Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0826

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0826
Last Modified 05 Sep 2008 04:39:31
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0826

Summary

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.

Vulnerable Systems

Operating System

  • Hp-ux 11.00

  • Hp-ux 11.11

  • Hp-ux 11.23

Application

  • Mozilla Network Security Services 3.2

  • Mozilla Network Security Services 3.2.1

  • Mozilla Network Security Services 3.3

  • Mozilla Network Security Services 3.3.1

  • Mozilla Network Security Services 3.3.2

  • Mozilla Network Security Services 3.4

  • Mozilla Network Security Services 3.4.1

  • Mozilla Network Security Services 3.4.2

  • Mozilla Network Security Services 3.5

  • Mozilla Network Security Services 3.6

  • Mozilla Network Security Services 3.6.1

  • Mozilla Network Security Services 3.7

  • Mozilla Network Security Services 3.7.1

  • Mozilla Network Security Services 3.7.2

  • Mozilla Network Security Services 3.7.3

  • Mozilla Network Security Services 3.7.5

  • Mozilla Network Security Services 3.7.7

  • Mozilla Network Security Services 3.8

  • Mozilla Network Security Services 3.9

  • Netscape Certificate Server 1.0

  • Netscape Certificate Server 4.2

  • Netscape Directory Server 1.3

  • Netscape Directory Server 3.1

  • Netscape Directory Server 3.12

  • Netscape Directory Server 4.1

  • Netscape Directory Server 4.11

  • Netscape Directory Server 4.13

  • Netscape Enterprise Server 2.0

  • Netscape Enterprise Server 2.0.1c

  • Netscape Enterprise Server 2.0a

  • Netscape Enterprise Server 3.0

  • Netscape Enterprise Server 3.0.1

  • Netscape Enterprise Server 3.0.1b

  • Netscape Enterprise Server 3.0.7a

  • Netscape Enterprise Server 3.0l

  • Netscape Enterprise Server 3.1

  • Netscape Enterprise Server 3.2

  • Netscape Enterprise Server 3.3

  • Netscape Enterprise Server 3.4

  • Netscape Enterprise Server 3.5

  • Netscape Enterprise Server 3.5.1

  • Netscape Enterprise Server 3.6

  • Netscape Enterprise Server 4.0

  • Netscape Enterprise Server 4.1

  • Netscape Enterprise Server 4.1.1

  • Netscape Enterprise Server 5.0

  • Netscape Personalization Engine

  • Sun Java Enterprise System 2003q4

  • Sun Java Enterprise System 2004q2

  • Sun Java System Application Server 7.0

  • Sun Java System Application Server 7.1

  • Sun One Application Server 6.0

  • Sun One Web Server 4.1

  • Sun One Web Server 6.0

  • Sun One Web Server 6.1


References

XF - sslv2-client-hello-overflow(16314)

ISS - 20040823 Netscape NSS Library Remote Compromise

BID - 11015

HP - SSRT4779


Last Updated: 27 May 2016 10:38:46