CVE-2003-0851 — Vulnetix

Try Vulnetix Request Demo

CVE-2003-0851 PUBLISHED CVSS 5 MEDIUM

OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.

EPSS 4.24% · 88.7th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

4.24%

88.7th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
openssl	openssl	0.9.7a, 0.9.6, 0.9.6a
cisco	css11000_content_services_switch
cisco	ios	12.1\(11\)e, 12.1\(11b\)e, 12.2sx
cisco	pix_firewall_software	6.0, 6.0\(1\), 6.0\(2\)
cisco	pix_firewall	6.2.2_.111

Timeline

Jul 18, 2003 CVE Published
Feb 4, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Oct 22, 2023 EPSS Score
Nov 21, 2023 EPSS Score

References

oval:org.mitre.oval:def:5528 vdb
FEDORA-2005-1042 vendor-advisory
20040304-01-U vendor-advisory
17381 third-party-advisory
NetBSD-SA2004-003 vendor-advisory
20030930 SSL Implementation Vulnerabilities vendor-advisory
8970 vdb
20031104 [OpenSSL Advisory] Denial of Service in ASN.1 parsing mailing-list
RHSA-2004:119 vendor-advisory
http://www.openssl.org/news/secadv_20031104.txt url
VU#412478 third-party-advisory
20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability mailing-list
https://nvd.nist.gov/vuln/detail/CVE-2003-0851 advisory

Open in Interactive Console →