Secunia - Stay Secure
Gartner
Home Corporate Website Jobs Updated Mailing Lists RSS Blog  Online Shop Advertise
Software Inspectors
  Scan Online
  Personal (PSI)
  Network (NSI 2.0)

Solutions For
  Security Professionals
  Security Vendors

Free Solutions For
  Open Communities
  Journalists & Media

Secunia Advisories
  Search
  Historic Advisories
  Listed By Product
  Listed By Vendor
  Statistics / Graphs
  Secunia Research
  Report Vulnerability
  About Advisories

Virus Information
  Chronological List
  Last 10 Virus Alerts
  About Virus Information

Secunia Customers
  Customer Area


CVE Reference: CVE-2006-4343

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-4343

Description:
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/29240

UBUNTU
  http://www.ubuntu.com/usn/usn-353-1

TRUSTIX
  http://www.trustix.org/errata/2006/0054

SUSE
  http://www.novell.com/linux/security/advisories/2006_24_sr.html
  http://www.novell.com/linux/security/advisories/2006_58_openssl.html

SUNALERT
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1
  http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1

ST
  1016943
  1017522

SLACKWARE
  http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946

SGI

SAID
  Secunia Advisory: SA24950
  Secunia Advisory: SA23915
  Secunia Advisory: SA23794
  Secunia Advisory: SA23680
  Secunia Advisory: SA23340
  Secunia Advisory: SA23280
  Secunia Advisory: SA23309
  Secunia Advisory: SA22298
  Secunia Advisory: SA23155
  Secunia Advisory: SA23038
  Secunia Advisory: SA22772
  Secunia Advisory: SA22791
  Secunia Advisory: SA22799
  Secunia Advisory: SA22758
  Secunia Advisory: SA22487
  Secunia Advisory: SA22626
  Secunia Advisory: SA22544
  Secunia Advisory: SA22500
  Secunia Advisory: SA22460
  Secunia Advisory: SA22385
  Secunia Advisory: SA22330
  Secunia Advisory: SA22284
  Secunia Advisory: SA22220
  Secunia Advisory: SA22116
  Secunia Advisory: SA22216
  Secunia Advisory: SA22240
  Secunia Advisory: SA22212
  Secunia Advisory: SA22172
  Secunia Advisory: SA22166
  Secunia Advisory: SA22260
  Secunia Advisory: SA22259
  Secunia Advisory: SA22207
  Secunia Advisory: SA22193
  Secunia Advisory: SA22186
  Secunia Advisory: SA22165
  Secunia Advisory: SA22130
  Secunia Advisory: SA22094
  Secunia Advisory: SA25420
  Secunia Advisory: SA25889
  Secunia Advisory: SA26329
  Secunia Advisory: SA30124

REDHAT
  http://www.redhat.com/support/errata/RHSA-2006-0695.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4356

OSVDB
  29263

OPENPKG
  http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html

OPENBSD
  http://openbsd.org/errata.html#openssl2

NETBSD

MLIST
  http://lists.vmware.com/pipermail/security-announce/2008/000008.html

MILW0RM
  http://www.milw0rm.com/exploits/4773

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
  http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
  http://www.mandriva.com/security/advisories?name=MDKSA-2006:172

HP
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
  http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
  http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml
  http://security.gentoo.org/glsa/glsa-200610-11.xml

FULLDISC
  http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html

FREEBSD
  http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc

DEBIAN
  http://www.debian.org/security/2006/dsa-1185
  http://www.debian.org/security/2006/dsa-1195

CONFIRM
  http://www.vmware.com/support/player2/doc/releasenotes_player2.html
  http://www.vmware.com/support/server/doc/releasenotes_server.html
  http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
  http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
  http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
  http://www.vmware.com/support/player/doc/releasenotes_player.html
  http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf
  http://www.vmware.com/security/advisories/VMSA-2008-0005.html
  http://www.ingate.com/relnote-452.php
  http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
  http://issues.rpath.com/browse/RPL-613
  http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html
  http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
  http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
  http://docs.info.apple.com/article.html?artnum=304829
  http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
  http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
  http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
  http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
  http://openvpn.net/changelog.html
  http://www.serv-u.com/releasenotes/
  http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
  http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm
  http://kolab.org/security/kolab-vendor-notice-11.txt
  http://www.openssl.org/news/secadv_20060928.txt

CISCO
  http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
  http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml

CERT-VN
  386964

CERT
  http://www.us-cert.gov/cas/techalerts/TA06-333A.html

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/489739/100/0/threaded
  http://www.securityfocus.com/archive/1/archive/1/447393/100/0/threaded
  http://www.securityfocus.com/archive/1/archive/1/447318/100/0/threaded
  http://www.securityfocus.com/archive/1/archive/1/456546/100/200/threaded

BID
  22083
  28276
  20246

APPLE
  http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html


Return to the previous page.





Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Do you think it's important to read Setup/User Guides for applications for use within your network?


See Results   


Most Popular Advisories

1.
Red Hat update for vsftpd
2.
Red Hat update for rdesktop
3.
Red Hat update for rdesktop
4.
Red Hat update for coreutils
5.
Red Hat update for nss_ldap
6.
Red Hat update for kernel
7.
Red Hat update for mysql
8.
Atom PhotoBlog "photoId" SQL Injection Vulnerability
9.
OpenBSD BIND Query Port DNS Cache Poisoning
10.
Red Hat update for kernel





Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia