VULHUB ™

CERT Advisory CA-2002-23 - OpenSSL prior to 0.9.6e, up to and including pre-release 0.9.7-beta2 contains four remotely exploitable buffer overflows. Overflows exist during the SSLv2 handshake process, SSLv3 handshake process, kerberos SSLv3 handshakes, and holding of ASCII representations of integers. Denial of service vulnerabilities exist in the handing of ASN.1 encoding. Version 0.9.6e of OpenSSL is recommended.

CERT Advisory CA-2002-23 - OpenSSL prior to 0.9.6e, up to and including pre-release 0.9.7-beta2 contains four remotely exploitable buffer overflows. Overflows exist during the SSLv2 handshake process, SSLv3 handshake process, kerberos SSLv3 handshakes, and holding of ASCII representations of integers. Denial of service vulnerabilities exist in the handing of ASN.1 encoding. Version 0.9.6e of OpenSSL is recommended.