Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2004-0826

CVE information

Published

17 years ago

Last Modified

5 years ago

CVSSv2.0 Severity

High

Impact Analysis

Description

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message..

CVSSv2.0 Score

Severity
High
Base Score
7.5/10
Exploit Score
10/10
Access Vector
Network
Access Complexity
Low
Authentication Required
None
Impact Score
6.4/10
Confidentiality Impact
Partial
Availability Impact
Partial
Integrity Impact
Partial

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:netscape:enterprise_server:3.5:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:4.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:6.0:sp3:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_application_server:6.0:sp1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:java_system_application_server:7.0:*:platform:
  Yes
- -
cpe:2.3:a:sun:one_web_server:6.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:netscape:directory_server:4.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:4.1.1:*:netware:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_application_server:6.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:netscape:directory_server:1.3:patch5:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:directory_server:3.1:patch1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:2.0a:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:4.1:sp8:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:6.1:sp1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.6:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp3:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:6.0:sp5:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.6:*:solaris:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp11:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.0.7a:*:netware:*:*:*:
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:netscape:directory_server:3.12:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.0.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.0.1b:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:java_enterprise_system:2003q4:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp14:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp9:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:6.1:sp2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.4:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.6:sp3:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:java_system_application_server:7.1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp12:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp7:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp8:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:4.1:sp5:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:java_enterprise_system:2004q2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:netscape:certificate_server:1.0:patch1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:2.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.6:sp1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:4.1:sp7:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp5:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp6:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:6.0:sp7:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:6.0:sp8:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:netscape:directory_server:4.11:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:directory_server:4.13:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.0l:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.5.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:4.1:sp3:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:personalization_engine:*:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:netscape:certificate_server:4.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.3:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:5.0:*:netware:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:java_system_application_server:7.0:ur4:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp13:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.5:*:solaris:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:4.1:sp4:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:java_system_application_server:7.0:*:enterpris
  Yes
- -
cpe:2.3:a:sun:one_application_server:6.0:sp2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp4:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:one_web_server:6.0:sp4:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:2.0.1c:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:3.6:sp2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:netscape:enterprise_server:4.1:sp6:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:java_system_application_server:7.0:*:standard:
  Yes
- -
cpe:2.3:a:sun:one_web_server:4.1:sp10:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*
  Yes
- -