CVE-2005-2969

Severity

50%

Complexity

99%

Confidentiality

48%

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N).

Overview

Type

OpenSSL Project OpenSSL

First reported 19 years ago

2005-10-18 21:02:00

Last updated 6 years ago

2018-05-03 01:29:00

Affected Software

OpenSSL Project OpenSSL 0.9.7

0.9.7

OpenSSL Project OpenSSL 0.9.7a

0.9.7a

OpenSSL Project OpenSSL 0.9.7b

0.9.7b

OpenSSL Project OpenSSL 0.9.7c

0.9.7c

OpenSSL Project OpenSSL 0.9.7d

0.9.7d

OpenSSL Project OpenSSL 0.9.7e

0.9.7e

OpenSSL Project OpenSSL 0.9.7f

0.9.7f

OpenSSL Project OpenSSL 0.9.7g

0.9.7g

OpenSSL Project OpenSSL 0.9.8

0.9.8

References

ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf

APPLE-SA-2005-11-29

HPSBUX02174

SSRT071299

TSLSA-2005-0059

17146

17151

17153

17169

17178

17180

17189

17191

17210

17259

17288

17335

17344

17389

17409

17432

17466

17589

17617

17632

17813

17888

18045

18123

18165

18663

19185

21827

23280

23340

23843

23915

25973

26893

31492

1015032

101974

http://support.avaya.com/elmodocs2/security/ASA-2006-031.htm

http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm

20051202 Cisco Security Notice: Response to OpenSSL - Potential SSL 2.0 Rollback

DSA-875

DSA-881

DSA-882

http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html

http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.html

http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txt

MDKSA-2005:179

SUSE-SA:2005:061

http://www.openssl.org/news/secadv_20051011.txt

Patch, Vendor Advisory

RHSA-2005:762

RHSA-2005:800

Vendor Advisory

RHSA-2008:0629

15071

15647

24799

ADV-2005-2036

ADV-2005-2659

ADV-2005-2710

ADV-2005-2908

ADV-2005-3002

ADV-2005-3056

ADV-2006-3531

ADV-2007-0326

ADV-2007-0343

ADV-2007-2457

http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754

hitachi-hicommand-security-bypass(35287)

https://issues.rpath.com/browse/RPL-1633

oval:org.mitre.oval:def:11454

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.