Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenSSL SSLv2 Client_Master_Key远程拒绝服务漏洞
Vulnerability Description
OpenSSL 0.9.6e版本使用断言检测缓冲区溢出攻击而不是较少严重机制溢出攻击。远程攻击者借助致使OpenSSL中止失败断言的某些消息导致服务拒绝(崩溃),正如使用没有正确处理s2_srvr.c的SSLv2 CLIENT_MASTER_KEY消息。
CVSS Information
N/A
Vulnerability Type
N/A