ID

VAR-200311-0091


CVE

CVE-2003-0545


TITLE

Multiple vulnerabilities in SSL/TLS implementations

Trust: 0.8

sources: CERT/CC: VU#104280

DESCRIPTION

Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding. Multiple vulnerabilities exist in different vendors' SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL of ASN.1 (Abstract Syntax Notation number One) Structure (ASN1_TYPE) In the interpretation part of, there is a flaw in the process of releasing the memory allocated for the structure, and there is a vulnerability that destroys the values in the stack.OpenSSL Service disruption (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE----- OpenSSL Security Advisory [30 September 2003] Vulnerabilities in ASN.1 parsing ================================ NISCC (www.niscc.gov.uk) prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificates. Dr Stephen Henson (steve@openssl.org) of the OpenSSL core team identified and prepared fixes for a number of vulnerabilities in the OpenSSL ASN1 code when running the test suite. Vulnerabilities - --------------- 1. Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure, corrupting the stack. This can be used as a denial of service attack. It is currently unknown whether this can be exploited to run malicious code. This issue does not affect OpenSSL 0.9.6. 2. 3. Exploitation of an affected application would result in a denial of service vulnerability. 4. This by itself is not strictly speaking a vulnerability but it does mean that *all* SSL/TLS servers that use OpenSSL can be attacked using vulnerabilities 1, 2 and 3 even if they don't enable client authentication. Who is affected? - ---------------- All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all versions of SSLeay are affected. Any application that makes use of OpenSSL's ASN1 library to parse untrusted data. This includes all SSL or TLS applications, those using S/MIME (PKCS#7) or certificate generation routines. Recommendations - --------------- Upgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications statically linked to OpenSSL libraries. References - ---------- The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0545 for issue 1: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545 and CAN-2003-0543 and CAN-2003-0544 for issue 2: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544 URL for this Security Advisory: http://www.openssl.org/news/secadv_20030930.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q x4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS 3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un xjGKYbcITrM= =fFTe -----END PGP SIGNATURE-----

Trust: 6.3

sources: NVD: CVE-2003-0545 // CERT/CC: VU#104280 // CERT/CC: VU#732952 // CERT/CC: VU#686224 // CERT/CC: VU#935264 // CERT/CC: VU#380864 // CERT/CC: VU#255484 // JVNDB: JVNDB-2003-000287 // BID: 8732 // PACKETSTORM: 31738

AFFECTED PRODUCTS

vendor:opensslmodel: - scope: - version: -

Trust: 4.0

vendor:mandrakesoftmodel: - scope: - version: -

Trust: 1.6

vendor:red hatmodel: - scope: - version: -

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.7

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.6

Trust: 1.6

vendor:ciscomodel:ios 12.1 escope: - version: -

Trust: 1.2

vendor:oraclemodel:http serverscope:eqversion:9.0.1

Trust: 1.1

vendor:oraclemodel:http serverscope:eqversion:8.1.7

Trust: 1.1

vendor:appgate network security abmodel: - scope: - version: -

Trust: 0.8

vendor:apple computermodel: - scope: - version: -

Trust: 0.8

vendor:check pointmodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:conectivamodel: - scope: - version: -

Trust: 0.8

vendor:craymodel: - scope: - version: -

Trust: 0.8

vendor:debianmodel: - scope: - version: -

Trust: 0.8

vendor:f5model: - scope: - version: -

Trust: 0.8

vendor:freebsdmodel: - scope: - version: -

Trust: 0.8

vendor:gentoo linuxmodel: - scope: - version: -

Trust: 0.8

vendor:guardian digitalmodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel: - scope: - version: -

Trust: 0.8

vendor:hitachimodel: - scope: - version: -

Trust: 0.8

vendor:ibmmodel: - scope: - version: -

Trust: 0.8

vendor:ingrianmodel: - scope: - version: -

Trust: 0.8

vendor:junipermodel: - scope: - version: -

Trust: 0.8

vendor:netbsdmodel: - scope: - version: -

Trust: 0.8

vendor:nortelmodel: - scope: - version: -

Trust: 0.8

vendor:novellmodel: - scope: - version: -

Trust: 0.8

vendor:openbsdmodel: - scope: - version: -

Trust: 0.8

vendor:rsa securitymodel: - scope: - version: -

Trust: 0.8

vendor:scomodel: - scope: - version: -

Trust: 0.8

vendor:sgimodel: - scope: - version: -

Trust: 0.8

vendor:ssh securitymodel: - scope: - version: -

Trust: 0.8

vendor:secure computingmodel: - scope: - version: -

Trust: 0.8

vendor:slackwaremodel: - scope: - version: -

Trust: 0.8

vendor:stonesoftmodel: - scope: - version: -

Trust: 0.8

vendor:stunnelmodel: - scope: - version: -

Trust: 0.8

vendor:susemodel: - scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel: - scope: - version: -

Trust: 0.8

vendor:tawie server linuxmodel: - scope: - version: -

Trust: 0.8

vendor:turbolinuxmodel: - scope: - version: -

Trust: 0.8

vendor:wirexmodel: - scope: - version: -

Trust: 0.8

vendor:opensslmodel:opensslscope:lteversion:0.9.7b

Trust: 0.8

vendor:oraclemodel:application serverscope:eqversion:1.0.2.2

Trust: 0.8

vendor:oraclemodel:application serverscope:eqversion:1.0.2.2s

Trust: 0.8

vendor:oraclemodel:application serverscope:eqversion:9.0.2

Trust: 0.8

vendor:oraclemodel:application serverscope:eqversion:9.0.3

Trust: 0.8

vendor:oraclemodel:databasescope:eqversion:8.1.7

Trust: 0.8

vendor:oraclemodel:databasescope:eqversion:9.0.1

Trust: 0.8

vendor:oraclemodel:databasescope:eqversion:9.2.0

Trust: 0.8

vendor:oraclemodel:http serverscope:eqversion:9.2

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:1.1

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:2.0

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:2.1

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.1

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.2

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.0

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.1

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.2

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.3

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.00

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.11

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.22

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.23

Trust: 0.8

vendor:hewlett packardmodel:hp-ux apache-based web serverscope: - version: -

Trust: 0.8

vendor:red hatmodel:linuxscope:eqversion:9

Trust: 0.8

vendor:vmwaremodel:gsx server buildscope:eqversion:2.5.15336

Trust: 0.3

vendor:vmwaremodel:esx server buildscope:eqversion:2.05257

Trust: 0.3

vendor:vmwaremodel:esx serverscope:eqversion:1.5.2

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.30

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.200

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.11

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.10

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.01

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.0

Trust: 0.3

vendor:sunmodel:solaris 9 x86scope: - version: -

Trust: 0.3

vendor:sunmodel:solaris 9 sparcscope: - version: -

Trust: 0.3

vendor:sunmodel:one web server sp6scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp5scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp4scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp3scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp2scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp1scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web serverscope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp9scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp8scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp7scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp6scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp5scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp4scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp3scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp2scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp14scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp13scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp12scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp11scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp10scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one web server sp1scope:eqversion:4.1

Trust: 0.3

vendor:sunmodel:one directory serverscope:eqversion:5.1x86

Trust: 0.3

vendor:sunmodel:one directory server sp2scope:eqversion:5.1

Trust: 0.3

vendor:sunmodel:one directory server sp1scope:eqversion:5.1

Trust: 0.3

vendor:sunmodel:one directory serverscope:eqversion:5.1

Trust: 0.3

vendor:sunmodel:one application server ur2 standard editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:one application server ur2 platform editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:one application server ur1 standard editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:one application server ur1 platform editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:one application server standard editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:one application server platform editionscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:java system web serverscope:eqversion:6.1

Trust: 0.3

vendor:sunmodel:grid enginescope:eqversion:5.3x86

Trust: 0.3

vendor:sunmodel:grid engine sun linuxscope:eqversion:5.3

Trust: 0.3

vendor:sunmodel:grid engine 64-bit sparcscope:eqversion:5.3

Trust: 0.3

vendor:sunmodel:grid engine 32-bit sparcscope:eqversion:5.3

Trust: 0.3

vendor:sunmodel:clusterscope:eqversion:3.1

Trust: 0.3

vendor:sunmodel:clusterscope:eqversion:3.0

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.2.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.2

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.9

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.8

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.7

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.6

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.5

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.4

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.7.2

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.7.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.7

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.6.3

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.6.2

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.5.18

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.5.17

Trust: 0.3

vendor:stonesoftmodel:stonebeat webclusterscope:eqversion:2.5

Trust: 0.3

vendor:stonesoftmodel:stonebeat webclusterscope:eqversion:2.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat securityclusterscope:eqversion:2.5

Trust: 0.3

vendor:stonesoftmodel:stonebeat securityclusterscope:eqversion:2.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat high availabilityscope:eqversion:3.1

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for raptorscope:eqversion:2.5

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for raptorscope:eqversion:2.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for isa serverscope:eqversion:3.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for gauntletscope:eqversion:2.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for firewall-1scope:eqversion:3.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for firewall-1scope:eqversion:2.0

Trust: 0.3

vendor:ssleaymodel:ssleayscope:eqversion:0.9.1

Trust: 0.3

vendor:ssleaymodel:ssleayscope:eqversion:0.9

Trust: 0.3

vendor:ssleaymodel:ssleayscope:eqversion:0.8.1

Trust: 0.3

vendor:ssleaymodel:ssleayscope:eqversion:0.6.6

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2.5

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2.4

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2.3

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2.2

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2.1

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.2

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.8

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.7

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.6

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.5

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.4

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.3

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.2

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1.1

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:eqversion:3.1

Trust: 0.3

vendor:sshmodel:communications security ssh sentinelscope:eqversion:1.4

Trust: 0.3

vendor:sshmodel:communications security ipsec express toolkitscope: - version: -

Trust: 0.3

vendor:snapgearmodel:osscope:eqversion:1.8.4

Trust: 0.3

vendor:smoothwallmodel:gplscope:eqversion:1.0

Trust: 0.3

vendor:smoothwallmodel:express betascope:eqversion:2.0

Trust: 0.3

vendor:sgimodel:propackscope:eqversion:2.3

Trust: 0.3

vendor:sgimodel:propackscope:eqversion:2.2.1

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.22

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.21

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.21

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.21

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.20

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.20

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.20

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.19

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.19

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.19

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0.7

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0.6

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0.5

Trust: 0.3

vendor:redhatmodel:linux i386scope:eqversion:9.0

Trust: 0.3

vendor:oraclemodel:oracle9i standard editionscope:eqversion:9.2

Trust: 0.3

vendor:oraclemodel:oracle9i standard editionscope:eqversion:9.0.1

Trust: 0.3

vendor:oraclemodel:oracle9i standard editionscope:eqversion:8.1.7

Trust: 0.3

vendor:oraclemodel:oracle9i personal editionscope:eqversion:9.2

Trust: 0.3

vendor:oraclemodel:oracle9i personal editionscope:eqversion:9.0.1

Trust: 0.3

vendor:oraclemodel:oracle9i personal editionscope:eqversion:8.1.7

Trust: 0.3

vendor:oraclemodel:oracle9i enterprise editionscope:eqversion:9.2.0

Trust: 0.3

vendor:oraclemodel:oracle9i enterprise editionscope:eqversion:9.0.1

Trust: 0.3

vendor:oraclemodel:oracle9i enterprise editionscope:eqversion:8.1.7

Trust: 0.3

vendor:oraclemodel:oracle9i application serverscope:eqversion:9.0.3

Trust: 0.3

vendor:oraclemodel:oracle9i application serverscope:eqversion:9.0.2

Trust: 0.3

vendor:oraclemodel:oracle9i application serverscope:eqversion:1.0.2.2

Trust: 0.3

vendor:oraclemodel:oracle9i application server .1sscope:eqversion:1.0.2

Trust: 0.3

vendor:oraclemodel:http serverscope:eqversion:9.2.0

Trust: 0.3

vendor:opensslmodel:project openssl beta3scope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl beta2scope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl beta1scope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl bscope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl ascope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project opensslscope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl jscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl iscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl hscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl gscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl escope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl dscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl cscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl bscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl ascope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project opensslscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl ascope:eqversion:0.9.5

Trust: 0.3

vendor:openbsdmodel:openbsdscope:eqversion:3.4

Trust: 0.3

vendor:openbsdmodel:openbsdscope:eqversion:3.3

Trust: 0.3

vendor:openbsdmodel:openbsdscope:eqversion:3.2

Trust: 0.3

vendor:openbsdmodel:openbsdscope:eqversion:3.1

Trust: 0.3

vendor:novellmodel:nsure auditscope:eqversion:1.0.1

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:6.5

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:6.0

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:5.1

Trust: 0.3

vendor:novellmodel:netmail escope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmail dscope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmail cscope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmail bscope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmail ascope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmailscope:eqversion:3.10

Trust: 0.3

vendor:novellmodel:netmailscope:eqversion:3.1

Trust: 0.3

vendor:novellmodel:netmail bscope:eqversion:3.0.3

Trust: 0.3

vendor:novellmodel:netmail ascope:eqversion:3.0.3

Trust: 0.3

vendor:novellmodel:netmailscope:eqversion:3.0.3

Trust: 0.3

vendor:novellmodel:netmailscope:eqversion:3.0.1

Trust: 0.3

vendor:novellmodel:international cryptographic infostructurescope:eqversion:2.6.1

Trust: 0.3

vendor:novellmodel:imanagerscope:eqversion:2.0.2

Trust: 0.3

vendor:novellmodel:imanagerscope:eqversion:2.0

Trust: 0.3

vendor:novellmodel:imanagerscope:eqversion:1.5

Trust: 0.3

vendor:novellmodel:ichain server sp1scope:eqversion:2.2

Trust: 0.3

vendor:novellmodel:ichain server fp1ascope:eqversion:2.2

Trust: 0.3

vendor:novellmodel:ichain server fp1scope:eqversion:2.2

Trust: 0.3

vendor:novellmodel:ichain serverscope:eqversion:2.2

Trust: 0.3

vendor:novellmodel:groupwise webaccess sp2scope:eqversion:6.5

Trust: 0.3

vendor:novellmodel:groupwise webaccess sp1scope:eqversion:6.5

Trust: 0.3

vendor:novellmodel:groupwise webaccessscope:eqversion:6.5

Trust: 0.3

vendor:novellmodel:groupwise webaccess sp4scope:eqversion:6.0

Trust: 0.3

vendor:novellmodel:groupwise internet agentscope:eqversion:6.5.1

Trust: 0.3

vendor:novellmodel:groupwise sp2scope:eqversion:6.5

Trust: 0.3

vendor:novellmodel:groupwise sp4scope:eqversion:6.0

Trust: 0.3

vendor:novellmodel:edirectory su1scope:eqversion:8.7.1

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.7.1

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.7

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.6.2

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.5.27

Trust: 0.3

vendor:novellmodel:edirectory ascope:eqversion:8.5.12

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.5

Trust: 0.3

vendor:novellmodel:edirectoryscope:eqversion:8.0

Trust: 0.3

vendor:novellmodel:bordermanagerscope:eqversion:3.8

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:9.2

Trust: 0.3

vendor:mandrivamodel:linux mandrake ppcscope:eqversion:9.1

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:9.1

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:9.0

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:8.2

Trust: 0.3

vendor:mandrakesoftmodel:multi network firewallscope:eqversion:2.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate server x86 64scope:eqversion:2.1

Trust: 0.3

vendor:mandrakesoftmodel:corporate serverscope:eqversion:2.1

Trust: 0.3

vendor:junipermodel:networks t-series router t640scope: - version: -

Trust: 0.3

vendor:junipermodel:networks t-series router t320scope: - version: -

Trust: 0.3

vendor:junipermodel:networks sdx-300scope:eqversion:3.1.1

Trust: 0.3

vendor:junipermodel:networks sdx-300scope:eqversion:3.1

Trust: 0.3

vendor:junipermodel:networks m-series router m5scope: - version: -

Trust: 0.3

vendor:junipermodel:networks m-series router m40escope: - version: -

Trust: 0.3

vendor:junipermodel:networks m-series router m40scope: - version: -

Trust: 0.3

vendor:junipermodel:networks m-series router m20scope: - version: -

Trust: 0.3

vendor:junipermodel:networks m-series router m160scope: - version: -

Trust: 0.3

vendor:junipermodel:networks m-series router m10scope: - version: -

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:3.2.1

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:3.2

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:3.2.1

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:3.2

Trust: 0.3

vendor:ibmmodel:rational rosescope:eqversion:2000

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:2.0.47

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:2.0.42.2

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:2.0.42

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.28

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.26

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.19

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.12.4

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.12.3

Trust: 0.3

vendor:ibmmodel:http serverscope:eqversion:1.3.12.2

Trust: 0.3

vendor:hpmodel:hp-ux aaa server a.06.01.02scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.23

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.22

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.20

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.11

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.0

Trust: 0.3

vendor:hpmodel:wbem services for hp-ux a.01.05.05scope: - version: -

Trust: 0.3

vendor:f5model:ismanscope: - version: -

Trust: 0.3

vendor:f5model:firepassscope: - version: -

Trust: 0.3

vendor:f5model:bigipscope:eqversion:4.5

Trust: 0.3

vendor:f5model:bigipscope:eqversion:4.4

Trust: 0.3

vendor:f5model:bigipscope:eqversion:4.3

Trust: 0.3

vendor:f5model:bigipscope:eqversion:4.2

Trust: 0.3

vendor:f5model:bigipscope:eqversion:2.1

Trust: 0.3

vendor:f5model:bigipscope:eqversion:2.0

Trust: 0.3

vendor:f5model:3-dnsscope:eqversion:4.5

Trust: 0.3

vendor:f5model:3-dnsscope:eqversion:4.4

Trust: 0.3

vendor:f5model:3-dnsscope:eqversion:4.3

Trust: 0.3

vendor:f5model:3-dnsscope:eqversion:4.2

Trust: 0.3

vendor:f securemodel:ssh for windowsscope:eqversion:5.3

Trust: 0.3

vendor:f securemodel:ssh for windowsscope:eqversion:5.2

Trust: 0.3

vendor:f securemodel:ssh for windowsscope:eqversion:5.1

Trust: 0.3

vendor:f securemodel:ssh for unixscope:eqversion:3.2.3

Trust: 0.3

vendor:f securemodel:ssh for unixscope:eqversion:3.2.0

Trust: 0.3

vendor:f securemodel:ssh for unixscope:eqversion:3.1.0

Trust: 0.3

vendor:f securemodel:sshscope:eqversion:3.1.0

Trust: 0.3

vendor:f securemodel:ssh for unixscope:eqversion:3.0.1

Trust: 0.3

vendor:craymodel:open softwarescope:eqversion:3.4

Trust: 0.3

vendor:computermodel:associates etrust security command centerscope:eqversion:1.0

Trust: 0.3

vendor:ciscomodel:threat responsescope: - version: -

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.3.2-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.3.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.2.2-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.2.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-2.5.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-2-3.3.2-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-2-3.3.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sip proxy serverscope: - version: -

Trust: 0.3

vendor:ciscomodel:secure policy managerscope:eqversion:3.0.1

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:520

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:515

Trust: 0.3

vendor:ciscomodel:network analysis modulescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ios 12.2syscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2sxscope: - version: -

Trust: 0.3

vendor:ciscomodel:gss global site selectorscope:eqversion:4480

Trust: 0.3

vendor:ciscomodel:firewall services modulescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:css11000 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:css secure content acceleratorscope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:css secure content acceleratorscope:eqversion:1.0

Trust: 0.3

vendor:ciscomodel:ciscoworks common servicesscope:eqversion:2.2

Trust: 0.3

vendor:ciscomodel:ciscoworks wireless lan solution enginescope:eqversion:1105

Trust: 0.3

vendor:ciscomodel:ciscoworks hosting solution enginescope:eqversion:1105

Trust: 0.3

vendor:ciscomodel:application & content networking softwarescope: - version: -

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp4scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp3scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp2scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1 sp4scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1 sp3scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1 sp2scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1 sp1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software nokia voyagerscope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software next generation fp3 hf2scope: - version: -

Trust: 0.3

vendor:checkmodel:point software next generation fp3 hf1scope: - version: -

Trust: 0.3

vendor:checkmodel:point software next generation fp3scope: - version: -

Trust: 0.3

vendor:checkmodel:point software next generation fp2scope: - version: -

Trust: 0.3

vendor:checkmodel:point software next generation fp1scope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp6scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp5scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp4scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp3scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp2scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp8scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp7scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp6scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp5scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp4scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp3scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp2scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp1scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:3.0

Trust: 0.3

vendor:borderwaremodel:firewall serverscope:eqversion:7.0

Trust: 0.3

vendor:bluemodel:coat systems security gateway osscope:eqversion:3.0

Trust: 0.3

vendor:bluemodel:coat systems security gateway osscope:eqversion:2.0

Trust: 0.3

vendor:bluemodel:coat systems cacheos ca/sascope:eqversion:4.1.10

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2

Trust: 0.3

vendor:tarantellamodel:enterprisescope:neversion:33.40

Trust: 0.3

vendor:sunmodel:solaris 8 x86scope:neversion: -

Trust: 0.3

vendor:sunmodel:solaris 8 sparcscope:neversion: -

Trust: 0.3

vendor:sunmodel:solaris 7.0 x86scope:neversion: -

Trust: 0.3

vendor:sunmodel:solarisscope:neversion:7.0

Trust: 0.3

vendor:sunmodel:one web server sp7scope:neversion:6.0

Trust: 0.3

vendor:sunmodel:one web server sp14scope:neversion:4.1

Trust: 0.3

vendor:sunmodel:one directory server sp3scope:neversion:5.1

Trust: 0.3

vendor:sunmodel:one application server ur2 upgrade standardscope:neversion:7.0

Trust: 0.3

vendor:sunmodel:one application server ur2 upgrade platformscope:neversion:7.0

Trust: 0.3

vendor:sunmodel:java system web server sp1scope:neversion:6.1

Trust: 0.3

vendor:sunmodel:clusterscope:neversion:2.2

Trust: 0.3

vendor:sunmodel:clusterscope:neversion:2.1

Trust: 0.3

vendor:sshmodel:communications security ssh2scope:neversion:3.2.9

Trust: 0.3

vendor:sshmodel:communications security ssh sentinelscope:neversion:1.4.1

Trust: 0.3

vendor:snapgearmodel:osscope:neversion:1.8.5

Trust: 0.3

vendor:opensslmodel:project openssl cscope:neversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl kscope:neversion:0.9.6

Trust: 0.3

vendor:novellmodel:nsure auditscope:neversion:1.0.3

Trust: 0.3

vendor:novellmodel:nsure auditscope:neversion:1.0.2

Trust: 0.3

vendor:novellmodel:netmail fscope:neversion:3.1

Trust: 0.3

vendor:novellmodel:imanagerscope:neversion:2.5

Trust: 0.3

vendor:novellmodel:edirectory su1scope:neversion:8.7.1

Trust: 0.3

vendor:ingatemodel:siparatorscope:neversion:3.3.1

Trust: 0.3

vendor:ingatemodel:firewallscope:neversion:3.3.1

Trust: 0.3

vendor:ibmmodel:rational requisiteproscope:neversion:7.0

Trust: 0.3

vendor:hpmodel:hp-ux aaa server a.06.01.02.04scope:neversion: -

Trust: 0.3

vendor:hpmodel:wbem services for hp-ux a.01.05.07scope:neversion: -

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x10.2.8

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.2.8

Trust: 0.3

sources: CERT/CC: VU#104280 // CERT/CC: VU#732952 // CERT/CC: VU#686224 // CERT/CC: VU#935264 // CERT/CC: VU#380864 // CERT/CC: VU#255484 // BID: 8732 // JVNDB: JVNDB-2003-000287 // CNNVD: CNNVD-200311-033 // NVD: CVE-2003-0545

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2003-0545
value: HIGH

Trust: 1.8

CARNEGIE MELLON: VU#104280
value: 11.81

Trust: 0.8

CARNEGIE MELLON: VU#732952
value: 2.53

Trust: 0.8

CARNEGIE MELLON: VU#686224
value: 1.50

Trust: 0.8

CARNEGIE MELLON: VU#935264
value: 21.52

Trust: 0.8

CARNEGIE MELLON: VU#380864
value: 11.25

Trust: 0.8

CARNEGIE MELLON: VU#255484
value: 11.25

Trust: 0.8

CNNVD: CNNVD-200311-033
value: CRITICAL

Trust: 0.6

NVD: CVE-2003-0545
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2003-0545
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

sources: CERT/CC: VU#104280 // CERT/CC: VU#732952 // CERT/CC: VU#686224 // CERT/CC: VU#935264 // CERT/CC: VU#380864 // CERT/CC: VU#255484 // JVNDB: JVNDB-2003-000287 // CNNVD: CNNVD-200311-033 // NVD: CVE-2003-0545

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2003-000287 // NVD: CVE-2003-0545

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200311-033

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200311-033

CONFIGURATIONS

sources: NVD: CVE-2003-0545

PATCH

title:cisco-sa-20030930-sslurl:http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml

Trust: 0.8

title:HPSBUX00290url:http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0310-290

Trust: 0.8

title:HPSBUX0310-284url:http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0310-284

Trust: 0.8

title:HPSBUX00288url:http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00891831

Trust: 0.8

title:HPSBUX00290url:http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-290.html

Trust: 0.8

title:HPSBUX0310-284url:http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-284.html

Trust: 0.8

title:opensslurl:http://www.miraclelinux.com/support/update/data/openssl.html

Trust: 0.8

title:secadv_20030930url:http://www.openssl.org/news/secadv_20030930.txt

Trust: 0.8

title:#62url:http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf

Trust: 0.8

title:#62url:http://support.oracle.co.jp/open/owa/external_krown.search_doc?c_document_id=70482

Trust: 0.8

title:RHSA-2003:292url:http://rhn.redhat.com/errata/rhsa-2003-292.html

Trust: 0.8

title:cisco-sa-20030930-sslurl:http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20030930-ssl-j.shtml

Trust: 0.8

title:RHSA-2003:292url:http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-292j.html

Trust: 0.8

sources: JVNDB: JVNDB-2003-000287

EXTERNAL IDS

db:CERT/CCid:VU#935264

Trust: 3.5

db:NVDid:CVE-2003-0545

Trust: 2.8

db:BIDid:8732

Trust: 2.7

db:CERT/CCid:VU#732952

Trust: 1.9

db:CERT/CCid:VU#686224

Trust: 1.9

db:CERT/CCid:VU#104280

Trust: 1.6

db:VUPENid:ADV-2006-3900

Trust: 1.6

db:SECUNIAid:22249

Trust: 1.6

db:CERT/CCid:VU#380864

Trust: 1.1

db:CERT/CCid:VU#255484

Trust: 1.1

db:XFid:13315

Trust: 0.8

db:JVNDBid:JVNDB-2003-000287

Trust: 0.8

db:CERT/CCid:CA-2003-26

Trust: 0.6

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:2590

Trust: 0.6

db:REDHATid:RHSA-2003:292

Trust: 0.6

db:DEBIANid:DSA-394

Trust: 0.6

db:CNNVDid:CNNVD-200311-033

Trust: 0.6

db:PACKETSTORMid:31738

Trust: 0.1

sources: CERT/CC: VU#104280 // CERT/CC: VU#732952 // CERT/CC: VU#686224 // CERT/CC: VU#935264 // CERT/CC: VU#380864 // CERT/CC: VU#255484 // BID: 8732 // JVNDB: JVNDB-2003-000287 // PACKETSTORM: 31738 // CNNVD: CNNVD-200311-033 // NVD: CVE-2003-0545

REFERENCES

url:http://www.ietf.org/rfc/rfc2246.txt

Trust: 4.8

url:http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm

Trust: 4.5

url:http://wp.netscape.com/eng/ssl3/

Trust: 4.0

url:http://www.itu.int/itu-t/studygroups/com10/languages/

Trust: 4.0

url:http://www.openssl.org/news/secadv_20030930.txt

Trust: 3.9

url:http://www.ietf.org/html.charters/pkix-charter.html

Trust: 3.2

url:http://www.cert.org/advisories/ca-2003-26.html

Trust: 2.7

url:http://www.kb.cert.org/vuls/id/935264

Trust: 2.7

url:http://www.securityfocus.com/bid/8732

Trust: 2.4

url:http://www-1.ibm.com/support/docview.wss?uid=swg21247112

Trust: 1.9

url:http://www.redhat.com/support/errata/rhsa-2003-292.html

Trust: 1.6

url:http://www.debian.org/security/2003/dsa-394

Trust: 1.6

url:http://secunia.com/advisories/22249

Trust: 1.6

url:http://www.kb.cert.org/vuls/id/686224

Trust: 1.1

url:http://www.kb.cert.org/vuls/id/732952

Trust: 1.1

url:http://www.vupen.com/english/advisories/2006/3900

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2590

Trust: 1.0

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/10087450.htm

Trust: 0.9

url:http://www.uniras.gov.uk/vuls/2003/006489/tls.htm

Trust: 0.8

url:http://www.rsasecurity.com/rsalabs/pkcs/

Trust: 0.8

url:http://wp.netscape.com/eng/ssl3/draft302.txt

Trust: 0.8

url:http://www.ciac.org/ciac/bulletins/n-159.shtml

Trust: 0.8

url:http://www.ciac.org/ciac/bulletins/o-065.shtml

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0545

Trust: 0.8

url:http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20031104-00753.xml

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/13315

Trust: 0.8

url:http://jvn.jp/cert/jvnca-2003-26

Trust: 0.8

url:http://jvn.jp/tr/trca-2003-26

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0545

Trust: 0.8

url:http://www.cpni.gov.uk/docs/re-20031104-00753.pdf?lang=en

Trust: 0.8

url:http://www.kb.cert.org/vuls/id/104280

Trust: 0.8

url:http://www.cyberpolice.go.jp/important/20031001_103420.html

Trust: 0.8

url:http://www.frsirt.com/english/advisories/2006/3900

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2590

Trust: 0.6

url:http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-tech.shtml

Trust: 0.3

url:http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120400.shtml

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57599

Trust: 0.3

url:http://www.info.apple.com/usen/security/security_updates.html

Trust: 0.3

url:http://www.apple.com/swupdates/

Trust: 0.3

url:http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967586.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968007.htm

Trust: 0.3

url:http://www.vmware.com/download/esx/esx2-openssh.html

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967420.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967421.htm

Trust: 0.3

url:http://www.borderware.com/products/firewall.php

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967425.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967411.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967408.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967399.htm

Trust: 0.3

url:http://www.vmware.com/download/gsx_security.html

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967175.htm

Trust: 0.3

url:http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2003:098

Trust: 0.3

url:http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2004.0422.1

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967210.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967209.htm

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967208.htm

Trust: 0.3

url:http://cirt.dk/advisories/cirt-32-advisory.pdf

Trust: 0.3

url:http://www.cirt.dk/advisories/cirt-31-advisory.pdf

Trust: 0.3

url:http://www.stonesoft.com/document/art/3040.html

Trust: 0.3

url:http://metalink.oracle.com

Trust: 0.3

url:http://www.smoothwall.org/home/news/item/20031001.01.html

Trust: 0.3

url:http://www.ingate.com/relnote-331.php

Trust: 0.3

url:https://rhn.redhat.com/errata/rhsa-2003-293.html

Trust: 0.3

url:http://www.bluecoat.com/support/knowledge/advisory_openssl_asn_vulnerability.html

Trust: 0.3

url:http://support.novell.com/security-alerts/

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968981.htm

Trust: 0.3

url:http://www.stonesoft.com/document/art/3041.html

Trust: 0.3

url:http://www.ssh.com/company/newsroom/article/476/

Trust: 0.3

url:http://www.ssh.com/company/newsroom/article/477/

Trust: 0.3

url:http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57100

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57444

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57472

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57475

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57498

Trust: 0.3

url:http://sunsolve.sun.com/patches/linux/security.html

Trust: 0.3

url:http://www.tarantella.com/security/bulletin-08.html

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097379.htm

Trust: 0.3

url:http://www.borderware.com/

Trust: 0.3

url:http://www.kb.cert.org/vuls/id/255484

Trust: 0.3

url:http://www.kb.cert.org/vuls/id/380864

Trust: 0.3

url:/archive/1/343055

Trust: 0.3

url:https://www.niscc.gov.uk)

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2003-0545

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0545

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0543

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0544

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2003-0543

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2003-0544

Trust: 0.1

sources: CERT/CC: VU#104280 // CERT/CC: VU#732952 // CERT/CC: VU#686224 // CERT/CC: VU#935264 // CERT/CC: VU#380864 // CERT/CC: VU#255484 // BID: 8732 // JVNDB: JVNDB-2003-000287 // PACKETSTORM: 31738 // CNNVD: CNNVD-200311-033 // NVD: CVE-2003-0545

CREDITS

NISCC uniras@niscc.gov.uk

Trust: 0.6

sources: CNNVD: CNNVD-200311-033

SOURCES

db:CERT/CCid:VU#104280
db:CERT/CCid:VU#732952
db:CERT/CCid:VU#686224
db:CERT/CCid:VU#935264
db:CERT/CCid:VU#380864
db:CERT/CCid:VU#255484
db:BIDid:8732
db:JVNDBid:JVNDB-2003-000287
db:PACKETSTORMid:31738
db:CNNVDid:CNNVD-200311-033
db:NVDid:CVE-2003-0545

LAST UPDATE DATE

2022-05-29T21:30:21.532000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#104280date:2004-08-25T00:00:00
db:CERT/CCid:VU#732952date:2003-10-01T00:00:00
db:CERT/CCid:VU#686224date:2003-10-01T00:00:00
db:CERT/CCid:VU#935264date:2003-10-01T00:00:00
db:CERT/CCid:VU#380864date:2003-10-01T00:00:00
db:CERT/CCid:VU#255484date:2003-10-01T00:00:00
db:BIDid:8732date:2016-07-06T14:32:00
db:JVNDBid:JVNDB-2003-000287date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200311-033date:2005-10-20T00:00:00
db:NVDid:CVE-2003-0545date:2018-05-03T01:29:00

SOURCES RELEASE DATE

db:CERT/CCid:VU#104280date:2003-09-30T00:00:00
db:CERT/CCid:VU#732952date:2003-09-30T00:00:00
db:CERT/CCid:VU#686224date:2003-09-30T00:00:00
db:CERT/CCid:VU#935264date:2003-09-30T00:00:00
db:CERT/CCid:VU#380864date:2003-09-30T00:00:00
db:CERT/CCid:VU#255484date:2003-09-30T00:00:00
db:BIDid:8732date:2003-09-30T00:00:00
db:JVNDBid:JVNDB-2003-000287date:2007-04-01T00:00:00
db:PACKETSTORMid:31738date:2003-09-30T16:10:22
db:CNNVDid:CNNVD-200311-033date:2003-09-30T00:00:00
db:NVDid:CVE-2003-0545date:2003-11-17T05:00:00