CVE-2002-0659

Published: Aug 12, 2002Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.

Affected (34)

Products: Openssl: Openssl · Oracle: Application Server, Corporate Time Outlook Connector, Http Server · Apple: Mac Os X

1 product

3 products

Application Server

Corporate Time Outlook Connector

1 product

Configuration A

23 vulnerable

Vulnerable Software	Affected Versions
Openssl Openssl	Version 0.9.1c
Openssl Openssl	Version 0.9.2b
Openssl Openssl	Version 0.9.3
Openssl Openssl	Version 0.9.4
Openssl Openssl	Version 0.9.5
Openssl Openssl	Version 0.9.5a
Openssl Openssl	Version 0.9.6
Openssl Openssl	Version 0.9.6a
Openssl Openssl	Version 0.9.6b
Openssl Openssl	Version 0.9.6c
Openssl Openssl	Version 0.9.6d
Openssl Openssl	Version 0.9.7 beta1
Openssl Openssl	Version 0.9.7 beta2
Oracle Application Server	All versions
Oracle Application Server	Version 1.0.2.1s
Oracle Application Server	Version 1.0.2.2
Oracle Application Server	Version 1.0.2
Oracle Corporate Time Outlook Connector	Version 3.1.1
Oracle Corporate Time Outlook Connector	Version 3.1.2
Oracle Corporate Time Outlook Connector	Version 3.1
Oracle Corporate Time Outlook Connector	Version 3.3
Oracle Http Server	Version 9.0.1
Oracle Http Server	Version 9.2.0

Configuration B

11 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Version 10.0.1
Apple Mac Os X	Version 10.0.2
Apple Mac Os X	Version 10.0.3
Apple Mac Os X	Version 10.0.4
Apple Mac Os X	Version 10.0
Apple Mac Os X	Version 10.1.1
Apple Mac Os X	Version 10.1.2
Apple Mac Os X	Version 10.1.3
Apple Mac Os X	Version 10.1.4
Apple Mac Os X	Version 10.1.5
Apple Mac Os X	Version 10.1

References (22)

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt (unsafe URL)

Source: cve@mitre.org

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt (unsafe URL)

Source: cve@mitre.org

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc (unsafe URL)

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000516

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2002-160.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2002-161.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2002-164.html

Source: cve@mitre.org

http://www.cert.org/advisories/CA-2002-23.html

Source: cve@mitre.org

US Government Resource

http://www.iss.net/security_center/static/9718.php

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/748355

Source: cve@mitre.org

US Government Resource

http://www.securityfocus.com/bid/5366

Source: cve@mitre.org

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000516

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2002-160.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2002-161.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2002-164.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.cert.org/advisories/CA-2002-23.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.iss.net/security_center/static/9718.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/748355

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.securityfocus.com/bid/5366

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.