Search for vulnerabilities
Vulnerability details: VCID-3na3-b54b-6ybz
Vulnerability ID VCID-3na3-b54b-6ybz
Aliases CVE-2004-0079
Summary The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3.1 7.5 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc
ssvc Track ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc
cvssv3.1 7.5 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc
ssvc Track ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc
cvssv3.1 7.5 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt
ssvc Track ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt
cvssv3.1 7.5 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834
ssvc Track http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834
cvssv3.1 7.5 http://docs.info.apple.com/article.html?artnum=61798
ssvc Track http://docs.info.apple.com/article.html?artnum=61798
cvssv3.1 7.5 http://fedoranews.org/updates/FEDORA-2004-095.shtml
ssvc Track http://fedoranews.org/updates/FEDORA-2004-095.shtml
cvssv3.1 7.5 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
ssvc Track http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
cvssv3.1 7.5 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
ssvc Track http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
cvssv3.1 7.5 http://lists.apple.com/mhonarc/security-announce/msg00045.html
ssvc Track http://lists.apple.com/mhonarc/security-announce/msg00045.html
cvssv3.1 7.5 http://marc.info/?l=bugtraq&m=107953412903636&w=2
ssvc Track http://marc.info/?l=bugtraq&m=107953412903636&w=2
cvssv3.1 7.5 http://marc.info/?l=bugtraq&m=108403806509920&w=2
ssvc Track http://marc.info/?l=bugtraq&m=108403806509920&w=2
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
epss 0.02269 https://api.first.org/data/v1/epss?cve=CVE-2004-0079
cvssv3.1 7.5 http://secunia.com/advisories/11139
ssvc Track http://secunia.com/advisories/11139
cvssv3.1 7.5 http://secunia.com/advisories/17381
ssvc Track http://secunia.com/advisories/17381
cvssv3.1 7.5 http://secunia.com/advisories/17398
ssvc Track http://secunia.com/advisories/17398
cvssv3.1 7.5 http://secunia.com/advisories/17401
ssvc Track http://secunia.com/advisories/17401
cvssv3.1 7.5 http://secunia.com/advisories/18247
ssvc Track http://secunia.com/advisories/18247
cvssv3.1 7.5 http://security.gentoo.org/glsa/glsa-200403-03.xml
ssvc Track http://security.gentoo.org/glsa/glsa-200403-03.xml
cvssv3.1 7.5 https://exchange.xforce.ibmcloud.com/vulnerabilities/15505
ssvc Track https://exchange.xforce.ibmcloud.com/vulnerabilities/15505
cvssv3.1 7.5 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621
ssvc Track https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621
cvssv3.1 7.5 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770
ssvc Track https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770
cvssv3.1 7.5 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870
ssvc Track https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870
cvssv3.1 7.5 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975
ssvc Track https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975
cvssv3.1 7.5 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779
ssvc Track https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779
cvssv3.1 7.5 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524
ssvc Track http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524
cvssv3.1 7.5 http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm
ssvc Track http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm
cvssv3.1 7.5 http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US
ssvc Track http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US
cvssv3.1 7.5 http://www.ciac.org/ciac/bulletins/o-101.shtml
ssvc Track http://www.ciac.org/ciac/bulletins/o-101.shtml
cvssv3.1 7.5 http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml
ssvc Track http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml
cvssv3.1 7.5 http://www.debian.org/security/2004/dsa-465
ssvc Track http://www.debian.org/security/2004/dsa-465
cvssv3.1 7.5 http://www.kb.cert.org/vuls/id/288574
ssvc Track http://www.kb.cert.org/vuls/id/288574
cvssv3.1 7.5 http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html
ssvc Track http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html
cvssv3.1 7.5 http://www.mandriva.com/security/advisories?name=MDKSA-2004:023
ssvc Track http://www.mandriva.com/security/advisories?name=MDKSA-2004:023
cvssv3.1 7.5 http://www.novell.com/linux/security/advisories/2004_07_openssl.html
ssvc Track http://www.novell.com/linux/security/advisories/2004_07_openssl.html
cvssv3.1 7.5 http://www.openssl.org/news/secadv_20040317.txt
ssvc Track http://www.openssl.org/news/secadv_20040317.txt
cvssv3.1 7.5 http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html
ssvc Track http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html
cvssv3.1 7.5 http://www.redhat.com/support/errata/RHSA-2004-120.html
ssvc Track http://www.redhat.com/support/errata/RHSA-2004-120.html
cvssv3.1 7.5 http://www.redhat.com/support/errata/RHSA-2004-121.html
ssvc Track http://www.redhat.com/support/errata/RHSA-2004-121.html
cvssv3.1 7.5 http://www.redhat.com/support/errata/RHSA-2004-139.html
ssvc Track http://www.redhat.com/support/errata/RHSA-2004-139.html
cvssv3.1 7.5 http://www.redhat.com/support/errata/RHSA-2005-829.html
ssvc Track http://www.redhat.com/support/errata/RHSA-2005-829.html
cvssv3.1 7.5 http://www.redhat.com/support/errata/RHSA-2005-830.html
ssvc Track http://www.redhat.com/support/errata/RHSA-2005-830.html
cvssv3.1 7.5 http://www.securityfocus.com/bid/9899
ssvc Track http://www.securityfocus.com/bid/9899
cvssv3.1 7.5 http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961
ssvc Track http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961
cvssv3.1 7.5 http://www.trustix.org/errata/2004/0012
ssvc Track http://www.trustix.org/errata/2004/0012
cvssv3.1 7.5 http://www.uniras.gov.uk/vuls/2004/224012/index.htm
ssvc Track http://www.uniras.gov.uk/vuls/2004/224012/index.htm
cvssv3.1 7.5 http://www.us-cert.gov/cas/techalerts/TA04-078A.html
ssvc Track http://www.us-cert.gov/cas/techalerts/TA04-078A.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0079.json
https://api.first.org/data/v1/epss?cve=CVE-2004-0079
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0079
0012 http://www.trustix.org/errata/2004/0012
11139 http://secunia.com/advisories/11139
15505 https://exchange.xforce.ibmcloud.com/vulnerabilities/15505
1617140 https://bugzilla.redhat.com/show_bug.cgi?id=1617140
17381 http://secunia.com/advisories/17381
17398 http://secunia.com/advisories/17398
17401 http://secunia.com/advisories/17401
18247 http://secunia.com/advisories/18247
2004_07_openssl.html http://www.novell.com/linux/security/advisories/2004_07_openssl.html
288574 http://www.kb.cert.org/vuls/id/288574
57524 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524
9899 http://www.securityfocus.com/bid/9899
advisories?name=MDKSA-2004:023 http://www.mandriva.com/security/advisories?name=MDKSA-2004:023
article.html?artnum=61798 http://docs.info.apple.com/article.html?artnum=61798
ASA-2005-239.htm http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm
cisco-sa-20040317-openssl.shtml http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml
dsa-465 http://www.debian.org/security/2004/dsa-465
engarde_advisory-4135.html http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html
FEDORA-2004-095.shtml http://fedoranews.org/updates/FEDORA-2004-095.shtml
FreeBSD-SA-04:05.openssl.asc ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc
glsa-200403-03.xml http://security.gentoo.org/glsa/glsa-200403-03.xml
?id=a&anuncio=000834 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834
index.htm http://www.uniras.gov.uk/vuls/2004/224012/index.htm
index?page=content&id=TE88&locale=EN&userlocale=EN_US http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US
?l=bugtraq&m=107953412903636&w=2 http://marc.info/?l=bugtraq&m=107953412903636&w=2
?l=bugtraq&m=108403806509920&w=2 http://marc.info/?l=bugtraq&m=108403806509920&w=2
msg00000.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
msg00001.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
msg00045.html http://lists.apple.com/mhonarc/security-announce/msg00045.html
msg00087.html http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html
NetBSD-SA2004-005.txt.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc
o-101.shtml http://www.ciac.org/ciac/bulletins/o-101.shtml
oval%3Aorg.mitre.oval%3Adef%3A2621 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621
oval%3Aorg.mitre.oval%3Adef%3A5770 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770
oval%3Aorg.mitre.oval%3Adef%3A870 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870
oval%3Aorg.mitre.oval%3Adef%3A975 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975
oval%3Aorg.mitre.oval%3Adef%3A9779 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779
RHSA-2004:120 https://access.redhat.com/errata/RHSA-2004:120
RHSA-2004-120.html http://www.redhat.com/support/errata/RHSA-2004-120.html
RHSA-2004:121 https://access.redhat.com/errata/RHSA-2004:121
RHSA-2004-121.html http://www.redhat.com/support/errata/RHSA-2004-121.html
RHSA-2004:139 https://access.redhat.com/errata/RHSA-2004:139
RHSA-2004-139.html http://www.redhat.com/support/errata/RHSA-2004-139.html
RHSA-2005:829 https://access.redhat.com/errata/RHSA-2005:829
RHSA-2005-829.html http://www.redhat.com/support/errata/RHSA-2005-829.html
RHSA-2005:830 https://access.redhat.com/errata/RHSA-2005:830
RHSA-2005-830.html http://www.redhat.com/support/errata/RHSA-2005-830.html
SCOSA-2004.10.txt ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt
secadv_20040317.txt http://www.openssl.org/news/secadv_20040317.txt
TA04-078A.html http://www.us-cert.gov/cas/techalerts/TA04-078A.html
viewer.php?l=slackware-security&y=2004&m=slackware-security.455961 http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://docs.info.apple.com/article.html?artnum=61798
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://docs.info.apple.com/article.html?artnum=61798
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://fedoranews.org/updates/FEDORA-2004-095.shtml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://fedoranews.org/updates/FEDORA-2004-095.shtml
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://lists.apple.com/mhonarc/security-announce/msg00045.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://lists.apple.com/mhonarc/security-announce/msg00045.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://marc.info/?l=bugtraq&m=107953412903636&w=2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://marc.info/?l=bugtraq&m=107953412903636&w=2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://marc.info/?l=bugtraq&m=108403806509920&w=2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://marc.info/?l=bugtraq&m=108403806509920&w=2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/11139
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://secunia.com/advisories/11139
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/17381
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://secunia.com/advisories/17381
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/17398
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://secunia.com/advisories/17398
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/17401
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://secunia.com/advisories/17401
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/18247
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://secunia.com/advisories/18247
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://security.gentoo.org/glsa/glsa-200403-03.xml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://security.gentoo.org/glsa/glsa-200403-03.xml
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://exchange.xforce.ibmcloud.com/vulnerabilities/15505
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at https://exchange.xforce.ibmcloud.com/vulnerabilities/15505
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.ciac.org/ciac/bulletins/o-101.shtml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.ciac.org/ciac/bulletins/o-101.shtml
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.debian.org/security/2004/dsa-465
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.debian.org/security/2004/dsa-465
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.kb.cert.org/vuls/id/288574
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.kb.cert.org/vuls/id/288574
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.mandriva.com/security/advisories?name=MDKSA-2004:023
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.mandriva.com/security/advisories?name=MDKSA-2004:023
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.novell.com/linux/security/advisories/2004_07_openssl.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.novell.com/linux/security/advisories/2004_07_openssl.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openssl.org/news/secadv_20040317.txt
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.openssl.org/news/secadv_20040317.txt
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.redhat.com/support/errata/RHSA-2004-120.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.redhat.com/support/errata/RHSA-2004-120.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.redhat.com/support/errata/RHSA-2004-121.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.redhat.com/support/errata/RHSA-2004-121.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.redhat.com/support/errata/RHSA-2004-139.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.redhat.com/support/errata/RHSA-2004-139.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.redhat.com/support/errata/RHSA-2005-829.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.redhat.com/support/errata/RHSA-2005-829.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.redhat.com/support/errata/RHSA-2005-830.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.redhat.com/support/errata/RHSA-2005-830.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.securityfocus.com/bid/9899
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.securityfocus.com/bid/9899
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.trustix.org/errata/2004/0012
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.trustix.org/errata/2004/0012
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.uniras.gov.uk/vuls/2004/224012/index.htm
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.uniras.gov.uk/vuls/2004/224012/index.htm
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.us-cert.gov/cas/techalerts/TA04-078A.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/ Found at http://www.us-cert.gov/cas/techalerts/TA04-078A.html
Exploit Prediction Scoring System (EPSS)
Percentile 0.83975
EPSS Score 0.02269
Published At Aug. 15, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:31:22.712958+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2004/0xxx/CVE-2004-0079.json 37.0.0