VDB

CVE-2004-0079

CVE-2004-0079 PUBLISHED CVSS 5 MEDIUM

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

EPSS 2.28% · 84.9th percentile

Risk Scores

CVSS v2.0
5
EPSS Score
2.28%
84.9th percentile

Affected Products

VendorProductVersions
applemac_os_x10.3.3
openbsdopenbsd3.4, 3.3
avayasg54.4, 4.3, 4.2
ciscociscoworks_common_services2.2
securecomputingsidewinder5.2.0.03, 5.2.0.04, 5.2.1
sgipropack3.0, 2.3, 2.4
suncrypto_accelerator_40001.0
ciscoapplication_and_content_networking_software
avayas8700r2.0.1, *
freebsdfreebsd5.2, 5.2.1, 4.9
n/an/an/a
stonesoftstonebeat_webcluster2.5, 2.0
redhatenterprise_linux_desktop3.0
avayasg2084.4
redhatenterprise_linux3.0, 3.0, 3.0
avayas8300r2.0.0, *
ciscofirewall_services_module2.1_\(0.208\), 1.1_\(3.005\), 1.1.3
ciscopix_firewall_software6.0\(2\), 6.0\(1\), 6.0
bluecoatcacheos_ca_sa4.1.12, 4.1.10
avayaintuity_audixs3400, 5.1.46, s3210

…and 47 more

Timeline

  • Jul 18, 2003 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Sep 3, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 17, 2022 EPSS Score
  • Feb 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • May 24, 2023 EPSS Score
  • Jul 15, 2023 EPSS Score
  • Sep 6, 2023 EPSS Score

References

…and 26 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›