CVE-2005-2969 : Szczegóły

CVE-2005-2969

9.39%V4
Network
2005-10-18
08h00 +00:00
2024-08-07
22h53 +00:00
CVE.org
NVD
Powiadomienia dla konkretnego CVE
Bądź na bieżąco z wszelkimi zmianami dotyczącymi konkretnego CVE.
Zarządzaj powiadomieniami

Opisy CVE

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

Informacje CVE

Metryki

Metryki Wynik Stopień zagrożenia CVSS Wektor Source
V2 5 AV:N/AC:L/Au:N/C:N/I:P/A:N nvd@nist.gov

EPSS

EPSS to model oceniający, który przewiduje prawdopodobieństwo wykorzystania podatności.

Wynik EPSS

Model EPSS generuje wynik prawdopodobieństwa w zakresie od 0 do 1 (0–100%). Im wyższy wynik, tym większe prawdopodobieństwo, że podatność zostanie wykorzystana.

Percentyl EPSS

Percentyl służy do rankingowania CVE według wyniku EPSS. Na przykład CVE w 95. percentylu według wyniku EPSS jest bardziej prawdopodobne do wykorzystania niż 95% innych CVE. Percentyl umożliwia porównanie wyniku EPSS danego CVE z wynikami innych CVE.
EPSS First.org

Products Mentioned

Configuraton 0

Openssl>>Openssl >> Version 0.9.7

Openssl>>Openssl >> Version 0.9.7a

Openssl>>Openssl >> Version 0.9.7b

Openssl>>Openssl >> Version 0.9.7c

Openssl>>Openssl >> Version 0.9.7d

Openssl>>Openssl >> Version 0.9.7e

Openssl>>Openssl >> Version 0.9.7f

Openssl>>Openssl >> Version 0.9.7g

Openssl>>Openssl >> Version 0.9.8

Odniesienia

http://secunia.com/advisories/17259
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/23915
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/26893
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17389
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/3056
Tags : vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/2457
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/17813
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/15071
Tags : vdb-entry, x_refsource_BID
http://secunia.com/advisories/18165
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/23340
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18123
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-881
Tags : vendor-advisory, x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2005/2659
Tags : vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/24799
Tags : vdb-entry, x_refsource_BID
http://www.debian.org/security/2005/dsa-882
Tags : vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/17153
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17191
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2908
Tags : vdb-entry, x_refsource_VUPEN
http://securitytracker.com/id?1015032
Tags : vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/17344
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/19185
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2036
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/17589
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2710
Tags : vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2005/3002
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/31492
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17466
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0629.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/17146
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17169
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0343
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/23280
Tags : third-party-advisory, x_refsource_SECUNIA
http://docs.info.apple.com/article.html?artnum=302847
Tags : vendor-advisory, x_refsource_APPLE
http://secunia.com/advisories/23843
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17189
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21827
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17288
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2005:179
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/17632
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0326
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/17409
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25973
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17888
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17210
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-875
Tags : vendor-advisory, x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2006/3531
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/17178
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17432
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17180
Tags : third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1
Tags : vendor-advisory, x_refsource_SUNALERT
http://www.securityfocus.com/bid/15647
Tags : vdb-entry, x_refsource_BID
http://secunia.com/advisories/17335
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-762.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-800.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/17151
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18663
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17617
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18045
Tags : third-party-advisory, x_refsource_SECUNIA
Informacje prezentowane na CVE Find pochodzą z kilku starannie wybranych źródeł referencyjnych. Dane CVE są dostarczane przez MITRE Corporation i Narodową Bazę Podatności (NVD). Katalog znanych eksploatowanych podatności (KEV) pochodzi z Agencji ds. Bezpieczeństwa Cyberprzestrzeni i Infrastruktury (CISA), natomiast wyniki EPSS pochodzą z FIRST.org. Ponadto dane dotyczące słabości oprogramowania (CWE) i typowych wzorców ataków (CAPEC) są utrzymywane przez MITRE Corporation, a informacje o konfiguracjach sprzętu i oprogramowania (CPE) są dostarczane przez NVD.