CVE-2004-0081

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 0.9.6d OpenSSL versions 0.9.6 OpenSSL versions 0.9.7a libssl09 (affected versions not specified) openssl096 (affected versions not specified) openssl096b (affected versions not specified) openssl-devel-0.9.7a (affected versions not specified)

Description The issue is related to the handling of unknown message types in OpenSSL, which can lead to a denial of service (infinite loop) when exploited remotely. This can result in the loss of availability for OpenSSL or the application using it. The vulnerability can be exploited remotely and may lead to disruption of confidentiality, integrity, and availability of protected information.

Recommendations For OpenSSL versions prior to 0.9.6d, update to version 0.9.6d or later. For OpenSSL versions 0.9.6, update to version 0.9.6d or later. For OpenSSL versions 0.9.7a, update to a version later than 0.9.7a. For libssl09, openssl096, openssl096b, and openssl-devel-0.9.7a, at the moment, there is no information about a newer version that contains a fix for this vulnerability.