Action not permitted
Modal body text goes here.
Modal Title
Modal Body
RHSA-2014:0628
Vulnerability from csaf_redhat
Published
2014-06-05 12:12
Modified
2024-11-22 08:21
Summary
Red Hat Security Advisory: openssl security update
Notes
Topic
Updated openssl packages that fix multiple security issues are now
available for Red Hat Storage 2.1.
The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.
It was found that OpenSSL clients and servers could be forced, via a
specially crafted handshake packet, to use weak keying material for
communication. A man-in-the-middle attacker could use this flaw to decrypt
and modify traffic between a client and a server. (CVE-2014-0224)
Note: In order to exploit this flaw, both the server and the client must be
using a vulnerable version of OpenSSL; the server must be using OpenSSL
version 1.0.1 and above, and the client must be using any version of
OpenSSL. For more information about this flaw, refer to:
https://access.redhat.com/site/articles/904433
A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS
packet fragments. A remote attacker could possibly use this flaw to execute
arbitrary code on a DTLS client or server. (CVE-2014-0195)
Multiple flaws were found in the way OpenSSL handled read and write buffers
when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or
server using OpenSSL could crash or unexpectedly drop connections when
processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)
A denial of service flaw was found in the way OpenSSL handled certain DTLS
ServerHello requests. A specially crafted DTLS handshake packet could cause
a DTLS client using OpenSSL to crash. (CVE-2014-0221)
A NULL pointer dereference flaw was found in the way OpenSSL performed
anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially
crafted handshake packet could cause a TLS/SSL client that has the
anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
Red Hat would like to thank the OpenSSL project for reporting these issues.
Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter
of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195,
Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix
Gröbert and Ivan Fratrić of Google as the original reporters of
CVE-2014-3470.
All OpenSSL users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. For the update to take
effect, all services linked to the OpenSSL library (such as httpd and other
SSL-enabled services) must be restarted or the system rebooted.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Storage 2.1.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", title: "Topic", }, { category: "general", text: "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to decrypt\nand modify traffic between a client and a server. (CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be\nusing a vulnerable version of OpenSSL; the server must be using OpenSSL\nversion 1.0.1 and above, and the client must be using any version of\nOpenSSL. For more information about this flaw, refer to:\nhttps://access.redhat.com/site/articles/904433\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid DTLS\npacket fragments. A remote attacker could possibly use this flaw to execute\narbitrary code on a DTLS client or server. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers\nwhen the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or\nserver using OpenSSL could crash or unexpectedly drop connections when\nprocessing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain DTLS\nServerHello requests. A specially crafted DTLS handshake packet could cause\na DTLS client using OpenSSL to crash. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed\nanonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially\ncrafted handshake packet could cause a TLS/SSL client that has the\nanonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues.\nUpstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter\nof CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195,\nImre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix\nGröbert and Ivan Fratrić of Google as the original reporters of\nCVE-2014-3470.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:0628", url: "https://access.redhat.com/errata/RHSA-2014:0628", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/site/articles/904433", url: "https://access.redhat.com/site/articles/904433", }, { category: "external", summary: "https://access.redhat.com/site/solutions/906703", url: "https://access.redhat.com/site/solutions/906703", }, { category: "external", summary: "1087195", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1087195", }, { category: "external", summary: "1093837", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1093837", }, { category: "external", summary: "1103586", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103586", }, { category: "external", summary: "1103593", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103593", }, { category: "external", summary: "1103598", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103598", }, { category: "external", summary: "1103600", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103600", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0628.json", }, ], title: "Red Hat Security Advisory: openssl security update", tracking: { current_release_date: "2024-11-22T08:21:18+00:00", generator: { date: "2024-11-22T08:21:18+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2014:0628", initial_release_date: "2014-06-05T12:12:30+00:00", revision_history: [ { date: "2014-06-05T12:12:30+00:00", number: "1", summary: "Initial version", }, { date: "2014-06-05T12:12:30+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T08:21:18+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Storage Server 2.1", product: { name: "Red Hat Storage Server 2.1", product_id: "6Server-RHS-6.4.z", product_identification_helper: { cpe: "cpe:/a:redhat:storage:2.1:server:el6", }, }, }, ], category: "product_family", name: "Red Hat Gluster Storage", }, { branches: [ { category: "product_version", name: "openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", product: { name: "openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", product_id: "openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@1.0.1e-16.el6_5.14?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-static-0:1.0.1e-16.el6_5.14.x86_64", product: { name: "openssl-static-0:1.0.1e-16.el6_5.14.x86_64", product_id: "openssl-static-0:1.0.1e-16.el6_5.14.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-static@1.0.1e-16.el6_5.14?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", product: { name: "openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", product_id: "openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@1.0.1e-16.el6_5.14?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-0:1.0.1e-16.el6_5.14.x86_64", product: { name: "openssl-0:1.0.1e-16.el6_5.14.x86_64", product_id: "openssl-0:1.0.1e-16.el6_5.14.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@1.0.1e-16.el6_5.14?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", product: { name: "openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", product_id: "openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@1.0.1e-16.el6_5.14?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "openssl-0:1.0.1e-16.el6_5.14.src", product: { name: "openssl-0:1.0.1e-16.el6_5.14.src", product_id: "openssl-0:1.0.1e-16.el6_5.14.src", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@1.0.1e-16.el6_5.14?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssl-0:1.0.1e-16.el6_5.14.src as a component of Red Hat Storage Server 2.1", product_id: "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", }, product_reference: "openssl-0:1.0.1e-16.el6_5.14.src", relates_to_product_reference: "6Server-RHS-6.4.z", }, { category: "default_component_of", full_product_name: { name: "openssl-0:1.0.1e-16.el6_5.14.x86_64 as a component of Red Hat Storage Server 2.1", product_id: "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", }, product_reference: "openssl-0:1.0.1e-16.el6_5.14.x86_64", relates_to_product_reference: "6Server-RHS-6.4.z", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64 as a component of Red Hat Storage Server 2.1", product_id: "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", }, product_reference: "openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", relates_to_product_reference: "6Server-RHS-6.4.z", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-0:1.0.1e-16.el6_5.14.x86_64 as a component of Red Hat Storage Server 2.1", product_id: "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", }, product_reference: "openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", relates_to_product_reference: "6Server-RHS-6.4.z", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-0:1.0.1e-16.el6_5.14.x86_64 as a component of Red Hat Storage Server 2.1", product_id: "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", }, product_reference: "openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", relates_to_product_reference: "6Server-RHS-6.4.z", }, { category: "default_component_of", full_product_name: { name: "openssl-static-0:1.0.1e-16.el6_5.14.x86_64 as a component of Red Hat Storage Server 2.1", product_id: "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", }, product_reference: "openssl-static-0:1.0.1e-16.el6_5.14.x86_64", relates_to_product_reference: "6Server-RHS-6.4.z", }, ], }, vulnerabilities: [ { cve: "CVE-2010-5298", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2014-04-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1087195", }, ], notes: [ { category: "description", text: "Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.", title: "Vulnerability description", }, { category: "summary", text: "openssl: freelist misuse causing a possible use-after-free", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the openssl packages shipped with Red Hat Enterprise Linux 5.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2010-5298", }, { category: "external", summary: "RHBZ#1087195", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1087195", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2010-5298", url: "https://www.cve.org/CVERecord?id=CVE-2010-5298", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2010-5298", url: "https://nvd.nist.gov/vuln/detail/CVE-2010-5298", }, { category: "external", summary: "https://www.openssl.org/news/secadv_20140605.txt", url: "https://www.openssl.org/news/secadv_20140605.txt", }, ], release_date: "2014-04-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-06-05T12:12:30+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", product_ids: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:0628", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl: freelist misuse causing a possible use-after-free", }, { acknowledgments: [ { names: [ "OpenSSL project", ], }, { names: [ "Jüri Aedla", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2014-0195", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-06-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1103598", }, ], notes: [ { category: "description", text: "The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.", title: "Vulnerability description", }, { category: "summary", text: "openssl: Buffer overflow via DTLS invalid fragment", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the version of openssl as shipped with Red Hat Enterprise Linux 5. This issue does not affect the version of openssl098e as shipped with Red Hat Enterprise Linux 6.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-0195", }, { category: "external", summary: "RHBZ#1103598", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103598", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-0195", url: "https://www.cve.org/CVERecord?id=CVE-2014-0195", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-0195", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-0195", }, { category: "external", summary: "https://www.openssl.org/news/secadv_20140605.txt", url: "https://www.openssl.org/news/secadv_20140605.txt", }, ], release_date: "2014-06-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-06-05T12:12:30+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", product_ids: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:0628", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "openssl: Buffer overflow via DTLS invalid fragment", }, { cve: "CVE-2014-0198", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2014-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1093837", }, ], notes: [ { category: "description", text: "The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.", title: "Vulnerability description", }, { category: "summary", text: "openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write()", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the openssl packages shipped with Red Hat Enterprise Linux 5.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-0198", }, { category: "external", summary: "RHBZ#1093837", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1093837", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-0198", url: "https://www.cve.org/CVERecord?id=CVE-2014-0198", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-0198", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-0198", }, { category: "external", summary: "https://www.openssl.org/news/secadv_20140605.txt", url: "https://www.openssl.org/news/secadv_20140605.txt", }, ], release_date: "2014-04-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-06-05T12:12:30+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", product_ids: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:0628", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write()", }, { acknowledgments: [ { names: [ "OpenSSL project", ], }, { names: [ "Imre Rad", ], organization: "Search-Lab", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2014-0221", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2014-06-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1103593", }, ], notes: [ { category: "description", text: "A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash.", title: "Vulnerability description", }, { category: "summary", text: "openssl: DoS when sending invalid DTLS handshake", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-0221", }, { category: "external", summary: "RHBZ#1103593", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103593", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-0221", url: "https://www.cve.org/CVERecord?id=CVE-2014-0221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-0221", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-0221", }, { category: "external", summary: "https://www.openssl.org/news/secadv_20140605.txt", url: "https://www.openssl.org/news/secadv_20140605.txt", }, ], release_date: "2014-06-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-06-05T12:12:30+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", product_ids: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:0628", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl: DoS when sending invalid DTLS handshake", }, { acknowledgments: [ { names: [ "OpenSSL project", ], }, { names: [ "KIKUCHI Masashi", ], organization: "Lepidum", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2014-0224", cwe: { id: "CWE-841", name: "Improper Enforcement of Behavioral Workflow", }, discovery_date: "2014-06-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1103586", }, ], notes: [ { category: "description", text: "It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server.", title: "Vulnerability description", }, { category: "summary", text: "openssl: SSL/TLS MITM vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-0224", }, { category: "external", summary: "RHBZ#1103586", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103586", }, { category: "external", summary: "RHSB-OpenSSL-CCS-Injection", url: "https://access.redhat.com/security/vulnerabilities/OpenSSL-CCS-Injection", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-0224", url: "https://www.cve.org/CVERecord?id=CVE-2014-0224", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-0224", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-0224", }, { category: "external", summary: "https://access.redhat.com/site/articles/904433", url: "https://access.redhat.com/site/articles/904433", }, { category: "external", summary: "https://access.redhat.com/site/solutions/905793", url: "https://access.redhat.com/site/solutions/905793", }, { category: "external", summary: "https://www.openssl.org/news/secadv_20140605.txt", url: "https://www.openssl.org/news/secadv_20140605.txt", }, ], release_date: "2014-06-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-06-05T12:12:30+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", product_ids: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:0628", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "openssl: SSL/TLS MITM vulnerability", }, { acknowledgments: [ { names: [ "OpenSSL project", ], }, { names: [ "Felix Gröbert", ], summary: "Acknowledged by upstream.", }, { names: [ "Ivan Fratrić", ], organization: "Google", summary: "Acknowledged by upstream.", }, ], cve: "CVE-2014-3470", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2014-06-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1103600", }, ], notes: [ { category: "description", text: "The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.", title: "Vulnerability description", }, { category: "summary", text: "openssl: client-side denial of service when using anonymous ECDH", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the version of openssl and openssl097a as shipped with Red Hat Enterprise Linux 5. This issue does not affect the openssl098e as shipped with Red Hat Enterprise Linux 6.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-3470", }, { category: "external", summary: "RHBZ#1103600", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103600", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-3470", url: "https://www.cve.org/CVERecord?id=CVE-2014-3470", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-3470", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-3470", }, { category: "external", summary: "https://www.openssl.org/news/secadv_20140605.txt", url: "https://www.openssl.org/news/secadv_20140605.txt", }, ], release_date: "2014-06-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-06-05T12:12:30+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", product_ids: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:0628", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.src", "6Server-RHS-6.4.z:openssl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-debuginfo-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-devel-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-perl-0:1.0.1e-16.el6_5.14.x86_64", "6Server-RHS-6.4.z:openssl-static-0:1.0.1e-16.el6_5.14.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl: client-side denial of service when using anonymous ECDH", }, ], }
CVE-2014-0221 (GCVE-0-2014-0221)
Vulnerability from cvelistv5
Published
2014-06-05 21:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:05:39.372Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59669", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015300", }, { name: "59990", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59990", }, { name: "1030337", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1030337", }, { name: "59454", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59454", }, { name: "59126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59126", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015264", }, { name: "59306", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59306", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "HPSBUX03046", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "61254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61254", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", }, { name: "59895", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59895", }, { name: "59449", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59449", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59189", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59189", }, { name: "MDVSA-2014:106", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59300", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "59284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59284", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59365", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "59495", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59495", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58945", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "59659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59659", }, { name: "openSUSE-SU-2016:0640", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { name: "59429", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59429", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59655", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59310", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.citrix.com/article/CTX140876", }, { name: "59167", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59167", }, { name: "59120", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59120", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "HPSBMU03069", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140499827729550&w=2", }, { name: "MDVSA-2014:105", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105", }, { name: "59460", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59460", }, { name: "RHSA-2014:1021", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1021.html", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59027", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59027", }, { name: "59514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59514", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676226", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { name: "67901", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/67901", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { name: "59221", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59221", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "58714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58615", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT6443", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59301", }, { name: "59784", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59784", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "59192", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59175", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59413", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59721", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59450", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-1053.html", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59491", }, { name: "59364", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59364", }, { name: "59451", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59451", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58977", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60571", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=d3152655d5319ce883c8e3ac4b99f8de4c59d846", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.blackberry.com/btsc/KB36051", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "60687", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60687", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103593", }, { name: "59528", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59528", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58337", }, { name: "59518", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59518", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59162", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59490", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", }, { name: "HPSBMU03065", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-06-05T00:00:00", descriptions: [ { lang: "en", value: "The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59669", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015300", }, { name: "59990", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59990", }, { name: "1030337", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1030337", }, { name: "59454", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59454", }, { name: "59126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59126", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015264", }, { name: "59306", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59306", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "HPSBUX03046", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "61254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61254", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", }, { name: "59895", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59895", }, { name: "59449", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59449", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59189", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59189", }, { name: "MDVSA-2014:106", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59300", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "59284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59284", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59365", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "59495", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59495", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58945", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "59659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59659", }, { name: "openSUSE-SU-2016:0640", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { name: "59429", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59429", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59655", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59310", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.citrix.com/article/CTX140876", }, { name: "59167", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59167", }, { name: "59120", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59120", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "HPSBMU03069", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140499827729550&w=2", }, { name: "MDVSA-2014:105", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105", }, { name: "59460", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59460", }, { name: "RHSA-2014:1021", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1021.html", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59027", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59027", }, { name: "59514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59514", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676226", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { name: "67901", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/67901", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { name: "59221", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59221", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "58714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58615", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT6443", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59301", }, { name: "59784", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59784", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "59192", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59175", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59413", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59721", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59450", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-1053.html", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59491", }, { name: "59364", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59364", }, { name: "59451", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59451", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58977", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60571", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=d3152655d5319ce883c8e3ac4b99f8de4c59d846", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.blackberry.com/btsc/KB36051", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "60687", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60687", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103593", }, { name: "59528", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59528", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58337", }, { name: "59518", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59518", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59162", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59490", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", }, { name: "HPSBMU03065", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-0221", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "59342", refsource: "SECUNIA", url: "http://secunia.com/advisories/59342", }, { name: "59669", refsource: "SECUNIA", url: "http://secunia.com/advisories/59669", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015300", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015300", }, { name: "59990", refsource: "SECUNIA", url: "http://secunia.com/advisories/59990", }, { name: "1030337", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1030337", }, { name: "59454", refsource: "SECUNIA", url: "http://secunia.com/advisories/59454", }, { name: "59126", refsource: "SECUNIA", url: "http://secunia.com/advisories/59126", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015264", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015264", }, { name: "59306", refsource: "SECUNIA", url: "http://secunia.com/advisories/59306", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "HPSBUX03046", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "61254", refsource: "SECUNIA", url: "http://secunia.com/advisories/61254", }, { name: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", refsource: "CONFIRM", url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", }, { name: "59895", refsource: "SECUNIA", url: "http://secunia.com/advisories/59895", }, { name: "59449", refsource: "SECUNIA", url: "http://secunia.com/advisories/59449", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", refsource: "SECUNIA", url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59189", refsource: "SECUNIA", url: "http://secunia.com/advisories/59189", }, { name: "MDVSA-2014:106", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "59300", refsource: "SECUNIA", url: "http://secunia.com/advisories/59300", }, { name: "GLSA-201407-05", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "59284", refsource: "SECUNIA", url: "http://secunia.com/advisories/59284", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg24037783", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", refsource: "SECUNIA", url: "http://secunia.com/advisories/59365", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "59495", refsource: "SECUNIA", url: "http://secunia.com/advisories/59495", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", refsource: "SECUNIA", url: "http://secunia.com/advisories/58945", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "59659", refsource: "SECUNIA", url: "http://secunia.com/advisories/59659", }, { name: "openSUSE-SU-2016:0640", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { name: "59429", refsource: "SECUNIA", url: "http://secunia.com/advisories/59429", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", refsource: "SECUNIA", url: "http://secunia.com/advisories/59655", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { name: "59437", refsource: "SECUNIA", url: "http://secunia.com/advisories/59437", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", refsource: "SECUNIA", url: "http://secunia.com/advisories/59310", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", refsource: "CONFIRM", url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { name: "http://www.fortiguard.com/advisory/FG-IR-14-018/", refsource: "CONFIRM", url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676793", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676356", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { name: "http://support.citrix.com/article/CTX140876", refsource: "CONFIRM", url: "http://support.citrix.com/article/CTX140876", }, { name: "59167", refsource: "SECUNIA", url: "http://secunia.com/advisories/59167", }, { name: "59120", refsource: "SECUNIA", url: "http://secunia.com/advisories/59120", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "HPSBMU03069", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140499827729550&w=2", }, { name: "MDVSA-2014:105", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105", }, { name: "59460", refsource: "SECUNIA", url: "http://secunia.com/advisories/59460", }, { name: "RHSA-2014:1021", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1021.html", }, { name: "58939", refsource: "SECUNIA", url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59027", refsource: "SECUNIA", url: "http://secunia.com/advisories/59027", }, { name: "59514", refsource: "SECUNIA", url: "http://secunia.com/advisories/59514", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676226", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676226", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { name: "67901", refsource: "BID", url: "http://www.securityfocus.com/bid/67901", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { name: "59221", refsource: "SECUNIA", url: "http://secunia.com/advisories/59221", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "58714", refsource: "SECUNIA", url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { name: "http://www.openssl.org/news/secadv_20140605.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", refsource: "SECUNIA", url: "http://secunia.com/advisories/58615", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "http://support.apple.com/kb/HT6443", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT6443", }, { name: "59301", refsource: "SECUNIA", url: "http://secunia.com/advisories/59301", }, { name: "59784", refsource: "SECUNIA", url: "http://secunia.com/advisories/59784", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA80", refsource: "CONFIRM", url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "59192", refsource: "SECUNIA", url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "HPSBMU03056", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", refsource: "SECUNIA", url: "http://secunia.com/advisories/59175", }, { name: "HPSBMU03051", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", refsource: "SECUNIA", url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", refsource: "SECUNIA", url: "http://secunia.com/advisories/59413", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { name: "59721", refsource: "SECUNIA", url: "http://secunia.com/advisories/59721", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", refsource: "SECUNIA", url: "http://secunia.com/advisories/58713", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", refsource: "SECUNIA", url: "http://secunia.com/advisories/59450", }, { name: "http://linux.oracle.com/errata/ELSA-2014-1053.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-1053.html", }, { name: "59287", refsource: "SECUNIA", url: "http://secunia.com/advisories/59287", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", refsource: "SECUNIA", url: "http://secunia.com/advisories/59491", }, { name: "59364", refsource: "SECUNIA", url: "http://secunia.com/advisories/59364", }, { name: "59451", refsource: "SECUNIA", url: "http://secunia.com/advisories/59451", }, { name: "58977", refsource: "SECUNIA", url: "http://secunia.com/advisories/58977", }, { name: "https://www.novell.com/support/kb/doc.php?id=7015271", refsource: "CONFIRM", url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", refsource: "SECUNIA", url: "http://secunia.com/advisories/60571", }, { name: "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=d3152655d5319ce883c8e3ac4b99f8de4c59d846", refsource: "CONFIRM", url: "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=d3152655d5319ce883c8e3ac4b99f8de4c59d846", }, { name: "http://www.blackberry.com/btsc/KB36051", refsource: "CONFIRM", url: "http://www.blackberry.com/btsc/KB36051", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { name: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", refsource: "CONFIRM", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "60687", refsource: "SECUNIA", url: "http://secunia.com/advisories/60687", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1103593", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103593", }, { name: "59528", refsource: "SECUNIA", url: "http://secunia.com/advisories/59528", }, { name: "58337", refsource: "SECUNIA", url: "http://secunia.com/advisories/58337", }, { name: "59518", refsource: "SECUNIA", url: "http://secunia.com/advisories/59518", }, { name: "59162", refsource: "SECUNIA", url: "http://secunia.com/advisories/59162", }, { name: "59490", refsource: "SECUNIA", url: "http://secunia.com/advisories/59490", }, { name: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", refsource: "CONFIRM", url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", }, { name: "HPSBMU03065", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-0221", datePublished: "2014-06-05T21:00:00", dateReserved: "2013-12-03T00:00:00", dateUpdated: "2024-08-06T09:05:39.372Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-0198 (GCVE-0-2014-0198)
Vulnerability from cvelistv5
Published
2014-05-06 10:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:05:39.267Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59669", }, { name: "59525", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59525", }, { name: "59282", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59282", }, { name: "59990", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59990", }, { name: "59264", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59264", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html", }, { name: "59126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59126", }, { name: "67193", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/67193", }, { name: "59306", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59306", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1093837", }, { name: "HPSBGN03068", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140544599631400&w=2", }, { name: "59190", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59190", }, { name: "59529", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59529", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "61254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61254", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://puppetlabs.com/security/cve/cve-2014-0198", }, { name: "59449", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59449", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59300", }, { name: "58667", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58667", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "59284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59284", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0204.html", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58945", }, { name: "[5.5] 005: RELIABILITY FIX: May 1, 2014", tags: [ "vendor-advisory", "x_refsource_OPENBSD", "x_transferred", ], url: "http://www.openbsd.org/errata55.html#005_openssl", }, { name: "59440", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59440", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59655", }, { name: "59163", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59163", }, { name: "DSA-2931", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2931", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "59374", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59374", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59310", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.citrix.com/article/CTX140876", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58939", }, { name: "59514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59514", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59438", }, { name: "58714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58714", }, { name: "HPSBHF03052", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141658880509699&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "60066", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60066", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59301", }, { name: "openSUSE-SU-2014:0634", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html", }, { name: "59784", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59784", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "MDVSA-2014:080", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:080", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59413", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59721", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59450", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59491", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58977", }, { name: "openSUSE-SU-2014:0635", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60571", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.blackberry.com/btsc/KB36051", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "59202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59202", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58337", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59162", }, { name: "59398", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59398", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59490", }, { name: "60049", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60049", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-04-21T00:00:00", descriptions: [ { lang: "en", value: "The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-10T14:06:35", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59669", }, { name: "59525", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59525", }, { name: "59282", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59282", }, { name: "59990", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59990", }, { name: "59264", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59264", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html", }, { name: "59126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59126", }, { name: "67193", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/67193", }, { name: "59306", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59306", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1093837", }, { name: "HPSBGN03068", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140544599631400&w=2", }, { name: "59190", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59190", }, { name: "59529", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59529", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "61254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61254", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://puppetlabs.com/security/cve/cve-2014-0198", }, { name: "59449", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59449", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59300", }, { name: "58667", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58667", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "59284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59284", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0204.html", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58945", }, { name: "[5.5] 005: RELIABILITY FIX: May 1, 2014", tags: [ "vendor-advisory", "x_refsource_OPENBSD", ], url: "http://www.openbsd.org/errata55.html#005_openssl", }, { name: "59440", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59440", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59655", }, { name: "59163", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59163", }, { name: "DSA-2931", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2931", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "59374", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59374", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59310", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.citrix.com/article/CTX140876", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58939", }, { name: "59514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59514", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59438", }, { name: "58714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58714", }, { name: "HPSBHF03052", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141658880509699&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "60066", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60066", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59301", }, { name: "openSUSE-SU-2014:0634", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html", }, { name: "59784", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59784", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "MDVSA-2014:080", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:080", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59413", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59721", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59450", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59491", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58977", }, { name: "openSUSE-SU-2014:0635", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60571", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.blackberry.com/btsc/KB36051", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "59202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59202", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58337", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59162", }, { name: "59398", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59398", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59490", }, { name: "60049", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60049", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-0198", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "59342", refsource: "SECUNIA", url: "http://secunia.com/advisories/59342", }, { name: "59669", refsource: "SECUNIA", url: "http://secunia.com/advisories/59669", }, { name: "59525", refsource: "SECUNIA", url: "http://secunia.com/advisories/59525", }, { name: "59282", refsource: "SECUNIA", url: "http://secunia.com/advisories/59282", }, { name: "59990", refsource: "SECUNIA", url: "http://secunia.com/advisories/59990", }, { name: "59264", refsource: "SECUNIA", url: "http://secunia.com/advisories/59264", }, { name: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html", refsource: "CONFIRM", url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html", }, { name: "59126", refsource: "SECUNIA", url: "http://secunia.com/advisories/59126", }, { name: "67193", refsource: "BID", url: "http://www.securityfocus.com/bid/67193", }, { name: "59306", refsource: "SECUNIA", url: "http://secunia.com/advisories/59306", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1093837", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1093837", }, { name: "HPSBGN03068", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140544599631400&w=2", }, { name: "59190", refsource: "SECUNIA", url: "http://secunia.com/advisories/59190", }, { name: "59529", refsource: "SECUNIA", url: "http://secunia.com/advisories/59529", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "61254", refsource: "SECUNIA", url: "http://secunia.com/advisories/61254", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { name: "http://puppetlabs.com/security/cve/cve-2014-0198", refsource: "CONFIRM", url: "http://puppetlabs.com/security/cve/cve-2014-0198", }, { name: "59449", refsource: "SECUNIA", url: "http://secunia.com/advisories/59449", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "HPSBMU03074", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59300", refsource: "SECUNIA", url: "http://secunia.com/advisories/59300", }, { name: "58667", refsource: "SECUNIA", url: "http://secunia.com/advisories/58667", }, { name: "GLSA-201407-05", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "59284", refsource: "SECUNIA", url: "http://secunia.com/advisories/59284", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg24037783", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { name: "http://advisories.mageia.org/MGASA-2014-0204.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0204.html", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", refsource: "SECUNIA", url: "http://secunia.com/advisories/58945", }, { name: "[5.5] 005: RELIABILITY FIX: May 1, 2014", refsource: "OPENBSD", url: "http://www.openbsd.org/errata55.html#005_openssl", }, { name: "59440", refsource: "SECUNIA", url: "http://secunia.com/advisories/59440", }, { name: "https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321", refsource: "CONFIRM", url: "https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", refsource: "SECUNIA", url: "http://secunia.com/advisories/59655", }, { name: "59163", refsource: "SECUNIA", url: "http://secunia.com/advisories/59163", }, { name: "DSA-2931", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2931", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", refsource: "SECUNIA", url: "http://secunia.com/advisories/59437", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "59374", refsource: "SECUNIA", url: "http://secunia.com/advisories/59374", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", refsource: "SECUNIA", url: "http://secunia.com/advisories/59310", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", refsource: "CONFIRM", url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { name: "http://www.fortiguard.com/advisory/FG-IR-14-018/", refsource: "CONFIRM", url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676356", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { name: "http://support.citrix.com/article/CTX140876", refsource: "CONFIRM", url: "http://support.citrix.com/article/CTX140876", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "58939", refsource: "SECUNIA", url: "http://secunia.com/advisories/58939", }, { name: "59514", refsource: "SECUNIA", url: "http://secunia.com/advisories/59514", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", refsource: "SECUNIA", url: "http://secunia.com/advisories/59438", }, { name: "58714", refsource: "SECUNIA", url: "http://secunia.com/advisories/58714", }, { name: "HPSBHF03052", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141658880509699&w=2", }, { name: "http://www.openssl.org/news/secadv_20140605.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "60066", refsource: "SECUNIA", url: "http://secunia.com/advisories/60066", }, { name: "59301", refsource: "SECUNIA", url: "http://secunia.com/advisories/59301", }, { name: "openSUSE-SU-2014:0634", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html", }, { name: "59784", refsource: "SECUNIA", url: "http://secunia.com/advisories/59784", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA80", refsource: "CONFIRM", url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "FEDORA-2014-9301", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "MDVSA-2014:080", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:080", }, { name: "HPSBMU03056", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "HPSBMU03051", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", refsource: "SECUNIA", url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", refsource: "SECUNIA", url: "http://secunia.com/advisories/59413", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { name: "59721", refsource: "SECUNIA", url: "http://secunia.com/advisories/59721", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", refsource: "SECUNIA", url: "http://secunia.com/advisories/58713", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", refsource: "SECUNIA", url: "http://secunia.com/advisories/59450", }, { name: "59287", refsource: "SECUNIA", url: "http://secunia.com/advisories/59287", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", refsource: "SECUNIA", url: "http://secunia.com/advisories/59491", }, { name: "58977", refsource: "SECUNIA", url: "http://secunia.com/advisories/58977", }, { name: "openSUSE-SU-2014:0635", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html", }, { name: "https://www.novell.com/support/kb/doc.php?id=7015271", refsource: "CONFIRM", url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", refsource: "SECUNIA", url: "http://secunia.com/advisories/60571", }, { name: "http://www.blackberry.com/btsc/KB36051", refsource: "CONFIRM", url: "http://www.blackberry.com/btsc/KB36051", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { name: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", refsource: "CONFIRM", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "59202", refsource: "SECUNIA", url: "http://secunia.com/advisories/59202", }, { name: "58337", refsource: "SECUNIA", url: "http://secunia.com/advisories/58337", }, { name: "59162", refsource: "SECUNIA", url: "http://secunia.com/advisories/59162", }, { name: "59398", refsource: "SECUNIA", url: "http://secunia.com/advisories/59398", }, { name: "59490", refsource: "SECUNIA", url: "http://secunia.com/advisories/59490", }, { name: "60049", refsource: "SECUNIA", url: "http://secunia.com/advisories/60049", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-0198", datePublished: "2014-05-06T10:00:00", dateReserved: "2013-12-03T00:00:00", dateUpdated: "2024-08-06T09:05:39.267Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-0224 (GCVE-0-2014-0224)
Vulnerability from cvelistv5
Published
2014-06-05 21:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:05:39.462Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59669", }, { name: "59525", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59525", }, { name: "HPSBMU03071", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140604261522465&w=2", }, { name: "59004", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59004", }, { name: "59530", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59530", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675626", }, { name: "59824", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59824", }, { name: "59282", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59282", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015300", }, { name: "59215", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59215", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103586", }, { name: "59990", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59990", }, { name: "59264", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59264", }, { name: "59454", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59454", }, { name: "58492", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58492", }, { name: "59186", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59186", }, { name: "59188", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59188", }, { name: "59126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59126", }, { name: "HPSBMU03078", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140672208601650&w=2", }, { name: "HPSBMU03089", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140784085708882&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015264", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html", }, { name: "59306", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59306", }, { name: "RHSA-2014:0627", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0627.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, { name: "HPSBGN03068", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140544599631400&w=2", }, { name: "RHSA-2014:0626", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0626.html", }, { name: "59190", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59190", }, { name: "58639", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58639", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676877", }, { name: "59446", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59446", }, { name: "59529", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59529", }, { name: "59445", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59445", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "59589", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59589", }, { name: "59894", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59894", }, { name: "59325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59325", }, { name: "59354", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59354", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037729", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677131", }, { name: "HPSBUX03046", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "61254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61254", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678233", }, { name: "59447", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59447", }, { name: "1031594", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1031594", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", }, { name: "59223", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59223", }, { name: "58743", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58743", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "58719", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58719", }, { name: "59449", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59449", }, { name: "59132", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59132", }, { name: "SSRT101818", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142350350616251&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { name: "HPSBST03098", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140870499402361&w=2", }, { name: "HPSBMU03058", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140386311427810&w=2", }, { name: "59442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59442", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { name: "HPSBST03195", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037761", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf", }, { name: "HPSBMU03094", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140852757108392&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://filezilla-project.org/versions.php?type=server", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676786", }, { name: "60567", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60567", }, { name: "59189", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59189", }, { name: "59368", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59368", }, { name: "MDVSA-2014:106", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "59142", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59142", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676478", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676845", }, { name: "58742", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58742", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.ibm.com/support/docview.wss?uid=ssg1S1004670", }, { name: "RHSA-2014:0624", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0624.html", }, { name: "59602", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59602", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kerio.com/support/kerio-control/release-history", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59300", }, { name: "58930", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58930", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677080", }, { name: "61815", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61815", }, { name: "58667", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58667", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677390", }, { name: "59191", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59191", }, { name: "59284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59284", }, { name: "59444", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59444", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.imperialviolet.org/2014/06/05/earlyccs.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59365", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "59305", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59305", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { name: "59483", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59483", }, { name: "58385", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58385", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "59495", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59495", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58945", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "HPSBST03106", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141025641601169&w=2", }, { name: "59659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59659", }, { name: "59440", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59440", }, { name: "openSUSE-SU-2016:0640", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { name: "59429", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59429", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59655", }, { name: "59370", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59370", }, { name: "59827", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59827", }, { name: "58660", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58660", }, { name: "59163", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59163", }, { name: "58716", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58716", }, { name: "59055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59055", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "60176", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60176", }, { name: "HPSBPI03107", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141147110427269&w=2", }, { name: "59101", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59101", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://esupport.trendmicro.com/solution/en-US/1103813.aspx", }, { name: "59374", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59374", }, { name: "59063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59063", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://discussions.nessus.org/thread/7517", }, { name: "59310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59310", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676501", }, { name: "HPSBMU03216", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142350350616251&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676536", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { name: "IV61506", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506", }, { name: "59502", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59502", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.splunk.com/view/SP-CAAAM2D", }, { name: "59878", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59878", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { name: "HPSBMU03101", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140852826008699&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { name: "59214", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59214", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBHF03088", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140794476212181&w=2", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.citrix.com/article/CTX140876", }, { name: "59167", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59167", }, { name: "59120", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59120", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037732", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172", }, { name: "HPSBMU03053", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140369637402535&w=2", }, { name: "59380", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59380", }, { name: "MDVSA-2014:105", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105", }, { name: "59460", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59460", }, { name: "59506", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59506", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59661", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59661", }, { name: "59514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59514", }, { name: "59677", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59677", }, { name: "RHSA-2014:0630", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0630.html", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { name: "RHSA-2014:0632", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0632.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037730", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037731", }, { name: "58745", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58745", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59438", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=isg3T1020948", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676496", }, { name: "58714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { name: "openSUSE-SU-2015:0229", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://ccsinjection.lepidum.co.jp", }, { name: "59435", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59435", }, { name: "HPSBHF03052", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141658880509699&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58615", }, { name: "HPSBST03265", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142546741516006&w=2", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676644", }, { name: "59231", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59231", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.ibm.com/support/docview.wss?uid=ssg1S1004671", }, { name: "SUSE-SU-2015:0578", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT6443", }, { name: "59211", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59211", }, { name: "58433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58433", }, { name: "60066", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60066", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/site/blogs/766093/posts/908133", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59301", }, { name: "60522", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60522", }, { name: "59784", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59784", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBST03097", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383410222440&w=2", }, { name: "20140607 Re: More OpenSSL issues", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Jun/38", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", }, { name: "59135", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59135", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "58759", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58759", }, { name: "59093", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59093", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://puppetlabs.com/security/cve/cve-2014-0224", }, { name: "59192", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "58579", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58579", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf", }, { name: "59040", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59040", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59175", }, { name: "60819", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60819", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59666", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download", }, { name: "58128", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58128", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59413", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676334", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037870", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59721", }, { name: "HPSBHF03145", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { name: "RHSA-2014:0680", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0680.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "59012", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59012", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "59362", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59362", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "HPSBMU03070", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140499864129699&w=2", }, { name: "RHSA-2014:0631", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0631.html", }, { name: "59338", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59338", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59450", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-1053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "VU#978508", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/978508", }, { name: "1031032", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1031032", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59491", }, { name: "59364", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59364", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues", }, { name: "59451", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59451", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58977", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676333", }, { name: "60571", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60571", }, { name: "59459", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59459", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676833", }, { name: "60577", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60577", }, { name: "59448", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59448", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=bc8923b1ec9c467755cd86f7848c50ee8812e441", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.blackberry.com/btsc/KB36051", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { name: "HPSBST03103", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141164638606214&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690", }, { name: "59885", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59885", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "59202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59202", }, { name: "RHSA-2014:0633", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0633.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=ssg1S1004678", }, { name: "59375", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59375", }, { name: "HPSBMU03083", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140983229106599&w=2", }, { name: "59528", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59528", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58337", }, { name: "59518", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59518", }, { name: "59389", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59389", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59162", }, { name: "59383", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59383", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677567", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29217", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59490", }, { name: "59916", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59916", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", }, { name: "HPSBMU03065", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037727", }, { name: "IT02314", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg1IT02314", }, { name: "59043", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59043", }, { name: "59347", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59347", }, { name: "60049", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60049", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676615", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-06-05T00:00:00", descriptions: [ { lang: "en", value: "OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the \"CCS Injection\" vulnerability.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-05T16:47:29", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59669", }, { name: "59525", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59525", }, { name: "HPSBMU03071", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140604261522465&w=2", }, { name: "59004", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59004", }, { name: "59530", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59530", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675626", }, { name: "59824", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59824", }, { name: "59282", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59282", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015300", }, { name: "59215", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59215", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103586", }, { name: "59990", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59990", }, { name: "59264", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59264", }, { name: "59454", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59454", }, { name: "58492", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58492", }, { name: "59186", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59186", }, { name: "59188", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59188", }, { name: "59126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59126", }, { name: "HPSBMU03078", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140672208601650&w=2", }, { name: "HPSBMU03089", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140784085708882&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015264", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html", }, { name: "59306", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59306", }, { name: "RHSA-2014:0627", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0627.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, { name: "HPSBGN03068", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140544599631400&w=2", }, { name: "RHSA-2014:0626", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0626.html", }, { name: "59190", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59190", }, { name: "58639", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58639", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676877", }, { name: "59446", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59446", }, { name: "59529", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59529", }, { name: "59445", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59445", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "59589", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59589", }, { name: "59894", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59894", }, { name: "59325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59325", }, { name: "59354", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59354", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037729", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677131", }, { name: "HPSBUX03046", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "61254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61254", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678233", }, { name: "59447", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59447", }, { name: "1031594", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1031594", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", }, { name: "59223", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59223", }, { name: "58743", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58743", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "58719", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58719", }, { name: "59449", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59449", }, { name: "59132", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59132", }, { name: "SSRT101818", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142350350616251&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { name: "HPSBST03098", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140870499402361&w=2", }, { name: "HPSBMU03058", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140386311427810&w=2", }, { name: "59442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59442", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { name: "HPSBST03195", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037761", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf", }, { name: "HPSBMU03094", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140852757108392&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://filezilla-project.org/versions.php?type=server", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676786", }, { name: "60567", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60567", }, { name: "59189", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59189", }, { name: "59368", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59368", }, { name: "MDVSA-2014:106", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "59142", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59142", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676478", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676845", }, { name: "58742", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58742", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.ibm.com/support/docview.wss?uid=ssg1S1004670", }, { name: "RHSA-2014:0624", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0624.html", }, { name: "59602", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59602", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kerio.com/support/kerio-control/release-history", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59300", }, { name: "58930", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58930", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677080", }, { name: "61815", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61815", }, { name: "58667", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58667", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677390", }, { name: "59191", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59191", }, { name: "59284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59284", }, { name: "59444", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59444", }, { tags: [ "x_refsource_MISC", ], url: "https://www.imperialviolet.org/2014/06/05/earlyccs.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59365", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "59305", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59305", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { name: "59483", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59483", }, { name: "58385", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58385", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "59495", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59495", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58945", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "HPSBST03106", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141025641601169&w=2", }, { name: "59659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59659", }, { name: "59440", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59440", }, { name: "openSUSE-SU-2016:0640", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { name: "59429", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59429", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59655", }, { name: "59370", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59370", }, { name: "59827", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59827", }, { name: "58660", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58660", }, { name: "59163", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59163", }, { name: "58716", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58716", }, { name: "59055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59055", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "60176", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60176", }, { name: "HPSBPI03107", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141147110427269&w=2", }, { name: "59101", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59101", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://esupport.trendmicro.com/solution/en-US/1103813.aspx", }, { name: "59374", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59374", }, { name: "59063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59063", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://discussions.nessus.org/thread/7517", }, { name: "59310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59310", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676501", }, { name: "HPSBMU03216", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142350350616251&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676536", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { name: "IV61506", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506", }, { name: "59502", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59502", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.splunk.com/view/SP-CAAAM2D", }, { name: "59878", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59878", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { name: "HPSBMU03101", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140852826008699&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { name: "59214", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59214", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBHF03088", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140794476212181&w=2", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.citrix.com/article/CTX140876", }, { name: "59167", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59167", }, { name: "59120", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59120", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037732", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172", }, { name: "HPSBMU03053", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140369637402535&w=2", }, { name: "59380", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59380", }, { name: "MDVSA-2014:105", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105", }, { name: "59460", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59460", }, { name: "59506", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59506", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59661", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59661", }, { name: "59514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59514", }, { name: "59677", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59677", }, { name: "RHSA-2014:0630", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0630.html", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { name: "RHSA-2014:0632", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0632.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037730", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037731", }, { name: "58745", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58745", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59438", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=isg3T1020948", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676496", }, { name: "58714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { name: "openSUSE-SU-2015:0229", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html", }, { tags: [ "x_refsource_MISC", ], url: "http://ccsinjection.lepidum.co.jp", }, { name: "59435", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59435", }, { name: "HPSBHF03052", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141658880509699&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58615", }, { name: "HPSBST03265", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142546741516006&w=2", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676644", }, { name: "59231", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59231", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.ibm.com/support/docview.wss?uid=ssg1S1004671", }, { name: "SUSE-SU-2015:0578", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT6443", }, { name: "59211", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59211", }, { name: "58433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58433", }, { name: "60066", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60066", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/site/blogs/766093/posts/908133", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59301", }, { name: "60522", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60522", }, { name: "59784", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59784", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBST03097", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383410222440&w=2", }, { name: "20140607 Re: More OpenSSL issues", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Jun/38", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", }, { name: "59135", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59135", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "58759", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58759", }, { name: "59093", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59093", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://puppetlabs.com/security/cve/cve-2014-0224", }, { name: "59192", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "58579", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58579", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf", }, { name: "59040", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59040", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59175", }, { name: "60819", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60819", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59666", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download", }, { name: "58128", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58128", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59413", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676334", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037870", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59721", }, { name: "HPSBHF03145", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { name: "RHSA-2014:0680", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0680.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "59012", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59012", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "59362", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59362", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "HPSBMU03070", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140499864129699&w=2", }, { name: "RHSA-2014:0631", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0631.html", }, { name: "59338", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59338", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59450", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-1053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "VU#978508", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/978508", }, { name: "1031032", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1031032", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59491", }, { name: "59364", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59364", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues", }, { name: "59451", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59451", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58977", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676333", }, { name: "60571", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60571", }, { name: "59459", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59459", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676833", }, { name: "60577", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60577", }, { name: "59448", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59448", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=bc8923b1ec9c467755cd86f7848c50ee8812e441", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.blackberry.com/btsc/KB36051", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { name: "HPSBST03103", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141164638606214&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690", }, { name: "59885", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59885", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "59202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59202", }, { name: "RHSA-2014:0633", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0633.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=ssg1S1004678", }, { name: "59375", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59375", }, { name: "HPSBMU03083", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140983229106599&w=2", }, { name: "59528", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59528", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58337", }, { name: "59518", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59518", }, { name: "59389", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59389", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59162", }, { name: "59383", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59383", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677567", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29217", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59490", }, { name: "59916", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59916", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", }, { name: "HPSBMU03065", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037727", }, { name: "IT02314", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", ], url: "http://www.ibm.com/support/docview.wss?uid=swg1IT02314", }, { name: "59043", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59043", }, { name: "59347", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59347", }, { name: "60049", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60049", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676615", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-0224", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the \"CCS Injection\" vulnerability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "59342", refsource: "SECUNIA", url: "http://secunia.com/advisories/59342", }, { name: "59669", refsource: "SECUNIA", url: "http://secunia.com/advisories/59669", }, { name: "59525", refsource: "SECUNIA", url: "http://secunia.com/advisories/59525", }, { name: "HPSBMU03071", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140604261522465&w=2", }, { name: "59004", refsource: "SECUNIA", url: "http://secunia.com/advisories/59004", }, { name: "59530", refsource: "SECUNIA", url: "http://secunia.com/advisories/59530", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21675626", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675626", }, { name: "59824", refsource: "SECUNIA", url: "http://secunia.com/advisories/59824", }, { name: "59282", refsource: "SECUNIA", url: "http://secunia.com/advisories/59282", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015300", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015300", }, { name: "59215", refsource: "SECUNIA", url: "http://secunia.com/advisories/59215", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1103586", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103586", }, { name: "59990", refsource: "SECUNIA", url: "http://secunia.com/advisories/59990", }, { name: "59264", refsource: "SECUNIA", url: "http://secunia.com/advisories/59264", }, { name: "59454", refsource: "SECUNIA", url: "http://secunia.com/advisories/59454", }, { name: "58492", refsource: "SECUNIA", url: "http://secunia.com/advisories/58492", }, { name: "59186", refsource: "SECUNIA", url: "http://secunia.com/advisories/59186", }, { name: "59188", refsource: "SECUNIA", url: "http://secunia.com/advisories/59188", }, { name: "59126", refsource: "SECUNIA", url: "http://secunia.com/advisories/59126", }, { name: "HPSBMU03078", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140672208601650&w=2", }, { name: "HPSBMU03089", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140784085708882&w=2", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015264", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015264", }, { name: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html", refsource: "CONFIRM", url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html", }, { name: "59306", refsource: "SECUNIA", url: "http://secunia.com/advisories/59306", }, { name: "RHSA-2014:0627", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0627.html", }, { name: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", refsource: "CONFIRM", url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, { name: "HPSBGN03068", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140544599631400&w=2", }, { name: "RHSA-2014:0626", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0626.html", }, { name: "59190", refsource: "SECUNIA", url: "http://secunia.com/advisories/59190", }, { name: "58639", refsource: "SECUNIA", url: "http://secunia.com/advisories/58639", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676877", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676877", }, { name: "59446", refsource: "SECUNIA", url: "http://secunia.com/advisories/59446", }, { name: "59529", refsource: "SECUNIA", url: "http://secunia.com/advisories/59529", }, { name: "59445", refsource: "SECUNIA", url: "http://secunia.com/advisories/59445", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "59589", refsource: "SECUNIA", url: "http://secunia.com/advisories/59589", }, { name: "59894", refsource: "SECUNIA", url: "http://secunia.com/advisories/59894", }, { name: "59325", refsource: "SECUNIA", url: "http://secunia.com/advisories/59325", }, { name: "59354", refsource: "SECUNIA", url: "http://secunia.com/advisories/59354", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg24037729", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037729", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677131", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677131", }, { name: "HPSBUX03046", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "61254", refsource: "SECUNIA", url: "http://secunia.com/advisories/61254", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678233", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678233", }, { name: "59447", refsource: "SECUNIA", url: "http://secunia.com/advisories/59447", }, { name: "1031594", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1031594", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { name: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", refsource: "CONFIRM", url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", }, { name: "59223", refsource: "SECUNIA", url: "http://secunia.com/advisories/59223", }, { name: "58743", refsource: "SECUNIA", url: "http://secunia.com/advisories/58743", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "58719", refsource: "SECUNIA", url: "http://secunia.com/advisories/58719", }, { name: "59449", refsource: "SECUNIA", url: "http://secunia.com/advisories/59449", }, { name: "59132", refsource: "SECUNIA", url: "http://secunia.com/advisories/59132", }, { name: "SSRT101818", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142350350616251&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { name: "HPSBST03098", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140870499402361&w=2", }, { name: "HPSBMU03058", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140386311427810&w=2", }, { name: "59442", refsource: "SECUNIA", url: "http://secunia.com/advisories/59442", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { name: "HPSBST03195", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg24037761", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037761", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", refsource: "SECUNIA", url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf", refsource: "CONFIRM", url: "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf", }, { name: "HPSBMU03094", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140852757108392&w=2", }, { name: "https://filezilla-project.org/versions.php?type=server", refsource: "CONFIRM", url: "https://filezilla-project.org/versions.php?type=server", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676786", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676786", }, { name: "60567", refsource: "SECUNIA", url: "http://secunia.com/advisories/60567", }, { name: "59189", refsource: "SECUNIA", url: "http://secunia.com/advisories/59189", }, { name: "59368", refsource: "SECUNIA", url: "http://secunia.com/advisories/59368", }, { name: "MDVSA-2014:106", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "59142", refsource: "SECUNIA", url: "http://secunia.com/advisories/59142", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676478", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676478", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676845", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676845", }, { name: "58742", refsource: "SECUNIA", url: "http://secunia.com/advisories/58742", }, { name: "https://www.ibm.com/support/docview.wss?uid=ssg1S1004670", refsource: "CONFIRM", url: "https://www.ibm.com/support/docview.wss?uid=ssg1S1004670", }, { name: "RHSA-2014:0624", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0624.html", }, { name: "59602", refsource: "SECUNIA", url: "http://secunia.com/advisories/59602", }, { name: "http://www.kerio.com/support/kerio-control/release-history", refsource: "CONFIRM", url: "http://www.kerio.com/support/kerio-control/release-history", }, { name: "59300", refsource: "SECUNIA", url: "http://secunia.com/advisories/59300", }, { name: "58930", refsource: "SECUNIA", url: "http://secunia.com/advisories/58930", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677080", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677080", }, { name: "61815", refsource: "SECUNIA", url: "http://secunia.com/advisories/61815", }, { name: "58667", refsource: "SECUNIA", url: "http://secunia.com/advisories/58667", }, { name: "GLSA-201407-05", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677390", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677390", }, { name: "59191", refsource: "SECUNIA", url: "http://secunia.com/advisories/59191", }, { name: "59284", refsource: "SECUNIA", url: "http://secunia.com/advisories/59284", }, { name: "59444", refsource: "SECUNIA", url: "http://secunia.com/advisories/59444", }, { name: "https://www.imperialviolet.org/2014/06/05/earlyccs.html", refsource: "MISC", url: "https://www.imperialviolet.org/2014/06/05/earlyccs.html", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg24037783", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", refsource: "SECUNIA", url: "http://secunia.com/advisories/59365", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "59305", refsource: "SECUNIA", url: "http://secunia.com/advisories/59305", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { name: "59483", refsource: "SECUNIA", url: "http://secunia.com/advisories/59483", }, { name: "58385", refsource: "SECUNIA", url: "http://secunia.com/advisories/58385", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "59495", refsource: "SECUNIA", url: "http://secunia.com/advisories/59495", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", refsource: "SECUNIA", url: "http://secunia.com/advisories/58945", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "HPSBST03106", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141025641601169&w=2", }, { name: "59659", refsource: "SECUNIA", url: "http://secunia.com/advisories/59659", }, { name: "59440", refsource: "SECUNIA", url: "http://secunia.com/advisories/59440", }, { name: "openSUSE-SU-2016:0640", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { name: "59429", refsource: "SECUNIA", url: "http://secunia.com/advisories/59429", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", refsource: "SECUNIA", url: "http://secunia.com/advisories/59655", }, { name: "59370", refsource: "SECUNIA", url: "http://secunia.com/advisories/59370", }, { name: "59827", refsource: "SECUNIA", url: "http://secunia.com/advisories/59827", }, { name: "58660", refsource: "SECUNIA", url: "http://secunia.com/advisories/58660", }, { name: "59163", refsource: "SECUNIA", url: "http://secunia.com/advisories/59163", }, { name: "58716", refsource: "SECUNIA", url: "http://secunia.com/advisories/58716", }, { name: "59055", refsource: "SECUNIA", url: "http://secunia.com/advisories/59055", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", refsource: "SECUNIA", url: "http://secunia.com/advisories/59437", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "60176", refsource: "SECUNIA", url: "http://secunia.com/advisories/60176", }, { name: "HPSBPI03107", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141147110427269&w=2", }, { name: "59101", refsource: "SECUNIA", url: "http://secunia.com/advisories/59101", }, { name: "http://esupport.trendmicro.com/solution/en-US/1103813.aspx", refsource: "CONFIRM", url: "http://esupport.trendmicro.com/solution/en-US/1103813.aspx", }, { name: "59374", refsource: "SECUNIA", url: "http://secunia.com/advisories/59374", }, { name: "59063", refsource: "SECUNIA", url: "http://secunia.com/advisories/59063", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "https://discussions.nessus.org/thread/7517", refsource: "CONFIRM", url: "https://discussions.nessus.org/thread/7517", }, { name: "59310", refsource: "SECUNIA", url: "http://secunia.com/advisories/59310", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676501", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676501", }, { name: "HPSBMU03216", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142350350616251&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676536", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676536", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", refsource: "CONFIRM", url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { name: "IV61506", refsource: "AIXAPAR", url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506", }, { name: "59502", refsource: "SECUNIA", url: "http://secunia.com/advisories/59502", }, { name: "http://www.splunk.com/view/SP-CAAAM2D", refsource: "CONFIRM", url: "http://www.splunk.com/view/SP-CAAAM2D", }, { name: "59878", refsource: "SECUNIA", url: "http://secunia.com/advisories/59878", }, { name: "http://www.fortiguard.com/advisory/FG-IR-14-018/", refsource: "CONFIRM", url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { name: "HPSBMU03101", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140852826008699&w=2", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676793", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { name: "59214", refsource: "SECUNIA", url: "http://secunia.com/advisories/59214", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676356", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBHF03088", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140794476212181&w=2", }, { name: "HPSBMU03057", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { name: "http://support.citrix.com/article/CTX140876", refsource: "CONFIRM", url: "http://support.citrix.com/article/CTX140876", }, { name: "59167", refsource: "SECUNIA", url: "http://secunia.com/advisories/59167", }, { name: "59120", refsource: "SECUNIA", url: "http://secunia.com/advisories/59120", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg24037732", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037732", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172", }, { name: "HPSBMU03053", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140369637402535&w=2", }, { name: "59380", refsource: "SECUNIA", url: "http://secunia.com/advisories/59380", }, { name: "MDVSA-2014:105", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105", }, { name: "59460", refsource: "SECUNIA", url: "http://secunia.com/advisories/59460", }, { name: "59506", refsource: "SECUNIA", url: "http://secunia.com/advisories/59506", }, { name: "58939", refsource: "SECUNIA", url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59661", refsource: "SECUNIA", url: "http://secunia.com/advisories/59661", }, { name: "59514", refsource: "SECUNIA", url: "http://secunia.com/advisories/59514", }, { name: "59677", refsource: "SECUNIA", url: "http://secunia.com/advisories/59677", }, { name: "RHSA-2014:0630", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0630.html", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { name: "RHSA-2014:0632", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0632.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg24037730", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037730", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg24037731", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037731", }, { name: "58745", refsource: "SECUNIA", url: "http://secunia.com/advisories/58745", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", refsource: "SECUNIA", url: "http://secunia.com/advisories/59438", }, { name: "http://www.ibm.com/support/docview.wss?uid=isg3T1020948", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=isg3T1020948", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676496", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676496", }, { name: "58714", refsource: "SECUNIA", url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { name: "openSUSE-SU-2015:0229", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html", }, { name: "http://ccsinjection.lepidum.co.jp", refsource: "MISC", url: "http://ccsinjection.lepidum.co.jp", }, { name: "59435", refsource: "SECUNIA", url: "http://secunia.com/advisories/59435", }, { name: "HPSBHF03052", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141658880509699&w=2", }, { name: "http://www.openssl.org/news/secadv_20140605.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", refsource: "SECUNIA", url: "http://secunia.com/advisories/58615", }, { name: "HPSBST03265", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142546741516006&w=2", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676644", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676644", }, { name: "59231", refsource: "SECUNIA", url: "http://secunia.com/advisories/59231", }, { name: "https://www.ibm.com/support/docview.wss?uid=ssg1S1004671", refsource: "CONFIRM", url: "https://www.ibm.com/support/docview.wss?uid=ssg1S1004671", }, { name: "SUSE-SU-2015:0578", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", }, { name: "http://support.apple.com/kb/HT6443", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT6443", }, { name: "59211", refsource: "SECUNIA", url: "http://secunia.com/advisories/59211", }, { name: "58433", refsource: "SECUNIA", url: "http://secunia.com/advisories/58433", }, { name: "60066", refsource: "SECUNIA", url: "http://secunia.com/advisories/60066", }, { name: "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html", refsource: "CONFIRM", url: "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html", }, { name: "https://access.redhat.com/site/blogs/766093/posts/908133", refsource: "CONFIRM", url: "https://access.redhat.com/site/blogs/766093/posts/908133", }, { name: "59301", refsource: "SECUNIA", url: "http://secunia.com/advisories/59301", }, { name: "60522", refsource: "SECUNIA", url: "http://secunia.com/advisories/60522", }, { name: "59784", refsource: "SECUNIA", url: "http://secunia.com/advisories/59784", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA80", refsource: "CONFIRM", url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBST03097", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383410222440&w=2", }, { name: "20140607 Re: More OpenSSL issues", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Jun/38", }, { name: "HPSBMU03076", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { name: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", refsource: "CONFIRM", url: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", }, { name: "59135", refsource: "SECUNIA", url: "http://secunia.com/advisories/59135", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "58759", refsource: "SECUNIA", url: "http://secunia.com/advisories/58759", }, { name: "59093", refsource: "SECUNIA", url: "http://secunia.com/advisories/59093", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740", }, { name: "http://puppetlabs.com/security/cve/cve-2014-0224", refsource: "CONFIRM", url: "http://puppetlabs.com/security/cve/cve-2014-0224", }, { name: "59192", refsource: "SECUNIA", url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "58579", refsource: "SECUNIA", url: "http://secunia.com/advisories/58579", }, { name: "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf", refsource: "CONFIRM", url: "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf", }, { name: "59040", refsource: "SECUNIA", url: "http://secunia.com/advisories/59040", }, { name: "HPSBMU03056", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", refsource: "SECUNIA", url: "http://secunia.com/advisories/59175", }, { name: "60819", refsource: "SECUNIA", url: "http://secunia.com/advisories/60819", }, { name: "HPSBMU03051", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", refsource: "SECUNIA", url: "http://secunia.com/advisories/59666", }, { name: "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download", refsource: "CONFIRM", url: "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download", }, { name: "58128", refsource: "SECUNIA", url: "http://secunia.com/advisories/58128", }, { name: "HPSBMU03055", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", refsource: "SECUNIA", url: "http://secunia.com/advisories/59413", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676334", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676334", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg24037870", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037870", }, { name: "59721", refsource: "SECUNIA", url: "http://secunia.com/advisories/59721", }, { name: "HPSBHF03145", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { name: "RHSA-2014:0680", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0680.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "59012", refsource: "SECUNIA", url: "http://secunia.com/advisories/59012", }, { name: "58713", refsource: "SECUNIA", url: "http://secunia.com/advisories/58713", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "59362", refsource: "SECUNIA", url: "http://secunia.com/advisories/59362", }, { name: "MDVSA-2015:062", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "HPSBMU03070", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140499864129699&w=2", }, { name: "RHSA-2014:0631", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0631.html", }, { name: "59338", refsource: "SECUNIA", url: "http://secunia.com/advisories/59338", }, { name: "59450", refsource: "SECUNIA", url: "http://secunia.com/advisories/59450", }, { name: "http://linux.oracle.com/errata/ELSA-2014-1053.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-1053.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "VU#978508", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/978508", }, { name: "1031032", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1031032", }, { name: "59287", refsource: "SECUNIA", url: "http://secunia.com/advisories/59287", }, { name: "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1", refsource: "CONFIRM", url: "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", refsource: "SECUNIA", url: "http://secunia.com/advisories/59491", }, { name: "59364", refsource: "SECUNIA", url: "http://secunia.com/advisories/59364", }, { name: "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues", refsource: "CONFIRM", url: "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues", }, { name: "59451", refsource: "SECUNIA", url: "http://secunia.com/advisories/59451", }, { name: "58977", refsource: "SECUNIA", url: "http://secunia.com/advisories/58977", }, { name: "https://www.novell.com/support/kb/doc.php?id=7015271", refsource: "CONFIRM", url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676333", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676333", }, { name: "60571", refsource: "SECUNIA", url: "http://secunia.com/advisories/60571", }, { name: "59459", refsource: "SECUNIA", url: "http://secunia.com/advisories/59459", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676833", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676833", }, { name: "60577", refsource: "SECUNIA", url: "http://secunia.com/advisories/60577", }, { name: "59448", refsource: "SECUNIA", url: "http://secunia.com/advisories/59448", }, { name: "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=bc8923b1ec9c467755cd86f7848c50ee8812e441", refsource: "CONFIRM", url: "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=bc8923b1ec9c467755cd86f7848c50ee8812e441", }, { name: "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf", refsource: "CONFIRM", url: "https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf", }, { name: "http://www.blackberry.com/btsc/KB36051", refsource: "CONFIRM", url: "http://www.blackberry.com/btsc/KB36051", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { name: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", refsource: "CONFIRM", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { name: "HPSBST03103", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141164638606214&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690", }, { name: "59885", refsource: "SECUNIA", url: "http://secunia.com/advisories/59885", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "59202", refsource: "SECUNIA", url: "http://secunia.com/advisories/59202", }, { name: "RHSA-2014:0633", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0633.html", }, { name: "http://www.ibm.com/support/docview.wss?uid=ssg1S1004678", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=ssg1S1004678", }, { name: "59375", refsource: "SECUNIA", url: "http://secunia.com/advisories/59375", }, { name: "HPSBMU03083", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140983229106599&w=2", }, { name: "59528", refsource: "SECUNIA", url: "http://secunia.com/advisories/59528", }, { name: "58337", refsource: "SECUNIA", url: "http://secunia.com/advisories/58337", }, { name: "59518", refsource: "SECUNIA", url: "http://secunia.com/advisories/59518", }, { name: "59389", refsource: "SECUNIA", url: "http://secunia.com/advisories/59389", }, { name: "59162", refsource: "SECUNIA", url: "http://secunia.com/advisories/59162", }, { name: "59383", refsource: "SECUNIA", url: "http://secunia.com/advisories/59383", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677567", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677567", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29217", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29217", }, { name: "59490", refsource: "SECUNIA", url: "http://secunia.com/advisories/59490", }, { name: "59916", refsource: "SECUNIA", url: "http://secunia.com/advisories/59916", }, { name: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", refsource: "CONFIRM", url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", }, { name: "HPSBMU03065", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg24037727", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037727", }, { name: "IT02314", refsource: "AIXAPAR", url: "http://www.ibm.com/support/docview.wss?uid=swg1IT02314", }, { name: "59043", refsource: "SECUNIA", url: "http://secunia.com/advisories/59043", }, { name: "59347", refsource: "SECUNIA", url: "http://secunia.com/advisories/59347", }, { name: "60049", refsource: "SECUNIA", url: "http://secunia.com/advisories/60049", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676615", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676615", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005", refsource: "MISC", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-0224", datePublished: "2014-06-05T21:00:00", dateReserved: "2013-12-03T00:00:00", dateUpdated: "2024-08-06T09:05:39.462Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2010-5298 (GCVE-0-2010-5298)
Vulnerability from cvelistv5
Published
2014-04-14 16:00
Modified
2024-08-07 04:17
Severity ?
EPSS score ?
Summary
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T04:17:10.312Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59669", }, { name: "66801", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66801", }, { name: "HPSBGN03068", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140544599631400&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59300", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://rt.openssl.org/Ticket/Display.html?id=3265&user=guest&pass=guest", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "MDVSA-2014:090", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:090", }, { name: "59440", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59440", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59655", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.citrix.com/article/CTX140876", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191&view=markup", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0187.html", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58939", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59438", }, { name: "HPSBHF03052", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141658880509699&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59301", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59413", }, { name: "[5.5] 004: SECURITY FIX: April 12, 2014", tags: [ "vendor-advisory", "x_refsource_OPENBSD", "x_transferred", ], url: "http://www.openbsd.org/errata55.html#004_openssl", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59721", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59450", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58977", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.blackberry.com/btsc/KB36051", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58337", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59162", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59490", }, { name: "[oss-security] 20140412 Use-after-free race condition,in OpenSSL's read buffer", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2014/04/13/1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-02-08T00:00:00", descriptions: [ { lang: "en", value: "Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59669", }, { name: "66801", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66801", }, { name: "HPSBGN03068", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140544599631400&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59300", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { tags: [ "x_refsource_MISC", ], url: "https://rt.openssl.org/Ticket/Display.html?id=3265&user=guest&pass=guest", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "MDVSA-2014:090", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:090", }, { name: "59440", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59440", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59655", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.citrix.com/article/CTX140876", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191&view=markup", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0187.html", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58939", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59438", }, { name: "HPSBHF03052", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141658880509699&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59301", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59413", }, { name: "[5.5] 004: SECURITY FIX: April 12, 2014", tags: [ "vendor-advisory", "x_refsource_OPENBSD", ], url: "http://www.openbsd.org/errata55.html#004_openssl", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59721", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59450", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58977", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { tags: [ "x_refsource_MISC", ], url: "http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse", }, { tags: [ "x_refsource_MISC", ], url: "https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.blackberry.com/btsc/KB36051", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58337", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59162", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59490", }, { name: "[oss-security] 20140412 Use-after-free race condition,in OpenSSL's read buffer", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2014/04/13/1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-5298", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "59342", refsource: "SECUNIA", url: "http://secunia.com/advisories/59342", }, { name: "59669", refsource: "SECUNIA", url: "http://secunia.com/advisories/59669", }, { name: "66801", refsource: "BID", url: "http://www.securityfocus.com/bid/66801", }, { name: "HPSBGN03068", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140544599631400&w=2", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "HPSBMU03074", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59300", refsource: "SECUNIA", url: "http://secunia.com/advisories/59300", }, { name: "GLSA-201407-05", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "https://rt.openssl.org/Ticket/Display.html?id=3265&user=guest&pass=guest", refsource: "MISC", url: "https://rt.openssl.org/Ticket/Display.html?id=3265&user=guest&pass=guest", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg24037783", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "MDVSA-2014:090", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:090", }, { name: "59440", refsource: "SECUNIA", url: "http://secunia.com/advisories/59440", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", refsource: "SECUNIA", url: "http://secunia.com/advisories/59655", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", refsource: "SECUNIA", url: "http://secunia.com/advisories/59437", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "http://www.fortiguard.com/advisory/FG-IR-14-018/", refsource: "CONFIRM", url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676356", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { name: "http://support.citrix.com/article/CTX140876", refsource: "CONFIRM", url: "http://support.citrix.com/article/CTX140876", }, { name: "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191&view=markup", refsource: "CONFIRM", url: "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191&view=markup", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "http://advisories.mageia.org/MGASA-2014-0187.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0187.html", }, { name: "58939", refsource: "SECUNIA", url: "http://secunia.com/advisories/58939", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", refsource: "SECUNIA", url: "http://secunia.com/advisories/59438", }, { name: "HPSBHF03052", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141658880509699&w=2", }, { name: "http://www.openssl.org/news/secadv_20140605.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "59301", refsource: "SECUNIA", url: "http://secunia.com/advisories/59301", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA80", refsource: "CONFIRM", url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "FEDORA-2014-9301", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "HPSBMU03056", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "HPSBMU03051", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", refsource: "SECUNIA", url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", refsource: "SECUNIA", url: "http://secunia.com/advisories/59413", }, { name: "[5.5] 004: SECURITY FIX: April 12, 2014", refsource: "OPENBSD", url: "http://www.openbsd.org/errata55.html#004_openssl", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { name: "http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig", refsource: "CONFIRM", url: "http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig", }, { name: "59721", refsource: "SECUNIA", url: "http://secunia.com/advisories/59721", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", refsource: "SECUNIA", url: "http://secunia.com/advisories/58713", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", refsource: "SECUNIA", url: "http://secunia.com/advisories/59450", }, { name: "59287", refsource: "SECUNIA", url: "http://secunia.com/advisories/59287", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "58977", refsource: "SECUNIA", url: "http://secunia.com/advisories/58977", }, { name: "https://www.novell.com/support/kb/doc.php?id=7015271", refsource: "CONFIRM", url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse", refsource: "MISC", url: "http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse", }, { name: "https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest", refsource: "MISC", url: "https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest", }, { name: "http://www.blackberry.com/btsc/KB36051", refsource: "CONFIRM", url: "http://www.blackberry.com/btsc/KB36051", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { name: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", refsource: "CONFIRM", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "58337", refsource: "SECUNIA", url: "http://secunia.com/advisories/58337", }, { name: "59162", refsource: "SECUNIA", url: "http://secunia.com/advisories/59162", }, { name: "59490", refsource: "SECUNIA", url: "http://secunia.com/advisories/59490", }, { name: "[oss-security] 20140412 Use-after-free race condition,in OpenSSL's read buffer", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2014/04/13/1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-5298", datePublished: "2014-04-14T16:00:00", dateReserved: "2014-04-14T00:00:00", dateUpdated: "2024-08-07T04:17:10.312Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-3470 (GCVE-0-2014-3470)
Vulnerability from cvelistv5
Published
2014-06-05 21:00
Modified
2024-08-06 10:43
Severity ?
EPSS score ?
Summary
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:43:06.356Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59669", }, { name: "59525", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59525", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675626", }, { name: "59282", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59282", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015300", }, { name: "59990", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59990", }, { name: "59264", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59264", }, { name: "59126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59126", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015264", }, { name: "59306", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59306", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { name: "59445", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59445", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "HPSBUX03046", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59340", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59340", }, { name: "61254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61254", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", }, { name: "59223", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59223", }, { name: "59895", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59895", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=8011cd56e39a433b1837465259a9bd24a38727fb", }, { name: "59449", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59449", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { name: "59442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59442", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037761", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59189", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59189", }, { name: "MDVSA-2014:106", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "58742", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58742", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59300", }, { name: "58667", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58667", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "59191", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59191", }, { name: "59284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59284", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59365", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { name: "59483", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59483", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "59495", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59495", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58945", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "59659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59659", }, { name: "59440", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59440", }, { name: "openSUSE-SU-2016:0640", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59655", }, { name: "58716", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58716", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59310", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676501", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.splunk.com/view/SP-CAAAM2D", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.citrix.com/article/CTX140876", }, { name: "59167", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59167", }, { name: "59120", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59120", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "HPSBMU03069", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140499827729550&w=2", }, { name: "MDVSA-2014:105", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105", }, { name: "59460", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59460", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59514", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59438", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676496", }, { name: "58714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58615", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "SUSE-SU-2015:0578", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT6443", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59301", }, { name: "59784", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59784", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "67898", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/67898", }, { name: "59192", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "58579", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58579", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59175", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59413", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59721", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "59362", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59362", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59450", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59491", }, { name: "59364", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59364", }, { name: "59451", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59451", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58977", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60571", }, { name: "59459", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59459", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.blackberry.com/btsc/KB36051", }, { name: "59431", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59431", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58337", }, { name: "59518", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59518", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59162", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103600", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59490", }, { name: "59916", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59916", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", }, { name: "HPSBMU03065", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, { name: "58797", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58797", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676615", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-06-05T00:00:00", descriptions: [ { lang: "en", value: "The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-10T14:06:38", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59669", }, { name: "59525", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59525", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675626", }, { name: "59282", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59282", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015300", }, { name: "59990", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59990", }, { name: "59264", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59264", }, { name: "59126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59126", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015264", }, { name: "59306", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59306", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { name: "59445", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59445", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "HPSBUX03046", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59340", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59340", }, { name: "61254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61254", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", }, { name: "59223", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59223", }, { name: "59895", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59895", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=8011cd56e39a433b1837465259a9bd24a38727fb", }, { name: "59449", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59449", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { name: "59442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59442", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037761", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59189", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59189", }, { name: "MDVSA-2014:106", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "58742", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58742", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59300", }, { name: "58667", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58667", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "59191", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59191", }, { name: "59284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59284", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59365", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { name: "59483", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59483", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "59495", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59495", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58945", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "59659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59659", }, { name: "59440", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59440", }, { name: "openSUSE-SU-2016:0640", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59655", }, { name: "58716", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58716", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59310", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676501", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.splunk.com/view/SP-CAAAM2D", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.citrix.com/article/CTX140876", }, { name: "59167", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59167", }, { name: "59120", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59120", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "HPSBMU03069", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140499827729550&w=2", }, { name: "MDVSA-2014:105", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105", }, { name: "59460", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59460", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59514", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59438", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676496", }, { name: "58714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58615", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "SUSE-SU-2015:0578", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT6443", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59301", }, { name: "59784", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59784", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "67898", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/67898", }, { name: "59192", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "58579", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58579", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59175", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59413", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59721", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "59362", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59362", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59450", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59491", }, { name: "59364", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59364", }, { name: "59451", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59451", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58977", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60571", }, { name: "59459", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59459", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.blackberry.com/btsc/KB36051", }, { name: "59431", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59431", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58337", }, { name: "59518", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59518", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59162", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103600", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59490", }, { name: "59916", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59916", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", }, { name: "HPSBMU03065", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, { name: "58797", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58797", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676615", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-3470", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "59342", refsource: "SECUNIA", url: "http://secunia.com/advisories/59342", }, { name: "59669", refsource: "SECUNIA", url: "http://secunia.com/advisories/59669", }, { name: "59525", refsource: "SECUNIA", url: "http://secunia.com/advisories/59525", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21675626", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675626", }, { name: "59282", refsource: "SECUNIA", url: "http://secunia.com/advisories/59282", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015300", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015300", }, { name: "59990", refsource: "SECUNIA", url: "http://secunia.com/advisories/59990", }, { name: "59264", refsource: "SECUNIA", url: "http://secunia.com/advisories/59264", }, { name: "59126", refsource: "SECUNIA", url: "http://secunia.com/advisories/59126", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015264", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015264", }, { name: "59306", refsource: "SECUNIA", url: "http://secunia.com/advisories/59306", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { name: "59445", refsource: "SECUNIA", url: "http://secunia.com/advisories/59445", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "HPSBUX03046", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59340", refsource: "SECUNIA", url: "http://secunia.com/advisories/59340", }, { name: "61254", refsource: "SECUNIA", url: "http://secunia.com/advisories/61254", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", }, { name: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", refsource: "CONFIRM", url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E", }, { name: "59223", refsource: "SECUNIA", url: "http://secunia.com/advisories/59223", }, { name: "59895", refsource: "SECUNIA", url: "http://secunia.com/advisories/59895", }, { name: "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8011cd56e39a433b1837465259a9bd24a38727fb", refsource: "CONFIRM", url: "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8011cd56e39a433b1837465259a9bd24a38727fb", }, { name: "59449", refsource: "SECUNIA", url: "http://secunia.com/advisories/59449", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { name: "59442", refsource: "SECUNIA", url: "http://secunia.com/advisories/59442", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg24037761", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg24037761", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", refsource: "SECUNIA", url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59189", refsource: "SECUNIA", url: "http://secunia.com/advisories/59189", }, { name: "MDVSA-2014:106", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "58742", refsource: "SECUNIA", url: "http://secunia.com/advisories/58742", }, { name: "59300", refsource: "SECUNIA", url: "http://secunia.com/advisories/59300", }, { name: "58667", refsource: "SECUNIA", url: "http://secunia.com/advisories/58667", }, { name: "GLSA-201407-05", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "59191", refsource: "SECUNIA", url: "http://secunia.com/advisories/59191", }, { name: "59284", refsource: "SECUNIA", url: "http://secunia.com/advisories/59284", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg24037783", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", refsource: "SECUNIA", url: "http://secunia.com/advisories/59365", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676529", }, { name: "59483", refsource: "SECUNIA", url: "http://secunia.com/advisories/59483", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "59495", refsource: "SECUNIA", url: "http://secunia.com/advisories/59495", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", refsource: "SECUNIA", url: "http://secunia.com/advisories/58945", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "59659", refsource: "SECUNIA", url: "http://secunia.com/advisories/59659", }, { name: "59440", refsource: "SECUNIA", url: "http://secunia.com/advisories/59440", }, { name: "openSUSE-SU-2016:0640", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", refsource: "SECUNIA", url: "http://secunia.com/advisories/59655", }, { name: "58716", refsource: "SECUNIA", url: "http://secunia.com/advisories/58716", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677836", }, { name: "59437", refsource: "SECUNIA", url: "http://secunia.com/advisories/59437", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", refsource: "SECUNIA", url: "http://secunia.com/advisories/59310", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676501", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676501", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", refsource: "CONFIRM", url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { name: "http://www.splunk.com/view/SP-CAAAM2D", refsource: "CONFIRM", url: "http://www.splunk.com/view/SP-CAAAM2D", }, { name: "SUSE-SU-2015:0743", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676793", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676356", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { name: "http://support.citrix.com/article/CTX140876", refsource: "CONFIRM", url: "http://support.citrix.com/article/CTX140876", }, { name: "59167", refsource: "SECUNIA", url: "http://secunia.com/advisories/59167", }, { name: "59120", refsource: "SECUNIA", url: "http://secunia.com/advisories/59120", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "HPSBMU03069", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140499827729550&w=2", }, { name: "MDVSA-2014:105", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:105", }, { name: "59460", refsource: "SECUNIA", url: "http://secunia.com/advisories/59460", }, { name: "58939", refsource: "SECUNIA", url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59514", refsource: "SECUNIA", url: "http://secunia.com/advisories/59514", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "59438", refsource: "SECUNIA", url: "http://secunia.com/advisories/59438", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676496", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676496", }, { name: "58714", refsource: "SECUNIA", url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { name: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html", refsource: "CONFIRM", url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html", }, { name: "http://www.openssl.org/news/secadv_20140605.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", refsource: "SECUNIA", url: "http://secunia.com/advisories/58615", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "SUSE-SU-2015:0578", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", }, { name: "http://support.apple.com/kb/HT6443", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT6443", }, { name: "59301", refsource: "SECUNIA", url: "http://secunia.com/advisories/59301", }, { name: "59784", refsource: "SECUNIA", url: "http://secunia.com/advisories/59784", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA80", refsource: "CONFIRM", url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { name: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", refsource: "CONFIRM", url: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "67898", refsource: "BID", url: "http://www.securityfocus.com/bid/67898", }, { name: "59192", refsource: "SECUNIA", url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "58579", refsource: "SECUNIA", url: "http://secunia.com/advisories/58579", }, { name: "HPSBMU03056", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", refsource: "SECUNIA", url: "http://secunia.com/advisories/59175", }, { name: "HPSBMU03051", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", refsource: "SECUNIA", url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", refsource: "SECUNIA", url: "http://secunia.com/advisories/59413", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { name: "59721", refsource: "SECUNIA", url: "http://secunia.com/advisories/59721", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "58713", refsource: "SECUNIA", url: "http://secunia.com/advisories/58713", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "59362", refsource: "SECUNIA", url: "http://secunia.com/advisories/59362", }, { name: "MDVSA-2015:062", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", refsource: "SECUNIA", url: "http://secunia.com/advisories/59450", }, { name: "59287", refsource: "SECUNIA", url: "http://secunia.com/advisories/59287", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", refsource: "SECUNIA", url: "http://secunia.com/advisories/59491", }, { name: "59364", refsource: "SECUNIA", url: "http://secunia.com/advisories/59364", }, { name: "59451", refsource: "SECUNIA", url: "http://secunia.com/advisories/59451", }, { name: "58977", refsource: "SECUNIA", url: "http://secunia.com/advisories/58977", }, { name: "https://www.novell.com/support/kb/doc.php?id=7015271", refsource: "CONFIRM", url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", refsource: "SECUNIA", url: "http://secunia.com/advisories/60571", }, { name: "59459", refsource: "SECUNIA", url: "http://secunia.com/advisories/59459", }, { name: "http://www.blackberry.com/btsc/KB36051", refsource: "CONFIRM", url: "http://www.blackberry.com/btsc/KB36051", }, { name: "59431", refsource: "SECUNIA", url: "http://secunia.com/advisories/59431", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { name: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", refsource: "CONFIRM", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "58337", refsource: "SECUNIA", url: "http://secunia.com/advisories/58337", }, { name: "59518", refsource: "SECUNIA", url: "http://secunia.com/advisories/59518", }, { name: "59162", refsource: "SECUNIA", url: "http://secunia.com/advisories/59162", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1103600", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103600", }, { name: "59490", refsource: "SECUNIA", url: "http://secunia.com/advisories/59490", }, { name: "59916", refsource: "SECUNIA", url: "http://secunia.com/advisories/59916", }, { name: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", refsource: "CONFIRM", url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E", }, { name: "HPSBMU03065", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, { name: "58797", refsource: "SECUNIA", url: "http://secunia.com/advisories/58797", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676615", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676615", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3470", datePublished: "2014-06-05T21:00:00", dateReserved: "2014-05-14T00:00:00", dateUpdated: "2024-08-06T10:43:06.356Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-0195 (GCVE-0-2014-0195)
Vulnerability from cvelistv5
Published
2014-06-05 21:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:05:39.286Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59669", }, { name: "59530", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59530", }, { name: "59990", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59990", }, { name: "1030337", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1030337", }, { name: "59454", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59454", }, { name: "59188", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59188", }, { name: "59126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59126", }, { name: "59306", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59306", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "SSRT101846", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142660345230545&w=2", }, { name: "HPSBUX03046", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "61254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61254", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103598", }, { name: "59223", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59223", }, { name: "59895", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59895", }, { name: "58743", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58743", }, { name: "59449", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59449", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59189", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59189", }, { name: "MDVSA-2014:106", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59300", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "HPSBHF03293", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142660345230545&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59365", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "59305", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59305", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58945", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "58883", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58883", }, { name: "59659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59659", }, { name: "openSUSE-SU-2016:0640", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { name: "59429", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59429", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59655", }, { name: "58660", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58660", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "67900", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/67900", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59310", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.citrix.com/article/CTX140876", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=1632ef744872edc2aa2a53d487d3e79c965a4ad3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "HPSBMU03069", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140499827729550&w=2", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59514", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/ZDI-14-173-CVE-2014-0195-OpenSSL-DTLS-Fragment-Out-of-Bounds/ba-p/6501002", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "58714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58615", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15356.html", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676644", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT6443", }, { name: "59587", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59587", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59301", }, { name: "59784", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59784", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "59192", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "59040", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59040", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59175", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59413", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59721", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Once-Bled-Twice-Shy-OpenSSL-CVE-2014-0195/ba-p/6501048", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59450", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59491", }, { name: "59364", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59364", }, { name: "59451", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59451", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58977", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60571", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.blackberry.com/btsc/KB36051", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "59528", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59528", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58337", }, { name: "59518", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59518", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59162", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59490", }, { name: "HPSBMU03065", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-06-05T00:00:00", descriptions: [ { lang: "en", value: "The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "59342", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59342", }, { name: "59669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59669", }, { name: "59530", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59530", }, { name: "59990", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59990", }, { name: "1030337", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1030337", }, { name: "59454", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59454", }, { name: "59188", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59188", }, { name: "59126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59126", }, { name: "59306", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59306", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "SSRT101846", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142660345230545&w=2", }, { name: "HPSBUX03046", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "61254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61254", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103598", }, { name: "59223", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59223", }, { name: "59895", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59895", }, { name: "58743", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58743", }, { name: "59449", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59449", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59189", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59189", }, { name: "MDVSA-2014:106", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "59300", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59300", }, { name: "GLSA-201407-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "HPSBHF03293", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142660345230545&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59365", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "59305", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59305", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58945", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "58883", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58883", }, { name: "59659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59659", }, { name: "openSUSE-SU-2016:0640", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { name: "59429", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59429", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59655", }, { name: "58660", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58660", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { name: "59437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59437", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "67900", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/67900", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59310", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.citrix.com/article/CTX140876", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=1632ef744872edc2aa2a53d487d3e79c965a4ad3", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "HPSBMU03069", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140499827729550&w=2", }, { name: "58939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59514", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { tags: [ "x_refsource_MISC", ], url: "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/ZDI-14-173-CVE-2014-0195-OpenSSL-DTLS-Fragment-Out-of-Bounds/ba-p/6501002", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "58714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58615", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15356.html", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676644", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT6443", }, { name: "59587", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59587", }, { name: "59301", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59301", }, { name: "59784", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59784", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "59192", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "59040", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59040", }, { name: "HPSBMU03056", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59175", }, { name: "HPSBMU03051", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59413", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { name: "59721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59721", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { tags: [ "x_refsource_MISC", ], url: "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Once-Bled-Twice-Shy-OpenSSL-CVE-2014-0195/ba-p/6501048", }, { name: "58713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58713", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59450", }, { name: "59287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59287", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59491", }, { name: "59364", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59364", }, { name: "59451", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59451", }, { name: "58977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58977", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60571", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.blackberry.com/btsc/KB36051", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "59528", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59528", }, { name: "58337", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58337", }, { name: "59518", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59518", }, { name: "59162", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59162", }, { name: "59490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59490", }, { name: "HPSBMU03065", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-0195", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "59342", refsource: "SECUNIA", url: "http://secunia.com/advisories/59342", }, { name: "59669", refsource: "SECUNIA", url: "http://secunia.com/advisories/59669", }, { name: "59530", refsource: "SECUNIA", url: "http://secunia.com/advisories/59530", }, { name: "59990", refsource: "SECUNIA", url: "http://secunia.com/advisories/59990", }, { name: "1030337", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1030337", }, { name: "59454", refsource: "SECUNIA", url: "http://secunia.com/advisories/59454", }, { name: "59188", refsource: "SECUNIA", url: "http://secunia.com/advisories/59188", }, { name: "59126", refsource: "SECUNIA", url: "http://secunia.com/advisories/59126", }, { name: "59306", refsource: "SECUNIA", url: "http://secunia.com/advisories/59306", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678289", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "SSRT101846", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142660345230545&w=2", }, { name: "HPSBUX03046", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "61254", refsource: "SECUNIA", url: "http://secunia.com/advisories/61254", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1103598", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1103598", }, { name: "59223", refsource: "SECUNIA", url: "http://secunia.com/advisories/59223", }, { name: "59895", refsource: "SECUNIA", url: "http://secunia.com/advisories/59895", }, { name: "58743", refsource: "SECUNIA", url: "http://secunia.com/advisories/58743", }, { name: "59449", refsource: "SECUNIA", url: "http://secunia.com/advisories/59449", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", }, { name: "HPSBOV03047", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140317760000786&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676879", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", }, { name: "59441", refsource: "SECUNIA", url: "http://secunia.com/advisories/59441", }, { name: "HPSBMU03074", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140621259019789&w=2", }, { name: "59189", refsource: "SECUNIA", url: "http://secunia.com/advisories/59189", }, { name: "MDVSA-2014:106", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:106", }, { name: "59300", refsource: "SECUNIA", url: "http://secunia.com/advisories/59300", }, { name: "GLSA-201407-05", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201407-05.xml", }, { name: "HPSBHF03293", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142660345230545&w=2", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg24037783", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg24037783", }, { name: "59365", refsource: "SECUNIA", url: "http://secunia.com/advisories/59365", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", }, { name: "59305", refsource: "SECUNIA", url: "http://secunia.com/advisories/59305", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676889", }, { name: "FEDORA-2014-9308", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", }, { name: "58945", refsource: "SECUNIA", url: "http://secunia.com/advisories/58945", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", }, { name: "58883", refsource: "SECUNIA", url: "http://secunia.com/advisories/58883", }, { name: "59659", refsource: "SECUNIA", url: "http://secunia.com/advisories/59659", }, { name: "openSUSE-SU-2016:0640", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", }, { name: "59429", refsource: "SECUNIA", url: "http://secunia.com/advisories/59429", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59655", refsource: "SECUNIA", url: "http://secunia.com/advisories/59655", }, { name: "58660", refsource: "SECUNIA", url: "http://secunia.com/advisories/58660", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676071", }, { name: "59437", refsource: "SECUNIA", url: "http://secunia.com/advisories/59437", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754", }, { name: "67900", refsource: "BID", url: "http://www.securityfocus.com/bid/67900", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0006.html", }, { name: "59310", refsource: "SECUNIA", url: "http://secunia.com/advisories/59310", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", refsource: "CONFIRM", url: "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc", }, { name: "http://www.fortiguard.com/advisory/FG-IR-14-018/", refsource: "CONFIRM", url: "http://www.fortiguard.com/advisory/FG-IR-14-018/", }, { name: "SUSE-SU-2015:0743", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676793", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676793", }, { name: "http://www.ibm.com/support/docview.wss?uid=swg21676356", refsource: "CONFIRM", url: "http://www.ibm.com/support/docview.wss?uid=swg21676356", }, { name: "HPSBMU03057", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389274407904&w=2", }, { name: "http://support.citrix.com/article/CTX140876", refsource: "CONFIRM", url: "http://support.citrix.com/article/CTX140876", }, { name: "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1632ef744872edc2aa2a53d487d3e79c965a4ad3", refsource: "CONFIRM", url: "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1632ef744872edc2aa2a53d487d3e79c965a4ad3", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757", }, { name: "HPSBMU03069", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140499827729550&w=2", }, { name: "58939", refsource: "SECUNIA", url: "http://secunia.com/advisories/58939", }, { name: "SSRT101590", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140266410314613&w=2", }, { name: "59514", refsource: "SECUNIA", url: "http://secunia.com/advisories/59514", }, { name: "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", }, { name: "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/ZDI-14-173-CVE-2014-0195-OpenSSL-DTLS-Fragment-Out-of-Bounds/ba-p/6501002", refsource: "MISC", url: "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/ZDI-14-173-CVE-2014-0195-OpenSSL-DTLS-Fragment-Out-of-Bounds/ba-p/6501002", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", }, { name: "58714", refsource: "SECUNIA", url: "http://secunia.com/advisories/58714", }, { name: "HPSBGN03050", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140482916501310&w=2", }, { name: "http://www.openssl.org/news/secadv_20140605.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20140605.txt", }, { name: "58615", refsource: "SECUNIA", url: "http://secunia.com/advisories/58615", }, { name: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15356.html", refsource: "CONFIRM", url: "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15356.html", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676644", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676644", }, { name: "http://support.apple.com/kb/HT6443", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT6443", }, { name: "59587", refsource: "SECUNIA", url: "http://secunia.com/advisories/59587", }, { name: "59301", refsource: "SECUNIA", url: "http://secunia.com/advisories/59301", }, { name: "59784", refsource: "SECUNIA", url: "http://secunia.com/advisories/59784", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA80", refsource: "CONFIRM", url: "https://kb.bluecoat.com/index?page=content&id=SA80", }, { name: "HPSBMU03076", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140904544427729&w=2", }, { name: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", refsource: "CONFIRM", url: "http://www.f-secure.com/en/web/labs_global/fsc-2014-6", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678167", }, { name: "59192", refsource: "SECUNIA", url: "http://secunia.com/advisories/59192", }, { name: "FEDORA-2014-9301", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html", }, { name: "HPSBMU03062", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140752315422991&w=2", }, { name: "59040", refsource: "SECUNIA", url: "http://secunia.com/advisories/59040", }, { name: "HPSBMU03056", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140389355508263&w=2", }, { name: "59175", refsource: "SECUNIA", url: "http://secunia.com/advisories/59175", }, { name: "HPSBMU03051", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140448122410568&w=2", }, { name: "59666", refsource: "SECUNIA", url: "http://secunia.com/advisories/59666", }, { name: "HPSBMU03055", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140431828824371&w=2", }, { name: "59413", refsource: "SECUNIA", url: "http://secunia.com/advisories/59413", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675821", }, { name: "59721", refsource: "SECUNIA", url: "http://secunia.com/advisories/59721", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", }, { name: "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Once-Bled-Twice-Shy-OpenSSL-CVE-2014-0195/ba-p/6501048", refsource: "MISC", url: "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Once-Bled-Twice-Shy-OpenSSL-CVE-2014-0195/ba-p/6501048", }, { name: "58713", refsource: "SECUNIA", url: "http://secunia.com/advisories/58713", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", }, { name: "MDVSA-2015:062", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", }, { name: "59450", refsource: "SECUNIA", url: "http://secunia.com/advisories/59450", }, { name: "59287", refsource: "SECUNIA", url: "http://secunia.com/advisories/59287", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21683332", }, { name: "59491", refsource: "SECUNIA", url: "http://secunia.com/advisories/59491", }, { name: "59364", refsource: "SECUNIA", url: "http://secunia.com/advisories/59364", }, { name: "59451", refsource: "SECUNIA", url: "http://secunia.com/advisories/59451", }, { name: "58977", refsource: "SECUNIA", url: "http://secunia.com/advisories/58977", }, { name: "https://www.novell.com/support/kb/doc.php?id=7015271", refsource: "CONFIRM", url: "https://www.novell.com/support/kb/doc.php?id=7015271", }, { name: "60571", refsource: "SECUNIA", url: "http://secunia.com/advisories/60571", }, { name: "http://www.blackberry.com/btsc/KB36051", refsource: "CONFIRM", url: "http://www.blackberry.com/btsc/KB36051", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755", }, { name: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", refsource: "CONFIRM", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677527", }, { name: "59528", refsource: "SECUNIA", url: "http://secunia.com/advisories/59528", }, { name: "58337", refsource: "SECUNIA", url: "http://secunia.com/advisories/58337", }, { name: "59518", refsource: "SECUNIA", url: "http://secunia.com/advisories/59518", }, { name: "59162", refsource: "SECUNIA", url: "http://secunia.com/advisories/59162", }, { name: "59490", refsource: "SECUNIA", url: "http://secunia.com/advisories/59490", }, { name: "HPSBMU03065", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=140491231331543&w=2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-0195", datePublished: "2014-06-05T21:00:00", dateReserved: "2013-12-03T00:00:00", dateUpdated: "2024-08-06T09:05:39.286Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.