CVE-2003-0543
published 2003-11-17CVE-2003-0543: Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag…
PriorityP424medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
24.65%
97.6th percentile
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssl | < openssl 0.9.7c (bookworm) | openssl 0.9.7c (bookworm) |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | >= 0 < 0.9.7c | 0.9.7c |
| openssl | openssl | >= 0 < 0.9.7c | 0.9.7c |
| openssl | openssl | >= 0 < 0.9.7c | 0.9.7c |
| openssl | openssl | >= 0 < 0.9.7c | 0.9.7c |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_redhat9.8CRITICAL
vendor_cisco5.0MEDIUM
vendor_debian5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
CAN-2003-0543/0544 OpenSSL ASN.1 protocol crashes
vendor_redhat·2003-09-30·CVSS 5.0
CVE-2003-0543 [MEDIUM] CAN-2003-0543/0544 OpenSSL ASN.1 protocol crashes
CAN-2003-0543/0544 OpenSSL ASN.1 protocol crashes
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
Statement: For Red Hat Enterprise Linux 2.1 OpenSSL packages (openssl, openssl096, openssl095a) issue was addressed via RHSA-2003:293.
The OpenSSL packages in Red Hat Enterprise Linux 3 and 4 (openssl, openssl096b) contain a backported patch since their initial release.
The OpenSSL packages in Red Hat Enterprise Linux 5 are based on fixed upstream release (openssl), or contain backported patch since their initial release (openssl097a).
Cisco
SSL Implementation Vulnerabilities
vendor_cisco·2003-09-30·CVSS 5.0
CVE-2003-0543 [MEDIUM] CWE-399 SSL Implementation Vulnerabilities
SSL Implementation Vulnerabilities
On September 30, 2003, new vulnerabilities in the
OpenSSL
implementation
for SSL were announced. This is referred to as the "first" vulnerability in
this document.
On November 4, 2003, another vulnerability in the
OpenSSL
implementation
for SSL, version 0.9.6, was announced. This is referred to as the "second"
vulnerability in this document.
An affected network device running an SSL server based on an affected
OpenSSL implementation may be vulnerable to a Denial of Service (DoS) attack
when presented with a malformed certificate by a client. The network device may
be vulnerable to this vulnerability even if it is configured to not
authenticate certificates from the client. There are workarounds available to
mitigate the effects of these vulnerabilities
Red Hat
CAN-2003-0543/0544 OpenSSL ASN.1 protocol crashes
vendor_redhat·2003-09-30·CVSS 9.8
CVE-2003-0545 [CRITICAL] CAN-2003-0543/0544 OpenSSL ASN.1 protocol crashes
CAN-2003-0543/0544 OpenSSL ASN.1 protocol crashes
Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.
Statement: Not vulnerable. The OpenSSL packages in Red Hat Enterprise Linux 2.1 were not affected by this issue.
The OpenSSL packages in Red Hat Enterprise Linux 3 and 4 contain a backported patch since their initial release (openssl), or were not affected by this issue (openssl096b).
The OpenSSL packages in Red Hat Enterprise Linux 5 are based on fixed upstream release (openssl), or contain backported patch since their initial release (openssl097a).
Red Hat
CAN-2003-0543/0544 OpenSSL ASN.1 protocol crashes
vendor_redhat·2003-09-30·CVSS 5.0
CVE-2003-0544 [MEDIUM] CAN-2003-0543/0544 OpenSSL ASN.1 protocol crashes
CAN-2003-0543/0544 OpenSSL ASN.1 protocol crashes
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used.
Statement: For Red Hat Enterprise Linux 2.1 OpenSSL packages (openssl, openssl096, openssl095a) issue was addressed via RHSA-2003:293.
The OpenSSL packages in Red Hat Enterprise Linux 3 and 4 (openssl, openssl096b) contain a backported patch since their initial release.
The OpenSSL packages in Red Hat Enterprise Linux 5 are based on fixed upstream release (openssl), or contain backported patch since their initial release (openssl097a).
Debian
CVE-2003-0543: openssl - Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a d...
vendor_debian·2003·CVSS 5.0
CVE-2003-0543 [MEDIUM] CVE-2003-0543: openssl - Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a d...
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
Scope: local
bookworm: resolved (fixed in 0.9.7c)
bullseye: resolved (fixed in 0.9.7c)
forky: resolved (fixed in 0.9.7c)
sid: resolved (fixed in 0.9.7c)
trixie: resolved (fixed in 0.9.7c)
Red Hat
CVE-2005-1730: Multiple vulnerabilities in the OpenSSL ASN
vendor_redhat·CVSS 5.0
CVE-2005-1730 [MEDIUM] CVE-2005-1730: Multiple vulnerabilities in the OpenSSL ASN
Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112.
Statement: Based on our research we believe that the "OpenSSL ASN.1 brute forcer." is actually exploiting flaws CVE-2003-0543, CVE-2003-0544, CVE-2003-0545. Those issues are all addressed in Red Hat Enterprise Linux and therefore CVE-2005-1730 is a duplicate assignment.
Cisco
SSL Implementation Vulnerabilities
vendor_cisco
CVE-2003-0543 SSL Implementation Vulnerabilities
CVE-2003-0543: SSL Implementation Vulnerabilities
On September 30, 2003, new vulnerabilities in the OpenSSL implementation for SSL were announced. This is referred to as the "first" vulnerability in this document. On November 4, 2003, another vulnerability in the OpenSSL implementation for SSL, version 0.9.6, was announced. This is referred to as the "second" vulnerability in this document. An affected network device running an SSL server based on an affected OpenSSL implementation may be vulnerable to a Denial of Service (DoS) attack when presented with a malformed certificate by a client. The network device may be vulnerable to this vulnerability even if it is configured to not authenticate certificates from the client. There are
CWE: CWE-399, CWE-399
Bug IDs: CSCec46274, CSCec31274, CSC
GHSA
GHSA-v3q3-83mw-m54r: Integer overflow in OpenSSL 0
ghsa_unreviewed·2022-04-29
CVE-2003-0543 [MEDIUM] GHSA-v3q3-83mw-m54r: Integer overflow in OpenSSL 0
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
OSV
CVE-2003-0543: Integer overflow in OpenSSL 0
osv·2003-11-17·CVSS 5.0
CVE-2003-0543 [MEDIUM] CVE-2003-0543: Integer overflow in OpenSSL 0
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
No detection rules found.
No writeups or analysis indexed.
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=104893http://secunia.com/advisories/22249http://sunsolve.sun.com/search/document.do?assetkey=1-66-201029-1http://www-1.ibm.com/support/docview.wss?uid=swg21247112http://www.cert.org/advisories/CA-2003-26.htmlhttp://www.debian.org/security/2003/dsa-393http://www.debian.org/security/2003/dsa-394http://www.kb.cert.org/vuls/id/255484http://www.linuxsecurity.com/advisories/engarde_advisory-3693.htmlhttp://www.redhat.com/support/errata/RHSA-2003-291.htmlhttp://www.redhat.com/support/errata/RHSA-2003-292.htmlhttp://www.securityfocus.com/bid/8732http://www.uniras.gov.uk/vuls/2003/006489/openssl.htmhttp://www.vupen.com/english/advisories/2006/3900https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4254https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5292http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=104893http://secunia.com/advisories/22249http://sunsolve.sun.com/search/document.do?assetkey=1-66-201029-1http://www-1.ibm.com/support/docview.wss?uid=swg21247112http://www.cert.org/advisories/CA-2003-26.htmlhttp://www.debian.org/security/2003/dsa-393http://www.debian.org/security/2003/dsa-394http://www.kb.cert.org/vuls/id/255484http://www.linuxsecurity.com/advisories/engarde_advisory-3693.htmlhttp://www.redhat.com/support/errata/RHSA-2003-291.htmlhttp://www.redhat.com/support/errata/RHSA-2003-292.htmlhttp://www.securityfocus.com/bid/8732http://www.uniras.gov.uk/vuls/2003/006489/openssl.htmhttp://www.vupen.com/english/advisories/2006/3900https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4254https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5292
2003-11-17
Published