VDB
CVE-2004-0081
CVE-2004-0081
PUBLISHED
CVSS 5 MEDIUM
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
EPSS 2.39% · 85.3th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
2.39%
85.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| openbsd | openbsd | 3.3, 3.4 |
| hp | apache-based_web_server | 2.0.43.04, 2.0.43.00 |
| cisco | access_registrar | |
| securecomputing | sidewinder | 5.2.0.01, 5.2.1.02, 5.2.0.03 |
| hp | wbem | a.01.05.08, a.02.00.00, * |
| checkpoint | vpn-1 | next_generation_fp1, next_generation, next_generation_fp0 |
| stonesoft | stonebeat_webcluster | 2.5, 2.0 |
| apple | mac_os_x_server | 10.3.3 |
| cisco | threat_response | |
| dell | bsafe_ssl-j | 3.0, 3.1, 3.0.1 |
| cisco | ciscoworks_common_services | 2.2 |
| avaya | sg5 | 4.2, 4.3, 4.4 |
| apple | mac_os_x | 10.3.3 |
| redhat | enterprise_linux | 3.0, 3.0, 3.0 |
| avaya | intuity_audix | *, 5.1.46, * |
| avaya | converged_communications_server | 2.0 |
| cisco | css_secure_content_accelerator | 2.0, 1.0 |
| neoteris | instant_virtual_extranet | 3.2, 3.3.1, 3.0 |
| stonesoft | stonegate_vpn_client | 2.0.9, 2.0.8, 2.0.7 |
| cisco | application_and_content_networking_software |
…and 47 more
Exploit Intelligence
- oval:org.mitre.oval:def:11755 (circl)
- 2004-0012 (circl)
- ESA-20040317-003 (circl)
- RHSA-2004:121 (circl)
- CLA-2004:834 (circl)
- SCOSA-2004.10 (circl)
- 20040304-01-U (circl)
- openssl-tls-dos(15509) (circl)
- http://www.uniras.gov.uk/vuls/2004/224012/index.htm (circl)
- FEDORA-2004-095 (circl)
…and 15 more exploits
Timeline
- Jul 18, 2003 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
References
- 9899 vdb
- ESA-20040317-003 vendor-advisory
- 20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004] mailing-list
- RHSA-2004:121 vendor-advisory
- CLA-2004:834 vendor-advisory
- SCOSA-2004.10 vendor-advisory
- 20040304-01-U vendor-advisory
- openssl-tls-dos(15509) vdb
- http://www.uniras.gov.uk/vuls/2004/224012/index.htm url
- FEDORA-2004-095 vendor-advisory
- 57524 vendor-advisory
- oval:org.mitre.oval:def:871 vdb
- oval:org.mitre.oval:def:11755 vdb
- VU#465542 third-party-advisory
- TA04-078A third-party-advisory
- GLSA-200403-03 vendor-advisory
- 11139 third-party-advisory
- RHSA-2004:120 vendor-advisory
- RHSA-2004:119 vendor-advisory
- oval:org.mitre.oval:def:902 vdb
…and 6 more