OVAL Repository - View Definition: oval:org.mitre.oval:def:928

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:928		Version: 2 Last Modified: 2007-04-10
Title:	Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability
Description:	The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2004-0112
Platform(s):	Red Hat Enterprise Linux 3	Product(s):	OpenSSL
Definition Synopsis:
Red Hat Enterprise 3 is installed AND ix86 architecture AND openssl version is less than 0.9.7a-33.4 AND openssl-devel version is less than 0.9.7a-33.4 AND openssl-perl version is less than 0.9.7a-33.4 AND openssl096b version is less than 0.9.6b-16

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest