← CVECheck
HomeVulnerabilities

CVE-2002-1568 — MEDIUM severity vulnerability (OpenSSL 0.9.6e uses assertions when detecting buffer overflo)

OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not prop

CVE IDCVE-2002-1568
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:N/I:N/A:P
CWENVD-CWE-Other
StatusModified
Published2003-11-17
Last modified2026-04-16
DescriptionOpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →