{"id":"CVE-2002-1568","details":"OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c.","modified":"2026-04-10T03:34:46.844776Z","published":"2003-11-17T05:00:00Z","references":[{"type":"ADVISORY","url":"http://cvs.openssl.org/chngview?cn=7659"},{"type":"FIX","url":"http://cvs.openssl.org/chngview?cn=7659"},{"type":"WEB","url":"http://marc.info/?l=bugtraq&m=106511018214983"},{"type":"WEB","url":"http://www.ebitech.sk/patrik/SA/SA-20031002.txt"}],"schema_version":"1.7.5"}