Home Corporate Website Jobs Updated Mailing Lists RSS Blog  Online Shop Advertise
	Software Inspectors   Scan Online   Personal (PSI)   Network (NSI 2.0) Solutions For   Security Professionals   Security Vendors Free Solutions For   Open Communities   Journalists & Media Secunia Advisories   Search   Historic Advisories   Listed By Product   Listed By Vendor   Statistics / Graphs   Secunia Research   Report Vulnerability   About Advisories Virus Information   Chronological List   Last 10 Virus Alerts   About Virus Information Secunia Customers   Customer Area CVE Reference: CVE-2006-2937 NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. Original Page at CVE MITRE: CVE-2006-2937 Description: OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. CVE Status: Candidate References: XF   http://xforce.iss.net/xforce/xfdb/29228 UBUNTU   http://www.ubuntu.com/usn/usn-353-1 TRUSTIX   http://www.trustix.org/errata/2006/0054 SUSE   http://www.novell.com/linux/security/advisories/2006_24_sr.html   http://www.novell.com/linux/security/advisories/2006_58_openssl.html SUNALERT   http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1   http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1   http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1   http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1 ST   1016943 SLACKWARE   http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946 SGI SAID   Secunia Advisory: SA24950   Secunia Advisory: SA23915   Secunia Advisory: SA23680   Secunia Advisory: SA23351   Secunia Advisory: SA23340   Secunia Advisory: SA23280   Secunia Advisory: SA23309   Secunia Advisory: SA22298   Secunia Advisory: SA23131   Secunia Advisory: SA23155   Secunia Advisory: SA23038   Secunia Advisory: SA22772   Secunia Advisory: SA22799   Secunia Advisory: SA22758   Secunia Advisory: SA22671   Secunia Advisory: SA22487   Secunia Advisory: SA22626   Secunia Advisory: SA22544   Secunia Advisory: SA22460   Secunia Advisory: SA22385   Secunia Advisory: SA22330   Secunia Advisory: SA22284   Secunia Advisory: SA22220   Secunia Advisory: SA22116   Secunia Advisory: SA22216   Secunia Advisory: SA22240   Secunia Advisory: SA22212   Secunia Advisory: SA22172   Secunia Advisory: SA22166   Secunia Advisory: SA22207   Secunia Advisory: SA22259   Secunia Advisory: SA22260   Secunia Advisory: SA22193   Secunia Advisory: SA22186   Secunia Advisory: SA22094   Secunia Advisory: SA22165   Secunia Advisory: SA22130   Secunia Advisory: SA24930   Secunia Advisory: SA25889   Secunia Advisory: SA26329   Secunia Advisory: SA30124 REDHAT   http://www.redhat.com/support/errata/RHSA-2006-0695.html OSVDB   29260 OPENPKG   http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html OPENBSD   http://openbsd.org/errata.html#openssl2 NETBSD MLIST   http://lists.vmware.com/pipermail/security-announce/2008/000008.html   http://marc.theaimsgroup.com/?l=bind-announce&m=116253119512445&w=2 MANDRIVA   http://www.mandriva.com/security/advisories?name=MDKSA-2006:178   http://www.mandriva.com/security/advisories?name=MDKSA-2006:172   http://www.mandriva.com/security/advisories?name=MDKSA-2006:177 HP   http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771   http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100   http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540 GENTOO   http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml   http://security.gentoo.org/glsa/glsa-200610-11.xml FULLDISC   http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html FREEBSD   http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc DEBIAN   http://www.debian.org/security/2006/dsa-1185 CONFIRM   http://www.vmware.com/support/player2/doc/releasenotes_player2.html   http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html   http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html   http://www.vmware.com/support/server/doc/releasenotes_server.html   http://www.vmware.com/support/player/doc/releasenotes_player.html   http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html   http://www.vmware.com/security/advisories/VMSA-2008-0005.html   http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf   http://issues.rpath.com/browse/RPL-613   http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html   http://docs.info.apple.com/article.html?artnum=304829   http://www.f-secure.com/security/fsc-2006-6.shtml   http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html   http://www.arkoon.fr/upload/alertes/41AK-2006-08-FR-1.1_SSL360_OPENSSL_ASN1.pdf   http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html   http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html   http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html   http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html   http://openvpn.net/changelog.html   http://www.serv-u.com/releasenotes/   http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm   http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227   http://www.arkoon.fr/upload/alertes/37AK-2006-06-FR-1.1_FAST360_OPENSSL_ASN1.pdf   http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm   http://www.openssl.org/news/secadv_20060928.txt   http://kolab.org/security/kolab-vendor-notice-11.txt CISCO   http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html   http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml CERT-VN   247744 CERT   http://www.us-cert.gov/cas/techalerts/TA06-333A.html BUGTRAQ   http://www.securityfocus.com/archive/1/archive/1/489739/100/0/threaded   http://www.securityfocus.com/archive/1/archive/1/447393/100/0/threaded   http://www.securityfocus.com/archive/1/archive/1/447318/100/0/threaded   http://www.securityfocus.com/archive/1/archive/1/456546/100/200/threaded BID   20248   28276 APPLE   http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html Return to the previous page. Secunia PSI Scan | Patch | Track Free Download Secunia Poll Do you think it's important to read Setup/User Guides for applications for use within your network? Yes, I do it all the time Yes, but I do it rarely No See Results    Most Popular Advisories 1. Microsoft Windows DNS Spoofing Vulnerabilities 2. Microsoft Access Snapshot Viewer ActiveX Control Vulnerability 3. Microsoft Windows Explorer Saved Search Vulnerability 4. Joomla Unauthorized Access Vulnerabilities 5. Microsoft SQL Server and MSDE Multiple Vulnerabilities 6. Microsoft Outlook Web Access Script Insertion Vulnerabilities 7. ArticleBeach Script "page" File Inclusion Vulnerability 8. Mozilla Firefox Multiple Vulnerabilities 9. Symantec Brightmail AntiSpam Notifier Denial of Service 10. PHP-Nuke 4ndvddb Module "id" SQL Injection Vulnerability
Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia