Main
Vulnerability Database
Exploits
ID:373 - Exploit for SSLV2 Handshake malformed key buffer overflow in OpenSSL - CVE-2002-0656
ID:373 - Exploit for SSLV2 Handshake malformed key buffer overflow in OpenSSL - CVE-2002-0656
Published: March 18, 2020
Vulnerability identifier: #VU245
Vulnerability risk: Critical
CVE-ID: CVE-2002-0656
CWE-ID: CWE-119
Exploitation vector: Remote access
Vulnerable software:
OpenSSL
OpenSSL
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in OpenSSL. A remote unauthenticated attacker can execute arbitrary code by sending a large client master key in SSL2 or a large session ID in SSL3.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
The vulnerability exists due to boundary error in OpenSSL. A remote unauthenticated attacker can execute arbitrary code by sending a large client master key in SSL2 or a large session ID in SSL3.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Upgrade your version to OpenSSL 0.9.6e.