FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenSSL ChangeCipherSpec denial-of-service vulnerability

Affected packages
openssl < 0.9.7d
openssl-beta < 0.9.7d
4.0 <= FreeBSD < 4.8_17
4.9 <= FreeBSD < 4.9_4
5.0 <= FreeBSD < 5.1_16
5.2 <= FreeBSD < 5.2.1_3

Details

VuXML ID 68233cba-7774-11d8-89ed-0020ed76ef5a
Discovery 2004-03-17
Entry 2004-03-17
Modified 2004-05-05

A remote attacker could cause an application using OpenSSL to crash by performing a specially crafted SSL/TLS handshake.

References

Bugtraq ID 9899
CERT/CC Vulnerability Note 288574
CVE Name CVE-2004-0079
FreeBSD Advisory SA-04:05.openssl
URL http://www.openssl.org/news/secadv_20040317.txt