CVE-2003-0545

Impact:
Moderate
Public Date:
2003-09-30
Bugzilla:
104893: CAN-2003-0543/0544 OpenSSL ASN.1 protocol crashes

The MITRE CVE dictionary describes this issue as:

Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.

Find out more about CVE-2003-0545 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Not vulnerable. The OpenSSL packages in Red Hat Enterprise Linux 2.1 were not affected by this issue.

The OpenSSL packages in Red Hat Enterprise Linux 3 and 4 contain a backported patch since their initial release (openssl), or were not affected by this issue (openssl096b).

The OpenSSL packages in Red Hat Enterprise Linux 5 are based on fixed upstream release (openssl), or contain backported patch since their initial release (openssl097a).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Linux 9 RHSA-2003:292 2003-09-30

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.