VulnerableCode Package Details - pkg:ebuild/dev-libs/openssl@0.9.7c

Search for packages

Vulnerability	Summary	Fixed by
VCID-6qtp-pd6p-aaaf Aliases: CVE-2004-0112 VC-OPENSSL-20040317-CVE-2004-0112	A flaw in SSL/TLS handshaking code when using Kerberos ciphersuites. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server configured to use Kerberos ciphersuites in such a way as to cause OpenSSL to crash. Most applications have no ability to use Kerberos ciphersuites and will therefore be unaffected.	0.9.7d Affected by 0 other vulnerabilities.
VCID-cs8h-mu82-aaaj Aliases: CVE-2004-0081 VC-OPENSSL-20040317-CVE-2004-0081	The Codenomicon TLS Test Tool found that some unknown message types were handled incorrectly, allowing a remote attacker to cause a denial of service (infinite loop).	0.9.7d Affected by 0 other vulnerabilities.
VCID-tjnv-wy4x-aaaa Aliases: CVE-2004-0079 VC-OPENSSL-20040317-CVE-2004-0079	The Codenomicon TLS Test Tool uncovered a null-pointer assignment in the do_change_cipher_spec() function. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that used the OpenSSL library in such a way as to cause a crash.	0.9.7d Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-6qtp-pd6p-aaaf
Aliases:
CVE-2004-0112
VC-OPENSSL-20040317-CVE-2004-0112

A flaw in SSL/TLS handshaking code when using Kerberos ciphersuites. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server configured to use Kerberos ciphersuites in such a way as to cause OpenSSL to crash. Most applications have no ability to use Kerberos ciphersuites and will therefore be unaffected.

0.9.7d
Affected by 0 other vulnerabilities.

VCID-cs8h-mu82-aaaj
Aliases:
CVE-2004-0081
VC-OPENSSL-20040317-CVE-2004-0081

The Codenomicon TLS Test Tool found that some unknown message types were handled incorrectly, allowing a remote attacker to cause a denial of service (infinite loop).

0.9.7d
Affected by 0 other vulnerabilities.

VCID-tjnv-wy4x-aaaa
Aliases:
CVE-2004-0079
VC-OPENSSL-20040317-CVE-2004-0079

The Codenomicon TLS Test Tool uncovered a null-pointer assignment in the do_change_cipher_spec() function. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that used the OpenSSL library in such a way as to cause a crash.

0.9.7d
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T12:39:52.275537+00:00	Gentoo Importer	Affected by	VCID-6qtp-pd6p-aaaf	https://security.gentoo.org/glsa/200403-03	36.0.0
2025-03-28T12:39:52.246238+00:00	Gentoo Importer	Affected by	VCID-cs8h-mu82-aaaj	https://security.gentoo.org/glsa/200403-03	36.0.0
2025-03-28T12:39:52.216968+00:00	Gentoo Importer	Affected by	VCID-tjnv-wy4x-aaaa	https://security.gentoo.org/glsa/200403-03	36.0.0
2024-09-18T07:33:40.098301+00:00	Gentoo Importer	Affected by	VCID-6qtp-pd6p-aaaf	https://security.gentoo.org/glsa/200403-03	34.0.1
2024-09-18T07:33:40.061773+00:00	Gentoo Importer	Affected by	VCID-cs8h-mu82-aaaj	https://security.gentoo.org/glsa/200403-03	34.0.1
2024-09-18T07:33:40.022771+00:00	Gentoo Importer	Affected by	VCID-tjnv-wy4x-aaaa	https://security.gentoo.org/glsa/200403-03	34.0.1
2024-01-04T01:40:03.097358+00:00	Gentoo Importer	Affected by	VCID-6qtp-pd6p-aaaf	https://security.gentoo.org/glsa/200403-03	34.0.0rc1
2024-01-04T01:40:03.057834+00:00	Gentoo Importer	Affected by	VCID-cs8h-mu82-aaaj	https://security.gentoo.org/glsa/200403-03	34.0.0rc1
2024-01-04T01:40:03.020968+00:00	Gentoo Importer	Affected by	VCID-tjnv-wy4x-aaaa	https://security.gentoo.org/glsa/200403-03	34.0.0rc1