CVE-2002-0656

OpenSSL 0.9.6d and earlier, 0.9.7-beta2 and earlier - Remote Code Execution via Large Client Master Key or Session ID

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0656. PoCs published by Solar Eclipse.

AI-analyzed exploit summary This is a functional remote exploit for CVE-2002-0656, targeting the KEY_ARG buffer overflow in OpenSSL 0.9.6d and earlier. It leverages the vulnerability to achieve remote code execution with the privileges of the server process (e.g., nobody for Apache, root for other services).

Description

Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.

Exploits (1)

exploitdb WORKING POC

by Solar Eclipse · textremoteunix

https://www.exploit-db.com/exploits/40347

View Code ZIP pw:eip

This is a functional remote exploit for CVE-2002-0656, targeting the KEY_ARG buffer overflow in OpenSSL 0.9.6d and earlier. It leverages the vulnerability to achieve remote code execution with the privileges of the server process (e.g., nobody for Apache, root for other services).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: OpenSSL 0.9.6d and earlier

No auth needed

Prerequisites: Target must be running a vulnerable version of OpenSSL · SSL service must be accessible (default port 443)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (12)

Core 12

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/5363

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/5362

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/102795

Various Sources vendor-advisory x_refsource_mandrake

http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-046.php

Various Sources vendor-advisory x_refsource_caldera

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/258555

Third Party Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/9714.php

US Government Resource third-party-advisory x_refsource_cert

http://www.cert.org/advisories/CA-2002-23.html

Various Sources vendor-advisory x_refsource_caldera

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt

Vendor Advisory vendor-advisory x_refsource_conectiva

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000513

Various Sources vendor-advisory x_refsource_freebsd

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc

Third Party Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/9716.php

Scores

EPSS 0.8982

EPSS Percentile 99.8%

Details

Status published

Products (33)

apple/mac_os_x 10.0

apple/mac_os_x 10.0.1

apple/mac_os_x 10.0.2

apple/mac_os_x 10.0.3

apple/mac_os_x 10.0.4

apple/mac_os_x 10.1

apple/mac_os_x 10.1.1

apple/mac_os_x 10.1.2

apple/mac_os_x 10.1.3

apple/mac_os_x 10.1.4

... and 23 more

Published Aug 12, 2002

Tracked Since Feb 18, 2026