Secunia CSI 5.0
Products
Solutions
Customers
Partner
Resources
Company
Careers
Community

CVE Reference: CVE-2006-4343
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-4343

Description:
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/29240

UBUNTU
  http://www.ubuntu.com/usn/usn-353-1

TRUSTIX
  http://www.trustix.org/errata/2006/0054

SUSE
  http://www.novell.com/linux/security/advisories/2006_24_sr.html
  http://www.novell.com/linux/security/advisories/2006_58_openssl.html

SUNALERT
  http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1

ST
  1016943
  1017522

SLACKWARE
  http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946

SGI

SAID
  Secunia Advisory: SA22130
  Secunia Advisory: SA22094
  Secunia Advisory: SA22165
  Secunia Advisory: SA22186
  Secunia Advisory: SA22193
  Secunia Advisory: SA22207
  Secunia Advisory: SA22259
  Secunia Advisory: SA22260
  Secunia Advisory: SA22166
  Secunia Advisory: SA22172
  Secunia Advisory: SA22212
  Secunia Advisory: SA22240
  Secunia Advisory: SA22216
  Secunia Advisory: SA22116
  Secunia Advisory: SA22220
  Secunia Advisory: SA22284
  Secunia Advisory: SA22330
  Secunia Advisory: SA22385
  Secunia Advisory: SA22460
  Secunia Advisory: SA22500
  Secunia Advisory: SA22544
  Secunia Advisory: SA22626
  Secunia Advisory: SA22487
  Secunia Advisory: SA22758
  Secunia Advisory: SA22799
  Secunia Advisory: SA22791
  Secunia Advisory: SA22772
  Secunia Advisory: SA23038
  Secunia Advisory: SA23155
  Secunia Advisory: SA22298
  Secunia Advisory: SA23309
  Secunia Advisory: SA23280
  Secunia Advisory: SA23340
  Secunia Advisory: SA23680
  Secunia Advisory: SA23794
  Secunia Advisory: SA23915
  Secunia Advisory: SA24950
  Secunia Advisory: SA25420
  Secunia Advisory: SA25889
  Secunia Advisory: SA26329
  Secunia Advisory: SA30124
  Secunia Advisory: SA31492

REDHAT
  http://www.redhat.com/support/errata/RHSA-2008-0629.html
  http://www.redhat.com/support/errata/RHSA-2006-0695.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4356
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10207

OSVDB
  29263

OPENPKG
  http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html

OPENBSD
  http://openbsd.org/errata.html#openssl2

NETBSD

MLIST
  http://lists.vmware.com/pipermail/security-announce/2008/000008.html

MILW0RM
  http://www.milw0rm.com/exploits/4773

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
  http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
  http://www.mandriva.com/security/advisories?name=MDKSA-2006:172

HP
  http://marc.info/?l=bugtraq&m=130497311408250&w=2
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
  http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
  http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml
  http://security.gentoo.org/glsa/glsa-200610-11.xml

FULLDISC
  http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html

FREEBSD
  http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc

DEBIAN
  http://www.debian.org/security/2006/dsa-1195
  http://www.debian.org/security/2006/dsa-1185

CONFIRM
  http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
  http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
  http://www.vmware.com/support/server/doc/releasenotes_server.html
  http://www.vmware.com/support/player2/doc/releasenotes_player2.html
  http://www.vmware.com/support/player/doc/releasenotes_player.html
  http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
  http://www.vmware.com/security/advisories/VMSA-2008-0005.html
  http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf
  http://issues.rpath.com/browse/RPL-613
  http://www.ingate.com/relnote-452.php
  http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html
  http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
  http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
  http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
  http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
  http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
  http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
  http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
  http://docs.info.apple.com/article.html?artnum=304829
  http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
  http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm
  http://www.serv-u.com/releasenotes/
  http://openvpn.net/changelog.html
  http://kolab.org/security/kolab-vendor-notice-11.txt
  http://www.openssl.org/news/secadv_20060928.txt

CISCO
  http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
  http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml

CERT-VN
  386964

CERT
  http://www.us-cert.gov/cas/techalerts/TA06-333A.html

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/489739/100/0/threaded
  http://www.securityfocus.com/archive/1/archive/1/447393/100/0/threaded
  http://www.securityfocus.com/archive/1/archive/1/447318/100/0/threaded
  http://www.securityfocus.com/archive/1/archive/1/456546/100/200/threaded

BID
  28276
  22083
  20246

APPLE
  http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html


Return to the previous page.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports & Papers
Webinars
Events
 About us
Careers
Memberships
Newsroom
 
© 2002-2012 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability