CVEs affecting projects tracked on Release Alert, from NVD & OSV.
CVE-2004-0079 — HIGH severity vulnerability | Release Alert
CVE-2004-0079
7.5
HIGHCVSS v3
Published
November 23, 2004
CVSS v2
5 MEDIUM
Affected
2 projects
Assigned by
MITRE
Severity scale
010
Description
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
GitHubSource code pulled from OpenBSD for LibreSSL - this includes most of the library and supporting code. The place to contribute to this code is via the OpenBSD CVS tree. Please mail patches to [email protected], instead of submitting pull requests, since this tree is often rebased.