VULHUB ™

FreeBSD Security Advisory FreeBSD-SA-02:33 - OpenSSL prior to v0.9.6e contains several remotely exploitable buffer overflows, including errors in the handling of the client master key in the SSL2 protocol implementation; the handling of the session ID in the SSL3 protocol; and in the handling of buffers used for representing integers in ASCII on 64-bit platforms. Disabling the SSL2 protocol in server applications should render server exploits harmless. There is no known workaround for client applications.

FreeBSD Security Advisory FreeBSD-SA-02:33 - OpenSSL prior to v0.9.6e contains several remotely exploitable buffer overflows, including errors in the handling of the client master key in the SSL2 protocol implementation; the handling of the session ID in the SSL3 protocol; and in the handling of buffers used for representing integers in ASCII on 64-bit platforms. Disabling the SSL2 protocol in server applications should render server exploits harmless. There is no known workaround for client applications.