CVE-2006-4343

MEDIUM

secalert@redhat.com

Details

CVSS v2: 4.3
NVD published: 2006-09-28 18:07:00
Affected versions: cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
Summary: The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
Remediation: Not available in our cache.
Exploit info: Not available in our cache.

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.