VYPR
Unrated severityNVD Advisory· Published Sep 28, 2006· Updated Jun 16, 2026

CVE-2006-4343

CVE-2006-4343

Description

The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

23
  • cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
    • (no CPE)range: <0.9.8d, <0.9.7l
  • cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • osv-coords2 versions
    < 1.0.2u-6.2+ 1 more
    • (no CPE)range: < 1.0.2u-6.2
    • (no CPE)range: < 1.1.1l-1.2

Patches

Vulnerability mechanics

References

131

News mentions

0

No linked articles in our index yet.