FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-4343

This CVE name corresponds to:

Entered Topic
2007-02-26 OpenSSL -- Multiple problems in crypto(3)

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2006-4343
Phase Assigned(20060824)

Description

The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.

References

Source Reference
BUGTRAQ 20070110 VMware ESX server security updates
BUGTRAQ 20060928 rPSA-2006-0175-1 openssl openssl-scripts
BUGTRAQ 20060929 rPSA-2006-0175-2 openssl openssl-scripts
BUGTRAQ 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
FULLDISC 20060928 [SECURITY] OpenSSL 0.9.8d and 0.9.7l released
MILW0RM 4773
MLIST [security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
CONFIRM http://www.openssl.org/news/secadv_20060928.txt
CONFIRM http://kolab.org/security/kolab-vendor-notice-11.txt
CONFIRM http://openvpn.net/changelog.html
CONFIRM http://www.serv-u.com/releasenotes/
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm
CONFIRM http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
CONFIRM http://docs.info.apple.com/article.html?artnum=304829
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
CONFIRM http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
CONFIRM http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
CONFIRM http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
CONFIRM http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
CONFIRM http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
CONFIRM http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
CONFIRM http://www.ingate.com/relnote-452.php
CONFIRM http://issues.rpath.com/browse/RPL-613
CONFIRM http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf
CONFIRM http://www.vmware.com/security/advisories/VMSA-2008-0005.html
CONFIRM http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
CONFIRM http://www.vmware.com/support/player/doc/releasenotes_player.html
CONFIRM http://www.vmware.com/support/player2/doc/releasenotes_player2.html
CONFIRM http://www.vmware.com/support/server/doc/releasenotes_server.html
CONFIRM http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
CONFIRM http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
APPLE APPLE-SA-2006-11-28
CISCO 20061108 Multiple Vulnerabilities in OpenSSL library
CISCO 20061108 Multiple Vulnerabilities in OpenSSL Library
DEBIAN DSA-1185
DEBIAN DSA-1195
FREEBSD FreeBSD-SA-06:23.openssl
GENTOO GLSA-200610-11
GENTOO GLSA-200612-11
HP HPSBUX02174
HP SSRT061239
HP HPSBUX02186
HP SSRT071299
HP HPSBTU02207
HP SSRT061213
HP SSRT071304
HP HPSBMA02250
HP SSRT061275
HP HPSBOV02683
HP SSRT090208
MANDRIVA MDKSA-2006:172
MANDRIVA MDKSA-2006:177
MANDRIVA MDKSA-2006:178
NETBSD NetBSD-SA2008-007
OPENBSD [3.9] 20061007 013: SECURITY FIX: October 7, 2006
OPENPKG OpenPKG-SA-2006.021
REDHAT RHSA-2006:0695
REDHAT RHSA-2008:0629
SGI 20061001-01-P
SLACKWARE SSA:2006-272-01
SUNALERT 102668
SUNALERT 102711
SUNALERT 201531
SUSE SUSE-SA:2006:058
SUSE SUSE-SR:2006:024
TRUSTIX 2006-0054
UBUNTU USN-353-1
CERT TA06-333A
CERT-VN VU#386964
BID 20246
BID 22083
BID 28276
OVAL oval:org.mitre.oval:def:10207
VUPEN ADV-2006-3820
VUPEN ADV-2006-3860
VUPEN ADV-2006-3902
VUPEN ADV-2006-3869
VUPEN ADV-2006-3936
VUPEN ADV-2006-4036
VUPEN ADV-2006-4264
VUPEN ADV-2006-4417
VUPEN ADV-2006-4401
VUPEN ADV-2006-4443
VUPEN ADV-2006-4750
VUPEN ADV-2007-0343
VUPEN ADV-2007-1401
VUPEN ADV-2007-1973
VUPEN ADV-2007-2783
VUPEN ADV-2008-0905
OSVDB 29263
OVAL oval:org.mitre.oval:def:4356
SECTRACK 1016943
SECTRACK 1017522
SECUNIA 22130
SECUNIA 22094
SECUNIA 22165
SECUNIA 22186
SECUNIA 22193
SECUNIA 22207
SECUNIA 22259
SECUNIA 22260
SECUNIA 22166
SECUNIA 22172
SECUNIA 22212
SECUNIA 22240
SECUNIA 22216
SECUNIA 22116
SECUNIA 22220
SECUNIA 22284
SECUNIA 22330
SECUNIA 22385
SECUNIA 22460
SECUNIA 22500
SECUNIA 22544
SECUNIA 22626
SECUNIA 22487
SECUNIA 22758
SECUNIA 22799
SECUNIA 22791
SECUNIA 22772
SECUNIA 23038
SECUNIA 23155
SECUNIA 22298
SECUNIA 23309
SECUNIA 23280
SECUNIA 23340
SECUNIA 23680
SECUNIA 23794
SECUNIA 23915
SECUNIA 24950
SECUNIA 25420
SECUNIA 25889
SECUNIA 26329
SECUNIA 30124
SECUNIA 31492
XF openssl-sslv2-client-dos(29240)