CVE

Id
5045  
CVE No.
CVE-2002-0655  
Status
Candidate  
Description
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.  
Phase
Proposed (20020830)  
Votes
ACCEPT(3) Baker, Cole, Wall | MODIFY(1) Cox | NOOP(2) Christey, Foat  
Comments
Cox> ADDREF:RHSA-2002:163 RHSA-2002:164 RHSA-2002:157 | This issue also affects SSLeay and BSAFE SSL-C | ADDREF: http://www.rsasecurity.com/products/bsafe/bulletins/BSAFE_SSL_Products_Security_Bulletin_Aug_8_2002.pdf | Christey> CONFIRM:http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_sca/sca_320/v320b20.htm#xtocid13 | Christey> I should probably create a separate CAN for the BSAFE issues, | unless there is a codebase relationship.  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
26306 5045 CVE-2002-0655 BUGTRAQ:20020730 OpenSSL Security Altert - Remote Buffer Overflows  View
26307 5045 CVE-2002-0655 REDHAT:RHSA-2002:155  View
26308 5045 CVE-2002-0655 DEBIAN:DSA-136  View
26309 5045 CVE-2002-0655 BUGTRAQ:20020730 [OpenPKG-SA-2002.008] OpenPKG Security Advisory (openssl)  View
26310 5045 CVE-2002-0655 BUGTRAQ:20020730 TSLSA-2002-0063 - openssl  View
26311 5045 CVE-2002-0655 BUGTRAQ:20020730 OpenSSL patches for other versions  View
26312 5045 CVE-2002-0655 ENGARDE:ESA-20020730-019  View
26313 5045 CVE-2002-0655 BUGTRAQ:20020730 GLSA: OpenSSL  View
26314 5045 CVE-2002-0655 SUSE:SuSE-SA:2002:027  View
26315 5045 CVE-2002-0655 CERT:CA-2002-23  View
26316 5045 CVE-2002-0655 URL:http://www.cert.org/advisories/CA-2002-23.html  View
26317 5045 CVE-2002-0655 CERT-VN:VU#308891  View
26318 5045 CVE-2002-0655 URL:http://www.kb.cert.org/vuls/id/308891  View
26319 5045 CVE-2002-0655 CALDERA:CSSA-2002-033.0  View
26320 5045 CVE-2002-0655 URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt  View
26321 5045 CVE-2002-0655 CALDERA:CSSA-2002-033.1  View
26322 5045 CVE-2002-0655 URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt  View
26323 5045 CVE-2002-0655 FREEBSD:FreeBSD-SA-02:33  View
26324 5045 CVE-2002-0655 URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc  View
26325 5045 CVE-2002-0655 MANDRAKE:MDKSA-2002:046  View
26326 5045 CVE-2002-0655 URL:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-046.php  View
26327 5045 CVE-2002-0655 CONECTIVA:CLA-2002:513  View
26328 5045 CVE-2002-0655 URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000513  View
26329 5045 CVE-2002-0655 BID:5364  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
63844 JVNDB-2002-000171 OpenSSL の ASCII 文字コード表現におけるバッファオーバーフローの脆弱性 OpenSSL において、OpenSSL サーバ、もしくはクライアントが 64 ビットプラットフォームのマシンで稼動している場合、バッファオーバーフローが発生する脆弱性が存在します。 CVE-2002-0655 5045 7.5 http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000171.html  View