Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0545

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0545
Last Modified 07 Mar 2011 09:12:45
Published 17 Nov 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0545

Summary

Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.

Vulnerable Systems

Application

  • Openssl 0.9.6

  • Openssl 0.9.7


References

CERT-VN - VU#935264

CERT - CA-2003-26

REDHAT - RHSA-2003:292

VUPEN - ADV-2006-3900

BID - 8732

DEBIAN - DSA-394

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21247112

SECUNIA - 22249


Last Updated: 27 May 2016 10:37:57