktopscope:eqversion:10

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:6.1

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:6.5

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:7

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:8

Trust: 0.8

vendor:turbo linuxmodel:turbolinux workstationscope:eqversion:6.0

Trust: 0.8

vendor:turbo linuxmodel:turbolinux workstationscope:eqversion:7

Trust: 0.8

vendor:turbo linuxmodel:turbolinux workstationscope:eqversion:8

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.00

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.11

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.22

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.23

Trust: 0.8

vendor:hewlett packardmodel:hp-ux apache-based web serverscope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:2.1 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:2.1 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:2.1 (ws)

Trust: 0.8

vendor:red hatmodel:linuxscope:eqversion:7.1

Trust: 0.8

vendor:red hatmodel:linuxscope:eqversion:7.2

Trust: 0.8

vendor:red hatmodel:linuxscope:eqversion:7.3

Trust: 0.8

vendor:red hatmodel:linuxscope:eqversion:8.0

Trust: 0.8

vendor:red hatmodel:linuxscope:eqversion:9

Trust: 0.8

vendor:red hatmodel:linux advanced workstationscope:eqversion:2.1

Trust: 0.8

vendor:vmwaremodel:gsx server buildscope:eqversion:2.5.15336

Trust: 0.3

vendor:vmwaremodel:esx server buildscope:eqversion:2.05257

Trust: 0.3

vendor:vmwaremodel:esx serverscope:eqversion:1.5.2

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.30

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.200

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.11

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.10

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.01

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.0

Trust: 0.3

vendor:sunmodel:solaris 9 x86scope: - version: -

Trust: 0.3

vendor:sunmodel:solaris 9 sparcscope: - version: -

Trust: 0.3

vendor:sunmodel:one web server sp6scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp5scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp4scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp3scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp2scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp1scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web serverscope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp9scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp8scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp7scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp6scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp5scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp4scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp3scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp2scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp14scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp13scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp12scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp11scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp10scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp1scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one directory serverscope:eqversion:5.1x86

Trust: 0.3

vendor:sunmodel:one directory server sp2scope:eqversion:5.1

Trust: 0.3

vendor:sunmodel:one directory server sp1scope:eqversion:5.1

Trust: 0.3

vendor:sunmodel:one directory serverscope:eqversion:5.1

Trust: 0.3

vendor:sunmodel:one application server ur2 standard editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:one application server ur2 platform editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:one application server ur1 standard editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:one application server ur1 platform editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:one application server standard editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:one application server platform editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:java system web serverscope:eqversion:6.1

Trust: 0.3

vendor:sunmodel:grid enginescope:eqversion:5.3x86

Trust: 0.3

vendor:sunmodel:grid engine sun linuxscope:eqversion:5.3

Trust: 0.3

vendor:sunmodel:grid engine 64-bit sparcscope:eqversion:5.3

Trust: 0.3

vendor:sunmodel:grid engine 32-bit sparcscope:eqversion:5.3

Trust: 0.3

vendor:sunmodel:clusterscope:eqversion:3.1

Trust: 0.3

vendor:sunmodel:clusterscope:eqversion:3.0

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.2.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.2

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.9

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.8

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.7

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.6

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.5

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.4

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.7.2

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.7.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.7

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.6.3

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.6.2

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.5.18

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.5.17

Trust: 0.3

vendor:stonesoftmodel:stonebeat webclusterscope:eqversion:2.5

Trust: 0.3

vendor:stonesoftmodel:stonebeat webclusterscope:eqversion:2.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat securityclusterscope:eqversion:2.5

Trust: 0.3

vendor:stonesoftmodel:stonebeat securityclusterscope:eqversion:2.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat high availabilityscope:eqversion:3.1

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for raptorscope:eqversion:2.5

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for raptorscope:eqversion:2.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for isa serverscope:eqversion:3.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for gauntletscope:eqversion:2.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for firewall-1scope:eqversion:3.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for firewall-1scope:eqversion:2.0

Trust: 0.3

vendor:ssleaymodel:ssleayscope:eqversion:0.9.1

Trust: 0.3

vendor:ssleaymodel:ssleayscope:eqversion:0.9

Trust: 0.3

vendor:ssleaymodel:ssleayscope:eqversion:0.8.1

Trust: 0.3

vendor:ssleaymodel:ssleayscope:eqversion:0.6.6

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2.5

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2.4

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2.3

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2.2

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2.1

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.8

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.7

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.6

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.5

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.4

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.3

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.2

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.1

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1

Trust: 0.3

vendor:sshmodel:communications security ssh sentinelscope:eqversion:1.4

Trust: 0.3

vendor:sshmodel:communications security ipsec express toolkitscope: - version: -

Trust: 0.3

vendor:snapgearmodel:osscope:eqversion:1.8.4

Trust: 0.3

vendor:smoothwallmodel:gplscope:eqversion:1.0

Trust: 0.3

vendor:smoothwallmodel:express betascope:eqversion:2.0

Trust: 0.3

vendor:sgimodel:propackscope:eqversion:2.3

Trust: 0.3

vendor:sgimodel:propackscope:eqversion:2.2.1

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.22

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.21

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.21

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.21

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.20

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.20

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.20

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.19

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.19

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.19

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0.7

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0.6

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0.5

Trust: 0.3

vendor:redhatmodel:linux i386scope:eqversion:9.0

Trust: 0.3

vendor:oraclemodel:oracle9i standard editionscope:eqversion:9.2

Trust: 0.3

vendor:oraclemodel:oracle9i standard editionscope:eqversion:9.0.1

Trust: 0.3

vendor:oraclemodel:oracle9i standard editionscope:eqversion:8.1.7

Trust: 0.3

vendor:oraclemodel:oracle9i personal editionscope:eqversion:9.2

Trust: 0.3

vendor:oraclemodel:oracle9i personal editionscope:eqversion:9.0.1

Trust: 0.3

vendor:oraclemodel:oracle9i personal editionscope:eqversion:8.1.7

Trust: 0.3

vendor:oraclemodel:oracle9i enterprise editionscope:eqversion:9.2.0

Trust: 0.3

vendor:oraclemodel:oracle9i enterprise editionscope:eqversion:9.0.1

Trust: 0.3

vendor:oraclemodel:oracle9i enterprise editionscope:eqversion:8.1.7

Trust: 0.3

vendor:oraclemodel:oracle9i application serverscope:eqversion:9.0.3

Trust: 0.3

vendor:oraclemodel:oracle9i application serverscope:eqversion:9.0.2

Trust: 0.3

vendor:oraclemodel:oracle9i application serverscope:eqversion:1.0.2.2

Trust: 0.3

vendor:oraclemodel:oracle9i application server .1sscope:eqversion:1.0.2

Trust: 0.3

vendor:oraclemodel:http serverscope:eqversion:9.2.0

Trust: 0.3

vendor:opensslmodel:project openssl beta3scope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl beta2scope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl beta1scope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl bscope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl ascope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project opensslscope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl jscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl iscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl hscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl gscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl escope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl dscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl cscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl bscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl ascope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project opensslscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl ascope:eqversion:0.9.5

Trust: 0.3

vendor:openbsdmodel:openbsdscope:eqversion:3.4

Trust: 0.3

vendor:openbsdmodel:openbsdscope:eqversion:3.3

Trust: 0.3

vendor:openbsdmodel:openbsdscope:eqversion:3.2

Trust: 0.3

vendor:openbsdmodel:openbsdscope:eqversion:3.1

Trust: 0.3

vendor:novellmodel:nsure auditscope:eqversion:1.0.1

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:6.5

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:6.0

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:5.1

Trust: 0.3

vendor:novellmodel:netmail escope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmail dscope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmail cscope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmail bscope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmail ascope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmailscope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmailscope:eqversion:3.1

Trust: 0.3

vendor:novellmodel:netmail bscope:eqversion:3.0.3

Trust: 0.3

vendor:novellmodel:netmail ascope:eqversion:3.0.3

Trust: 0.3

vendor:novellmodel:netmailscope:eqversion:3.0.3

Trust: 0.3

vendor:novellmodel:netmailscope:eqversion:3.0.1

Trust: 0.3

vendor:novellmodel:international cryptographic infostructurescope:eqversion:2.6.1

Trust: 0.3

vendor:novellmodel:imanagerscope:eqversion:2.0.2

Trust: 0.3

vendor:novellmodel:imanagerscope:eqversion:2.0

Trust: 0.3

vendor:novellmodel:imanagerscope:eqversion:1.5

Trust: 0.3

vendor:novellmodel:ichain server sp1scope:eqversion:2.2

Trust: 0.3

vendor:novellmodel:ichain server fp1ascope:eqversion:2.2

Trust: 0.3

vendor:novellmodel:ichain server fp1scope:eqversion:2.2

Trust: 0.3

vendor:novellmodel:ichain serverscope:eqversion:2.2

Trust: 0.3

vendor:novellmodel:groupwise webaccess sp2scope:eqversion:6.5

Trust: 0.3

vendor:novellmodel:groupwise webaccess sp1scope:eqversion:6.5

Trust: 0.3

vendor:novellmodel:groupwise webaccessscope:eqversion:6.5

Trust: 0.3

vendor:novellmodel:groupwise webaccess sp4scope:eqversion:6.0

Trust: 0.3

vendor:novellmodel:groupwise internet agentscope:eqversion:6.5.1

Trust: 0.3

vendor:novellmodel:groupwise sp2scope:eqversion:6.5

Trust: 0.3

vendor:novellmodel:groupwise sp4scope:eqversion:6.0

Trust: 0.3

vendor:novellmodel:edirectory su1scope:eqversion:8.7.1

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.7.1

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.7

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.6.2

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.5.27

Trust: 0.3

vendor:novellmodel:edirectory ascope:eqversion:8.5.12

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.5

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.0

Trust: 0.3

vendor:novellmodel:bordermanagerscope:eqversion:3.8

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:9.2

Trust: 0.3

vendor:mandrivamodel:linux mandrake ppcscope:eqversion:9.1

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:9.1

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:9.0

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:8.2

Trust: 0.3

vendor:mandrakesoftmodel:multi network firewallscope:eqversion:2.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate server x86 64scope:eqversion:2.1

Trust: 0.3

vendor:mandrakesoftmodel:corporate serverscope:eqversion:2.1

Trust: 0.3

vendor:junipermodel:networks t-series router t640scope: - version: -

Trust: 0.3

vendor:junipermodel:networks t-series router t320scope: - version: -

Trust: 0.3

vendor:junipermodel:networks sdx-300scope:eqversion:3.1.1

Trust: 0.3

vendor:junipermodel:networks sdx-300scope:eqversion:3.1

Trust: 0.3

vendor:junipermodel:networks m-series router m5scope: - version: -

Trust: 0.3

vendor:junipermodel:networks m-series router m40escope: - version: -

Trust: 0.3

vendor:junipermodel:networks m-series router m40scope: - version: -

Trust: 0.3

vendor:junipermodel:networks m-series router m20scope: - version: -

Trust: 0.3

vendor:junipermodel:networks m-series router m160scope: - version: -

Trust: 0.3

vendor:junipermodel:networks m-series router m10scope: - version: -

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:3.2.1

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:3.2

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:3.2.1

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:3.2

Trust: 0.3

vendor:ibmmodel:rational rosescope:eqversion:2000

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:2.0.47

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:2.0.42.2

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:2.0.42

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.28

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.26

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.19

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.12.4

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.12.3

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.12.2

Trust: 0.3

vendor:hpmodel:hp-ux aaa server a.06.01.02scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.23

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.22

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.20

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.11

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.0

Trust: 0.3

vendor:hpmodel:wbem services for hp-ux a.01.05.05scope: - version: -

Trust: 0.3

vendor:f5model:ismanscope: - version: -

Trust: 0.3

vendor:f5model:firepassscope: - version: -

Trust: 0.3

vendor:f5model:bigipscope:eqversion:4.5

Trust: 0.3

vendor:f5model:bigipscope:eqversion:4.4

Trust: 0.3

vendor:f5model:bigipscope:eqversion:4.3

Trust: 0.3

vendor:f5model:bigipscope:eqversion:4.2

Trust: 0.3

vendor:f5model:bigipscope:eqversion:2.1

Trust: 0.3

vendor:f5model:bigipscope:eqversion:2.0

Trust: 0.3

vendor:f5model:3-dnsscope:eqversion:4.5

Trust: 0.3

vendor:f5model:3-dnsscope:eqversion:4.4

Trust: 0.3

vendor:f5model:3-dnsscope:eqversion:4.3

Trust: 0.3

vendor:f5model:3-dnsscope:eqversion:4.2

Trust: 0.3

vendor:f securemodel:ssh for windowsscope:eqversion:5.3

Trust: 0.3

vendor:f securemodel:ssh for windowsscope:eqversion:5.2

Trust: 0.3

vendor:f securemodel:ssh for windowsscope:eqversion:5.1

Trust: 0.3

vendor:f securemodel:ssh for unixscope:eqversion:3.2.3

Trust: 0.3

vendor:f securemodel:ssh for unixscope:eqversion:3.2.0

Trust: 0.3

vendor:f securemodel:ssh for unixscope:eqversion:3.1.0

Trust: 0.3

vendor:f securemodel:sshscope:eqversion:3.1.0

Trust: 0.3

vendor:f securemodel:ssh for unixscope:eqversion:3.0.1

Trust: 0.3

vendor:craymodel:open softwarescope:eqversion:3.4

Trust: 0.3

vendor:computermodel:associates etrust security command centerscope:eqversion:1.0

Trust: 0.3

vendor:ciscomodel:threat responsescope: - version: -

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.3.2-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.3.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.2.2-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.2.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-2.5.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-2-3.3.2-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-2-3.3.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sip proxy serverscope: - version: -

Trust: 0.3

vendor:ciscomodel:secure policy managerscope:eqversion:3.0.1

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:520

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:515

Trust: 0.3

vendor:ciscomodel:network analysis modulescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ios 12.2syscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2sxscope: - version: -

Trust: 0.3

vendor:ciscomodel:gss global site selectorscope:eqversion:4480

Trust: 0.3

vendor:ciscomodel:firewall services modulescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:css11000 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:css secure content acceleratorscope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:css secure content acceleratorscope:eqversion:1.0

Trust: 0.3

vendor:ciscomodel:ciscoworks common servicesscope:eqversion:2.2

Trust: 0.3

vendor:ciscomodel:ciscoworks wireless lan solution enginescope:eqversion:1105

Trust: 0.3

vendor:ciscomodel:ciscoworks hosting solution enginescope:eqversion:1105

Trust: 0.3

vendor:ciscomodel:application & content networking softwarescope: - version: -

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp4scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp3scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp2scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1 sp4scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1 sp3scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1 sp2scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1 sp1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software nokia voyagerscope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software next generation fp3 hf2scope: - version: -

Trust: 0.3

vendor:checkmodel:point software next generation fp3 hf1scope: - version: -

Trust: 0.3

vendor:checkmodel:point software next generation fp3scope: - version: -

Trust: 0.3

vendor:checkmodel:point software next generation fp2scope: - version: -

Trust: 0.3

vendor:checkmodel:point software next generation fp1scope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp6scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp5scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp4scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp3scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp2scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp8scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp7scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp6scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp5scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp4scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp3scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp2scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp1scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:3.0

Trust: 0.3

vendor:borderwaremodel:firewall serverscope:eqversion:7.0

Trust: 0.3

vendor:bluemodel:coat systems security gateway osscope:eqversion:3.0

Trust: 0.3

vendor:bluemodel:coat systems security gateway osscope:eqversion:2.0

Trust: 0.3

vendor:bluemodel:coat systems cacheos ca/sascope:eqversion:4.1.10

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2

Trust: 0.3

vendor:tarantellamodel:enterprisescope:neversion:33.40

Trust: 0.3

vendor:sunmodel:solaris 8 x86scope:neversion: -

Trust: 0.3

vendor:sunmodel:solaris 8 sparcscope:neversion: -

Trust: 0.3

vendor:sunmodel:solaris 7.0 x86scope:neversion: -

Trust: 0.3

vendor:sunmodel:solarisscope:neversion:7.0

Trust: 0.3

vendor:sunmodel:one web server sp7scope:neversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp14scope:neversion:4.1

Trust: 0.3

vendor:sunmodel:one directory server sp3scope:neversion:5.1

Trust: 0.3

vendor:sunmodel:one application server ur2 upgrade standardscope:neversion:7.0

Trust: 0.3

vendor:sunmodel:one application server ur2 upgrade platformscope:neversion:7.0

Trust: 0.3

vendor:sunmodel:java system web server sp1scope:neversion:6.1

Trust: 0.3

vendor:sunmodel:clusterscope:neversion:2.2

Trust: 0.3

vendor:sunmodel:clusterscope:neversion:2.1

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:neversion:3.2.9

Trust: 0.3

vendor:sshmodel:communications security ssh sentinelscope:neversion:1.4.1

Trust: 0.3

vendor:snapgearmodel:osscope:neversion:1.8.5

Trust: 0.3

vendor:opensslmodel:project openssl cscope:neversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl kscope:neversion:0.9.6

Trust: 0.3

vendor:novellmodel:nsure auditscope:neversion:1.0.3

Trust: 0.3

vendor:novellmodel:nsure auditscope:neversion:1.0.2

Trust: 0.3

vendor:novellmodel:netmail fscope:neversion:3.1

Trust: 0.3

vendor:novellmodel:imanagerscope:neversion:2.5

Trust: 0.3

vendor:novellmodel:edirectory su1scope:neversion:8.7.1

Trust: 0.3

vendor:ingatemodel:siparatorscope:neversion:3.3.1

Trust: 0.3

vendor:ingatemodel:firewallscope:neversion:3.3.1

Trust: 0.3

vendor:ibmmodel:rational requisiteproscope:neversion:7.0

Trust: 0.3

vendor:hpmodel:hp-ux aaa server a.06.01.02.04scope:neversion: -

Trust: 0.3

vendor:hpmodel:wbem services for hp-ux a.01.05.07scope:neversion: -

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x10.2.8

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.2.8

Trust: 0.3

sources: CERT/CC: VU#104280 // CERT/CC: VU#732952 // CERT/CC: VU#686224 // CERT/CC: VU#935264 // CERT/CC: VU#380864 // CERT/CC: VU#255484 // BID: 8732 // JVNDB: JVNDB-2003-000286 // CNNVD: CNNVD-200311-070 // NVD: CVE-2003-0543

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2003-0543
value: MEDIUM

Trust: 1.8

CARNEGIE MELLON: VU#104280
value: 11.81

Trust: 0.8

CARNEGIE MELLON: VU#732952
value: 2.53

Trust: 0.8

CARNEGIE MELLON: VU#686224
value: 1.50

Trust: 0.8

CARNEGIE MELLON: VU#935264
value: 21.52

Trust: 0.8

CARNEGIE MELLON: VU#380864
value: 11.25

Trust: 0.8

CARNEGIE MELLON: VU#255484
value: 11.25

Trust: 0.8

CNNVD: CNNVD-200311-070
value: MEDIUM

Trust: 0.6

NVD: CVE-2003-0543
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.8

sources: CERT/CC: VU#104280 // CERT/CC: VU#732952 // CERT/CC: VU#686224 // CERT/CC: VU#935264 // CERT/CC: VU#380864 // CERT/CC: VU#255484 // JVNDB: JVNDB-2003-000286 // CNNVD: CNNVD-200311-070 // NVD: CVE-2003-0543

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2003-0543

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200311-070

TYPE

Unknown

Trust: 0.9

sources: BID: 8732 // CNNVD: CNNVD-200311-070

CONFIGURATIONS

sources: NVD: CVE-2003-0543

PATCH

title:cisco-sa-20030930-sslurl:http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml

Trust: 0.8

title:HPSBUX00288url:http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00891831

Trust: 0.8

title:HPSBUX00290url:http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00901847

Trust: 0.8

title:HPSBUX0310-284url:http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0310-284

Trust: 0.8

title:HPSBUX0310-290url:http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-290.html

Trust: 0.8

title:HPSBUX0310-284url:http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-284.html

Trust: 0.8

title:opensslurl:http://www.miraclelinux.com/support/update/data/openssl.html

Trust: 0.8

title:secadv_20030930url:http://www.openssl.org/news/secadv_20030930.txt

Trust: 0.8

title:#62url:http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf

Trust: 0.8

title:RHSA-2003:292url:https://rhn.redhat.com/errata/rhsa-2003-292.html

Trust: 0.8

title:RHSA-2003:291url:https://rhn.redhat.com/errata/rhsa-2003-291.html

Trust: 0.8

title:RHSA-2003:293url:https://rhn.redhat.com/errata/rhsa-2003-293.html

Trust: 0.8

title:57472url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57472-1

Trust: 0.8

title:57100url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57100-1

Trust: 0.8

title:57498url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57498-1

Trust: 0.8

title:57599url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57599-1

Trust: 0.8

title:57498url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57498-3

Trust: 0.8

title:57472url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57472-3

Trust: 0.8

title:57100url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57100-3

Trust: 0.8

title:57599url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57599-3

Trust: 0.8

title:TLSA-2003-55url:http://www.turbolinux.com/security/2003/tlsa-2003-55.txt

Trust: 0.8

title:#62url:http://otn.oracle.co.jp/security/031210_62/top.html

Trust: 0.8

title:cisco-sa-20030930-sslurl:http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20030930-ssl-j.shtml

Trust: 0.8

title:RHSA-2003:292url:http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-292j.html

Trust: 0.8

title:RHSA-2003:291url:http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-291j.html

Trust: 0.8

title:RHSA-2003:293url:http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-293j.html

Trust: 0.8

title:TLSA-2003-55url:http://www.turbolinux.co.jp/security/2003/tlsa-2003-55j.txt

Trust: 0.8

sources: JVNDB: JVNDB-2003-000286

EXTERNAL IDS

db:CERT/CCid:VU#255484

Trust: 3.5

db:NVDid:CVE-2003-0543

Trust: 2.8

db:BIDid:8732

Trust: 2.7

db:CERT/CCid:VU#732952

Trust: 1.9

db:CERT/CCid:VU#686224

Trust: 1.9

db:CERT/CCid:VU#104280

Trust: 1.6

db:VUPENid:ADV-2006-3900

Trust: 1.6

db:SECUNIAid:22249

Trust: 1.6

db:CERT/CCid:VU#935264

Trust: 1.1

db:CERT/CCid:VU#380864

Trust: 1.1

db:XFid:13316

Trust: 0.8

db:JVNDBid:JVNDB-2003-000286

Trust: 0.8

db:CERT/CCid:CA-2003-26

Trust: 0.6

db:REDHATid:RHSA-2003:291

Trust: 0.6

db:REDHATid:RHSA-2003:292

Trust: 0.6

db:SUNALERTid:201029

Trust: 0.6

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:4254

Trust: 0.6

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:5292

Trust: 0.6

db:ENGARDEid:ESA-20030930-027

Trust: 0.6

db:DEBIANid:DSA-394

Trust: 0.6

db:DEBIANid:DSA-393

Trust: 0.6

db:CNNVDid:CNNVD-200311-070

Trust: 0.6

db:PACKETSTORMid:31738

Trust: 0.1

sources: CERT/CC: VU#104280 // CERT/CC: VU#732952 // CERT/CC: VU#686224 // CERT/CC: VU#935264 // CERT/CC: VU#380864 // CERT/CC: VU#255484 // BID: 8732 // JVNDB: JVNDB-2003-000286 // PACKETSTORM: 31738 // CNNVD: CNNVD-200311-070 // NVD: CVE-2003-0543

REFERENCES

url:http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm

Trust: 5.1

url:http://www.ietf.org/rfc/rfc2246.txt

Trust: 4.8

url:http://wp.netscape.com/eng/ssl3/

Trust: 4.0

url:http://www.itu.int/itu-t/studygroups/com10/languages/

Trust: 4.0

url:http://www.openssl.org/news/secadv_20030930.txt

Trust: 3.9

url:http://www.ietf.org/html.charters/pkix-charter.html

Trust: 3.2

url:http://www.cert.org/advisories/ca-2003-26.html

Trust: 2.7

url:http://www.kb.cert.org/vuls/id/255484

Trust: 2.7

url:http://www.securityfocus.com/bid/8732

Trust: 2.4

url:http://www-1.ibm.com/support/docview.wss?uid=swg21247112

Trust: 1.9

url:http://www.redhat.com/support/errata/rhsa-2003-291.html

Trust: 1.6

url:http://www.redhat.com/support/errata/rhsa-2003-292.html

Trust: 1.6

url:http://www.linuxsecurity.com/advisories/engarde_advisory-3693.html

Trust: 1.6

url:http://www.debian.org/security/2003/dsa-394

Trust: 1.6

url:http://www.debian.org/security/2003/dsa-393

Trust: 1.6

url:http://sunsolve.sun.com/search/document.do?assetkey=1-66-201029-1

Trust: 1.6

url:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=104893

Trust: 1.6

url:http://secunia.com/advisories/22249

Trust: 1.6

url:http://www.kb.cert.org/vuls/id/686224

Trust: 1.1

url:http://www.kb.cert.org/vuls/id/732952

Trust: 1.1

url:http://www.vupen.com/english/advisories/2006/3900

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5292

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4254

Trust: 1.0

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/10087450.htm

Trust: 0.9

url:http://www.uniras.gov.uk/vuls/2003/006489/tls.htm

Trust: 0.8

url:http://www.rsasecurity.com/rsalabs/pkcs/

Trust: 0.8

url:http://wp.netscape.com/eng/ssl3/draft302.txt

Trust: 0.8

url:http://www.ciac.org/ciac/bulletins/n-159.shtml

Trust: 0.8

url:http://www.ciac.org/ciac/bulletins/o-065.shtml

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0543

Trust: 0.8

url:http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20031104-00753.xml

Trust: 0.8

url:http://www.cpni.gov.uk/products/advisories/default.aspx?id=br-20031104-00633.xml

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/13316

Trust: 0.8

url:http://jvn.jp/cert/jvnca-2003-26

Trust: 0.8

url:http://jvn.jp/tr/trca-2003-26

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0543

Trust: 0.8

url:http://www.cpni.gov.uk/docs/re-20031104-00748.pdf

Trust: 0.8

url:http://www.cpni.gov.uk/docs/re-20031104-00753.pdf?lang=en

Trust: 0.8

url:http://www.kb.cert.org/vuls/id/104280

Trust: 0.8

url:http://www.cyberpolice.go.jp/important/20031001_103420.html

Trust: 0.8

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5292

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2006/3900

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:4254

Trust: 0.6

url:http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-tech.shtml

Trust: 0.3

url:http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120400.shtml

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57599

Trust: 0.3

url:http://www.info.apple.com/usen/security/security_updates.html

Trust: 0.3

url:http://www.apple.com/swupdates/

Trust: 0.3

url:http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967586.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968007.htm

Trust: 0.3

url:http://www.vmware.com/download/esx/esx2-openssh.html

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967420.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967421.htm

Trust: 0.3

url:http://www.borderware.com/products/firewall.php

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967425.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967411.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967408.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967399.htm

Trust: 0.3

url:http://www.vmware.com/download/gsx_security.html

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967175.htm

Trust: 0.3

url:http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2003:098

Trust: 0.3

url:http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2004.0422.1

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967210.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967209.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967208.htm

Trust: 0.3

url:http://cirt.dk/advisories/cirt-32-advisory.pdf

Trust: 0.3

url:http://www.cirt.dk/advisories/cirt-31-advisory.pdf

Trust: 0.3

url:http://www.stonesoft.com/document/art/3040.html

Trust: 0.3

url:http://metalink.oracle.com

Trust: 0.3

url:http://www.smoothwall.org/home/news/item/20031001.01.html

Trust: 0.3

url:http://www.ingate.com/relnote-331.php

Trust: 0.3

url:https://rhn.redhat.com/errata/rhsa-2003-293.html

Trust: 0.3

url:http://www.bluecoat.com/support/knowledge/advisory_openssl_asn_vulnerability.html

Trust: 0.3

url:http://support.novell.com/security-alerts/

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968981.htm

Trust: 0.3

url:http://www.stonesoft.com/document/art/3041.html

Trust: 0.3

url:http://www.ssh.com/company/newsroom/article/476/

Trust: 0.3

url:http://www.ssh.com/company/newsroom/article/477/

Trust: 0.3

url:http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57100

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57444

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57472

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57475

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57498

Trust: 0.3

url:http://sunsolve.sun.com/patches/linux/security.html

Trust: 0.3

url:http://www.tarantella.com/security/bulletin-08.html

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097379.htm

Trust: 0.3

url:http://www.borderware.com/

Trust: 0.3

url:http://www.kb.cert.org/vuls/id/380864

Trust: 0.3

url:http://www.kb.cert.org/vuls/id/935264

Trust: 0.3

url:/archive/1/343055

Trust: 0.3

url:https://www.niscc.gov.uk)

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2003-0545

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0545

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0543

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0544

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2003-0543

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2003-0544

Trust: 0.1

sources: CERT/CC: VU#104280 // CERT/CC: VU#732952 // CERT/CC: VU#686224 // CERT/CC: VU#935264 // CERT/CC: VU#380864 // CERT/CC: VU#255484 // BID: 8732 // JVNDB: JVNDB-2003-000286 // PACKETSTORM: 31738 // CNNVD: CNNVD-200311-070 // NVD: CVE-2003-0543

CREDITS

NISCC uniras@niscc.gov.uk

Trust: 0.6

sources: CNNVD: CNNVD-200311-070

SOURCES

db:CERT/CCid:VU#104280
db:CERT/CCid:VU#732952
db:CERT/CCid:VU#686224
db:CERT/CCid:VU#935264
db:CERT/CCid:VU#380864
db:CERT/CCid:VU#255484
db:BIDid:8732
db:JVNDBid:JVNDB-2003-000286
db:PACKETSTORMid:31738
db:CNNVDid:CNNVD-200311-070
db:NVDid:CVE-2003-0543

LAST UPDATE DATE

2022-05-29T19:17:04.347000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#104280date:2004-08-25T00:00:00
db:CERT/CCid:VU#732952date:2003-10-01T00:00:00
db:CERT/CCid:VU#686224date:2003-10-01T00:00:00
db:CERT/CCid:VU#935264date:2003-10-01T00:00:00
db:CERT/CCid:VU#380864date:2003-10-01T00:00:00
db:CERT/CCid:VU#255484date:2003-10-01T00:00:00
db:BIDid:8732date:2016-07-06T14:32:00
db:JVNDBid:JVNDB-2003-000286date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200311-070date:2010-01-28T00:00:00
db:NVDid:CVE-2003-0543date:2018-05-03T01:29:00

SOURCES RELEASE DATE

db:CERT/CCid:VU#104280date:2003-09-30T00:00:00
db:CERT/CCid:VU#732952date:2003-09-30T00:00:00
db:CERT/CCid:VU#686224date:2003-09-30T00:00:00
db:CERT/CCid:VU#935264date:2003-09-30T00:00:00
db:CERT/CCid:VU#380864date:2003-09-30T00:00:00
db:CERT/CCid:VU#255484date:2003-09-30T00:00:00
db:BIDid:8732date:2003-09-30T00:00:00
db:JVNDBid:JVNDB-2003-000286date:2007-04-01T00:00:00
db:PACKETSTORMid:31738date:2003-09-30T16:10:22
db:CNNVDid:CNNVD-200311-070date:2003-09-30T00:00:00
db:NVDid:CVE-2003-0543date:2003-11-17T05:00:00