fkie_nvd - fkie_cve-2002-0659

fkie_cve-2002-0659

Vulnerability from fkie_nvd

Published

2002-08-12 04:00

Modified

2025-04-03 01:03

Severity ?

Summary

The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.

References

URL	Tags
cve@mitre.org	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt
cve@mitre.org	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt
cve@mitre.org	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000516
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2002-160.html
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2002-161.html
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2002-164.html
cve@mitre.org	http://www.cert.org/advisories/CA-2002-23.html	US Government Resource
cve@mitre.org	http://www.iss.net/security_center/static/9718.php
cve@mitre.org	http://www.kb.cert.org/vuls/id/748355	US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/5366
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000516
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2002-160.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2002-161.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2002-164.html
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2002-23.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/9718.php
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/748355	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/5366

Impacted products

Vendor	Product	Version
openssl	openssl	0.9.1c
openssl	openssl	0.9.2b
openssl	openssl	0.9.3
openssl	openssl	0.9.4
openssl	openssl	0.9.5
openssl	openssl	0.9.5a
openssl	openssl	0.9.6
openssl	openssl	0.9.6a
openssl	openssl	0.9.6b
openssl	openssl	0.9.6c
openssl	openssl	0.9.6d
openssl	openssl	0.9.7
openssl	openssl	0.9.7
oracle	application_server	*
oracle	application_server	1.0.2
oracle	application_server	1.0.2.1s
oracle	application_server	1.0.2.2
oracle	corporate_time_outlook_connector	3.1
oracle	corporate_time_outlook_connector	3.1.1
oracle	corporate_time_outlook_connector	3.1.2
oracle	corporate_time_outlook_connector	3.3
oracle	http_server	9.0.1
oracle	http_server	9.2.0
apple	mac_os_x	10.0
apple	mac_os_x	10.0.1
apple	mac_os_x	10.0.2
apple	mac_os_x	10.0.3
apple	mac_os_x	10.0.4
apple	mac_os_x	10.1
apple	mac_os_x	10.1.1
apple	mac_os_x	10.1.2
apple	mac_os_x	10.1.3
apple	mac_os_x	10.1.4
apple	mac_os_x	10.1.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D983EC-61B0-4FD9-89B5-9878E4CE4405",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7BE3C-8CA2-4FB2-B4AE-B201D88C2A9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC4C5F05-BC0B-478D-9A6F-7C804777BA41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8847BD34-BDE6-4AE9-96D9-75B9CF93A6A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDB5A09-BE86-4352-9799-A875649EDB7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F03FA9C0-24C7-46AC-92EC-7834BC34C79B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E4742C-A983-4F00-B24F-AB280C0E876D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A0628DF-3A4C-4078-B615-22260671EABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "962FCB86-15AD-4399-8B7D-EC1DEA919C59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC62E1B2-6964-4459-A1EF-A6A087C2960F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_server:1.0.2.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A6F28FD-6EAD-4EDD-B9A1-0B120D0F0919",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC4ED2EB-1E90-4E99-AAD6-5D838800F9B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:corporate_time_outlook_connector:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DABDE61F-A7DD-40A4-9569-8525A63BAA56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:corporate_time_outlook_connector:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFAA0056-56FF-4D0F-8B44-066A4BFED1B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:corporate_time_outlook_connector:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3C821C-C479-4AAC-84EA-63C798CAB00A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:corporate_time_outlook_connector:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCAF6167-65C1-4ACB-A75A-53922B64D281",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:http_server:9.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B72A661-9EAA-4B9B-8865-17C8A29871BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:http_server:9.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7485BFF1-6863-4165-BE36-D656F39CF5EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C273D1-ADFE-4B4C-B543-7B9CA741A117",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "066ABC3B-B395-42D2-95C0-5B810F91A6F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "01BC19FC-6E03-4000-AE4B-232E47FA76F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "421FC2DD-0CF7-44A2-A63C-5221689E2363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F8B70BC-42B7-453A-B506-7BE69D49A4B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA32F7D8-02F8-4CFE-B193-2888807BC4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings."
    },
    {
      "lang": "es",
      "value": "La librer\u00eda ASN1 de Open SSL 0.9.6d y anterior, y 0.9.7-beta2 y anterior, permite que atacantes remotos provoquen una denegaci\u00f3n de servicio por medio de codificaciones inv\u00e1lidas."
    }
  ],
  "id": "CVE-2002-0659",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-08-12T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000516"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2002-160.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2002-161.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2002-164.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2002-23.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.iss.net/security_center/static/9718.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/748355"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/5366"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2002-160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2002-161.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2002-164.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2002-23.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.iss.net/security_center/static/9718.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/748355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/5366"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2002-0659 (GCVE-0-2002-0659)

Vulnerability from cvelistv5

Published

2002-07-31 04:00