CVE-2006-4343

Impact:
Low
Public Date:
2006-09-28
Bugzilla:
430651: CVE-2006-4343 openssl sslv2 client code

The MITRE CVE dictionary describes this issue as:

The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.

Find out more about CVE-2006-4343 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 2.1 RHSA-2006:0695 2006-09-28
Red Hat Satellite 5.1 (RHEL v.4 AS) (rhn-solaris-bootstrap) RHSA-2008:0629 2008-08-13
Red Hat Enterprise Linux 4 RHSA-2006:0695 2006-09-28
Red Hat Satellite 5.0 (RHEL v.4 AS) (rhn-solaris-bootstrap) RHSA-2008:0264 2008-05-20
Red Hat Satellite v 4.2 (RHEL v.3 AS) RHSA-2008:0525 2008-06-30
Red Hat Satellite v 4.2 (RHEL v.4 AS) RHSA-2008:0525 2008-06-30
Red Hat Enterprise Linux 3 RHSA-2006:0695 2006-09-28

Mitigation

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.