CVE-2005-2969 : Dettaglio

CVE-2005-2969

9.39%V4
Network
2005-10-18
08h00 +00:00
2024-08-07
22h53 +00:00
CVE.org
NVD
Notifiche per una CVE specifica
Rimani informato su qualsiasi modifica relativa a una CVE specifica.
Gestione notifiche

Descrizioni CVE

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

Informazioni CVE

Metriche

Metriche Punteggio Gravità CVSS Vettore Source
V2 5 AV:N/AC:L/Au:N/C:N/I:P/A:N nvd@nist.gov

EPSS

EPSS è un modello di punteggio che prevede la probabilità che una vulnerabilità venga sfruttata.

Punteggio EPSS

Il modello EPSS produce un punteggio di probabilità compreso tra 0 e 1 (da 0 a 100%). Più alto è il punteggio, maggiore è la probabilità che una vulnerabilità venga sfruttata.

Percentile EPSS

Il percentile viene utilizzato per classificare le CVE in base al loro punteggio EPSS. Ad esempio, una CVE al 95° percentile secondo il suo punteggio EPSS ha una probabilità maggiore di essere sfruttata rispetto al 95% delle altre CVE. Il percentile consente quindi di confrontare il punteggio EPSS di una CVE con quello delle altre.
EPSS First.org

Products Mentioned

Configuraton 0

Openssl>>Openssl >> Version 0.9.7

Openssl>>Openssl >> Version 0.9.7a

Openssl>>Openssl >> Version 0.9.7b

Openssl>>Openssl >> Version 0.9.7c

Openssl>>Openssl >> Version 0.9.7d

Openssl>>Openssl >> Version 0.9.7e

Openssl>>Openssl >> Version 0.9.7f

Openssl>>Openssl >> Version 0.9.7g

Openssl>>Openssl >> Version 0.9.8

Riferimenti

http://secunia.com/advisories/17259
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/23915
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/26893
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17389
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/3056
Tags : vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/2457
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/17813
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/15071
Tags : vdb-entry, x_refsource_BID
http://secunia.com/advisories/18165
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/23340
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18123
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-881
Tags : vendor-advisory, x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2005/2659
Tags : vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/24799
Tags : vdb-entry, x_refsource_BID
http://www.debian.org/security/2005/dsa-882
Tags : vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/17153
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17191
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2908
Tags : vdb-entry, x_refsource_VUPEN
http://securitytracker.com/id?1015032
Tags : vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/17344
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/19185
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2036
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/17589
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2710
Tags : vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2005/3002
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/31492
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17466
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0629.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/17146
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17169
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0343
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/23280
Tags : third-party-advisory, x_refsource_SECUNIA
http://docs.info.apple.com/article.html?artnum=302847
Tags : vendor-advisory, x_refsource_APPLE
http://secunia.com/advisories/23843
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17189
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21827
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17288
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2005:179
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/17632
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0326
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/17409
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25973
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17888
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17210
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-875
Tags : vendor-advisory, x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2006/3531
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/17178
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17432
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17180
Tags : third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1
Tags : vendor-advisory, x_refsource_SUNALERT
http://www.securityfocus.com/bid/15647
Tags : vdb-entry, x_refsource_BID
http://secunia.com/advisories/17335
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-762.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-800.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/17151
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18663
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17617
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18045
Tags : third-party-advisory, x_refsource_SECUNIA
Le informazioni presentate su CVE Find provengono da diverse fonti di riferimento attentamente selezionate. I dati CVE sono forniti da MITRE Corporation e dal National Vulnerability Database (NVD). Il catalogo delle vulnerabilità sfruttate conosciute (KEV) proviene dalla Cybersecurity and Infrastructure Security Agency (CISA), mentre i punteggi EPSS provengono da FIRST.org. Inoltre, i dati relativi alle vulnerabilità software (CWE) e ai pattern di attacco comuni (CAPEC) sono mantenuti da MITRE Corporation, e le informazioni sulle configurazioni hardware e software (CPE) sono fornite da NVD.