CVE-2003-0851
First published: Thu Nov 06 2003(Updated: )
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS | =12.1\(11\)e | |
| Cisco IOS | =12.1\(11b\)e | |
| Cisco IOS | =12.2sx | |
| Cisco IOS | =12.2sy | |
| Cisco Content Services Switch 11000 | ||
| Cisco PIX | =6.2.2_.111 | |
| OpenSSL | =0.9.6 | |
| OpenSSL | =0.9.6a | |
| OpenSSL | =0.9.6b | |
| OpenSSL | =0.9.6c | |
| OpenSSL | =0.9.6d | |
| OpenSSL | =0.9.6e | |
| OpenSSL | =0.9.6f | |
| OpenSSL | =0.9.6g | |
| OpenSSL | =0.9.6h | |
| OpenSSL | =0.9.6i | |
| OpenSSL | =0.9.6j | |
| OpenSSL | =0.9.6k | |
| OpenSSL | =0.9.7 | |
| OpenSSL | =0.9.7a | |
| OpenSSL | =0.9.7b | |
| Cisco PIX Firewall | =6.0 | |
| Cisco PIX Firewall | =6.0\(1\) | |
| Cisco PIX Firewall | =6.0\(2\) | |
| Cisco PIX Firewall | =6.0\(3\) | |
| Cisco PIX Firewall | =6.0\(4\) | |
| Cisco PIX Firewall | =6.0\(4.101\) | |
| Cisco PIX Firewall | =6.1 | |
| Cisco PIX Firewall | =6.1\(1\) | |
| Cisco PIX Firewall | =6.1\(2\) | |
| Cisco PIX Firewall | =6.1\(3\) | |
| Cisco PIX Firewall | =6.1\(4\) | |
| Cisco PIX Firewall | =6.1\(5\) | |
| Cisco PIX Firewall | =6.2 | |
| Cisco PIX Firewall | =6.2\(1\) | |
| Cisco PIX Firewall | =6.2\(2\) | |
| Cisco PIX Firewall | =6.2\(3\) | |
| Cisco PIX Firewall | =6.3\(1\) | |
| Cisco PIX Firewall | =6.3\(3.102\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openssl.org/news/secadv_20031104.txt
- http://www.kb.cert.org/vuls/id/412478
- http://www.securityfocus.com/bid/8970
- http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml
- http://rhn.redhat.com/errata/RHSA-2004-119.html
- http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html
- http://secunia.com/advisories/17381
- http://marc.info/?l=bugtraq&m=106796246511667&w=2
- http://marc.info/?l=bugtraq&m=108403850228012&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5528
Frequently Asked Questions
What is the severity of CVE-2003-0851?
CVE-2003-0851 has a severity rating that indicates it can cause denial of service attacks.
How do I fix CVE-2003-0851?
To fix CVE-2003-0851, update OpenSSL to a version that is patched against this vulnerability.
What software is affected by CVE-2003-0851?
CVE-2003-0851 affects several versions of OpenSSL along with Cisco IOS and Cisco PIX Firewall.
Can CVE-2003-0851 be exploited remotely?
Yes, CVE-2003-0851 can be exploited remotely using malformed ASN.1 sequences.
What are the consequences of an exploit of CVE-2003-0851?
Exploitation of CVE-2003-0851 can lead to a crash of the affected service, resulting in a denial of service.
- collector/nvd-historical
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/last-modified-date
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco ios
- version/cisco ios/12.1\(11\)e
- version/cisco ios/12.1\(11b\)e
- version/cisco ios/12.2sx
- version/cisco ios/12.2sy
- canonical/cisco content services switch 11000
- canonical/cisco pix
- version/cisco pix/6.2.2_.111
- vendor/openssl
- canonical/openssl
- version/openssl/0.9.6
- version/openssl/0.9.6a
- version/openssl/0.9.6b
- version/openssl/0.9.6c
- version/openssl/0.9.6d
- version/openssl/0.9.6e
- version/openssl/0.9.6f
- version/openssl/0.9.6g
- version/openssl/0.9.6h
- version/openssl/0.9.6i
- version/openssl/0.9.6j
- version/openssl/0.9.6k
- version/openssl/0.9.7
- version/openssl/0.9.7a
- version/openssl/0.9.7b
- canonical/cisco pix firewall
- version/cisco pix firewall/6.0
- version/cisco pix firewall/6.0\(1\)
- version/cisco pix firewall/6.0\(2\)
- version/cisco pix firewall/6.0\(3\)
- version/cisco pix firewall/6.0\(4\)
- version/cisco pix firewall/6.0\(4.101\)
- version/cisco pix firewall/6.1
- version/cisco pix firewall/6.1\(1\)
- version/cisco pix firewall/6.1\(2\)
- version/cisco pix firewall/6.1\(3\)
- version/cisco pix firewall/6.1\(4\)
- version/cisco pix firewall/6.1\(5\)
- version/cisco pix firewall/6.2
- version/cisco pix firewall/6.2\(1\)
- version/cisco pix firewall/6.2\(2\)
- version/cisco pix firewall/6.2\(3\)
- version/cisco pix firewall/6.3\(1\)
- version/cisco pix firewall/6.3\(3.102\)