CVE-2002-0659

Name of the Vulnerable Software and Affected Versions OpenSSL versions 0.9.6d and earlier OpenSSL versions 0.9.7-beta2 and earlier OpenSSL 0.9.6e and earlier

Description The issue affects the ASN1 library in OpenSSL, allowing remote attackers to cause a denial of service via invalid encodings. Multiple vulnerabilities in the OpenSSL package may lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The vulnerabilities include buffer overflows, parsing errors, and insufficient bounds checking, which may allow execution of arbitrary code or create a denial of service condition.

Recommendations For OpenSSL versions 0.9.6d and earlier, update to a version later than 0.9.6d to resolve the issue. For OpenSSL versions 0.9.7-beta2 and earlier, update to a version later than 0.9.7-beta2 to resolve the issue. For OpenSSL 0.9.6e and earlier, update to a version later than 0.9.6e to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable ASN.1 library until a patch is available.