CVE-2002-0659 – OpenSSL - ASN.1 Parsing
https://notcve.org/view.php?id=CVE-2002-0659
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. La librería ASN1 de Open SSL 0.9.6d y anterior, y 0.9.7-beta2 y anterior, permite que atacantes remotos provoquen una denegación de servicio por medio de codificaciones inválidas. • https://www.exploit-db.com/exploits/23199 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000516 http://rhn.redhat.com/errata/RHSA-2002-160.html http://rhn.redhat.com/errata/RHSA-2002-161.html http://rhn.redhat.com/errata/RHSA-2002-164.html http& •
CVE-2002-0655
https://notcve.org/view.php?id=CVE-2002-0655
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. OpenSSL 0.9.6.d y anteriores, y 0.9.7-beta2 y anteriores, no manejan adecuadamente las representaciones ASCII de enteros en plataformas de 64 bits, lo que podría permitir a atacantes causar una denegación de servicio y posiblemente ejecutar código arbitrario. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000513 http://www.cert.org/advisories/CA-2002-23.html http://www.kb.cert.org/vuls/id/308891 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-046.php http://www.securityfocus.com/bid/5364 •
CVE-2002-0656 – Apache mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow
https://notcve.org/view.php?id=CVE-2002-0656
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. Desbordamiento de búfer en OpenSSL 0.9.6d y anteriores, y 0.9.7-beta2 y anteriores, permite a atacantes remotos ejecutar código arbitrario mediante una clave maestra de cliente larga en SSL2 o un ID de sesión largo en SSL3 • https://www.exploit-db.com/exploits/40347 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000513 http://www.cert.org/advisories/CA-2002-23.html http://www.iss.net/security_center/static/9714.php http://www.iss.net/security_center/static/9716.php •
CVE-2001-1141
https://notcve.org/view.php?id=CVE-2001-1141
The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-013.txt.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000418 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-065.php3?dis=8.0 http://www.linuxsecurity.com/advisories/other_advisory-1483.html http://www.osvdb.org/853 http://www.redhat.com/support/errata/RHSA-2001-051.html http://www.securityfocus.com/advisories/3475 http://www.securityfocus.com/archive/1/195829 http://www.securityfo •