Public Date:
1617156: CVE-2004-0112 security flaw

The MITRE CVE dictionary describes this issue as:

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

Find out more about CVE-2004-0112 from the MITRE CVE dictionary dictionary and NIST NVD.


Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 RHSA-2004:120 2004-03-17
Red Hat Linux 9 RHSA-2004:121 2004-03-17
Last Modified

CVE description copyright © 2017, The MITRE Corporation