Vulnerability in 4d Webstar
CVE-2004-0081
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
EPSS: 0.072 (93.5th percentile) — read the EPSS interpretation.
Affected products
- 4d Webstar — versions 4.0, 5.2, 5.2.1
- Apple Mac_os_x — versions 10.3.3
- Apple Mac_os_x_server — versions 10.3.3
- Avaya Converged_communications_server — versions 2.0
- Avaya Intuity_audix — versions 5.1.46, s3210, s3400
- Avaya S8300 — versions r2.0.0, r2.0.1
- Avaya S8500 — versions r2.0.0, r2.0.1
- Avaya S8700 — versions r2.0.0, r2.0.1
- Avaya Sg200 — versions 4.4, 4.31.29
- Avaya Sg203 — versions 4.4, 4.31.29
Public proof-of-concept exploits
References
- cve@mitre.org (vdb-entry, x_refsource_BID, Vendor Advisory)
- cve@mitre.org (vendor-advisory, x_refsource_ENGARDE)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_CONECTIVA)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_FEDORA, vendor-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
Frequently asked questions
- What is CVE-2004-0081?
- CVE-2004-0081 is a vulnerability in 4d Webstar. Published 2004-11-23.
- Is CVE-2004-0081 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.