Vulnerability Details CVE-2004-2003
Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.05
EPSS Ranking 89.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=108386181021070&w=2
- http://secunia.com/advisories/11569
- http://www.osvdb.org/5945
- http://www.securityfocus.com/bid/10295
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16078
- http://marc.info/?l=bugtraq&m=108386181021070&w=2
- http://secunia.com/advisories/11569
- http://www.osvdb.org/5945
- http://www.securityfocus.com/bid/10295
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16078
Products affected by CVE-2004-2003
-
cpe:2.3:a:delegate:delegate:7.7.0
-
cpe:2.3:a:delegate:delegate:7.7.1
-
cpe:2.3:a:delegate:delegate:7.8.0
-
cpe:2.3:a:delegate:delegate:7.8.1
-
cpe:2.3:a:delegate:delegate:7.8.2
-
cpe:2.3:a:delegate:delegate:7.9.11
-
cpe:2.3:a:delegate:delegate:8.3.3
-
cpe:2.3:a:delegate:delegate:8.3.4
-
cpe:2.3:a:delegate:delegate:8.4.0
-
cpe:2.3:a:delegate:delegate:8.5.0
-
cpe:2.3:a:delegate:delegate:8.9
-
cpe:2.3:a:delegate:delegate:8.9.1
-
cpe:2.3:a:delegate:delegate:8.9.2