Definition


New Search

Security Vulnerabilities in OpenSSL May Lead to a Denial of Service (DoS) to Applications or Execution of Arbitrary Code With Elevated Privileges

oval:org.mitre.oval:def:4356

The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l 0.9.8 before 0.9.8d and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Sun Solaris 10
Class:
vulnerability
Reference(s):
  • CVE-2006-4343
Product(s):