CVE-2005-1730 - Vulnerability Details - OpenCVE

Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Novell	Imanager

Configuration 1 [-]

cpe:2.3:a:novell:imanager:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.cirt.dk/advisories/cirt-32-advisory.pdf
http://www.securityfocus.com/bid/8732
http://www.securityfocus.com/data/vulnerabilities/exploits/ASN.1-Brute.c
http://www.vupen.com/english/advisories/2005/0744

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-03T23:00:00

Updated: 2024-08-07T21:59:24.289Z

Reserved: 2005-05-24T00:00:00

Link: CVE-2005-1730

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2005-12-31T05:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2005-1730

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-06-13T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by \"OpenSSL ASN.1 brute forcer.\" NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-03-14T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2005-0744", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/0744"}, {"tags": ["x_refsource_MISC"], "url": "http://www.cirt.dk/advisories/cirt-32-advisory.pdf"}, {"name": "8732", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/8732"}, {"tags": ["x_refsource_MISC"], "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/ASN.1-Brute.c"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-1730", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by \"OpenSSL ASN.1 brute forcer.\" NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2005-0744", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/0744"}, {"name": "http://www.cirt.dk/advisories/cirt-32-advisory.pdf", "refsource": "MISC", "url": "http://www.cirt.dk/advisories/cirt-32-advisory.pdf"}, {"name": "8732", "refsource": "BID", "url": "http://www.securityfocus.com/bid/8732"}, {"name": "http://www.securityfocus.com/data/vulnerabilities/exploits/ASN.1-Brute.c", "refsource": "MISC", "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/ASN.1-Brute.c"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T21:59:24.289Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2005-0744", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2005/0744"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.cirt.dk/advisories/cirt-32-advisory.pdf"}, {"name": "8732", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/8732"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/ASN.1-Brute.c"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-1730", "datePublished": "2007-03-03T23:00:00", "dateReserved": "2005-05-24T00:00:00", "dateUpdated": "2024-08-07T21:59:24.289Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:novell:imanager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D663FA7-C80B-4076-8A04-68D27660A8DC", "versionEndIncluding": "2.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by \"OpenSSL ASN.1 brute forcer.\" NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112."}], "evaluatorComment": "This vulnerability is addressed in the following product update:\r\nhttp://www.novell.com/products/consoles/", "id": "CVE-2005-1730", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.cirt.dk/advisories/cirt-32-advisory.pdf"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/8732"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/ASN.1-Brute.c"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/0744"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.cirt.dk/advisories/cirt-32-advisory.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/8732"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/ASN.1-Brute.c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/0744"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Based on our research we believe that the "OpenSSL ASN.1 brute forcer." is actually exploiting flaws CVE-2003-0543, CVE-2003-0544, CVE-2003-0545. Those issues are all addressed in Red Hat Enterprise Linux and therefore CVE-2005-1730 is a duplicate assignment.", "lastModified": "2007-04-02T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}