📦

servercluster

Vendor: stonesoft

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 1.86% Exploit Prob.

Latest CVE CVE-2004-0079 Nov 23

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2004-0079

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

EPSS: 2.28%

Severity: HIGH

Nov 23, 2004

5.0 CVSS

CVE-2004-0081

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

EPSS: 2.39%

Severity: MEDIUM

Nov 23, 2004

5.0 CVSS

CVE-2004-0112

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

EPSS: 0.92%

Severity: MEDIUM

Nov 23, 2004

Displaying 3 of 3 Total Entries

Total 1 Sections