FKIE_CVE-2014-8176

Vulnerability from fkie_nvd - Published: 2015-06-12 19:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data.
References
secalert@redhat.comhttp://fortiguard.com/advisory/openssl-vulnerabilities-june-2015
secalert@redhat.comhttp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-1115.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-2957.html
secalert@redhat.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl
secalert@redhat.comhttp://www.debian.org/security/2015/dsa-3287
secalert@redhat.comhttp://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015
secalert@redhat.comhttp://www.securityfocus.com/bid/75159
secalert@redhat.comhttp://www.securitytracker.com/id/1032564
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2639-1
secalert@redhat.comhttps://bto.bluecoat.com/security-advisory/sa98
secalert@redhat.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
secalert@redhat.comhttps://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351Third Party Advisory
secalert@redhat.comhttps://kc.mcafee.com/corporate/index?page=content&id=SB10122
secalert@redhat.comhttps://openssl.org/news/secadv/20150611.txt
secalert@redhat.comhttps://rt.openssl.org/Ticket/Display.html?id=3286&user=guest&pass=guestExploit
secalert@redhat.comhttps://security.gentoo.org/glsa/201506-02
secalert@redhat.comhttps://www.openssl.org/news/secadv_20150611.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015
af854a3a-2127-422b-91ae-364da2661108http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1115.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-2957.html
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3287
af854a3a-2127-422b-91ae-364da2661108http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/75159
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032564
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2639-1
af854a3a-2127-422b-91ae-364da2661108https://bto.bluecoat.com/security-advisory/sa98
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
af854a3a-2127-422b-91ae-364da2661108https://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10122
af854a3a-2127-422b-91ae-364da2661108https://openssl.org/news/secadv/20150611.txt
af854a3a-2127-422b-91ae-364da2661108https://rt.openssl.org/Ticket/Display.html?id=3286&user=guest&pass=guestExploit
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201506-02
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/news/secadv_20150611.txtVendor Advisory
Impacted products
Vendor Product Version
openssl openssl *
openssl openssl 1.0.0
openssl openssl 1.0.0
openssl openssl 1.0.0
openssl openssl 1.0.0
openssl openssl 1.0.0
openssl openssl 1.0.0
openssl openssl 1.0.0a
openssl openssl 1.0.0b
openssl openssl 1.0.0c
openssl openssl 1.0.0d
openssl openssl 1.0.0e
openssl openssl 1.0.0f
openssl openssl 1.0.0g
openssl openssl 1.0.0h
openssl openssl 1.0.0i
openssl openssl 1.0.0j
openssl openssl 1.0.0k
openssl openssl 1.0.0l
openssl openssl 1.0.1
openssl openssl 1.0.1
openssl openssl 1.0.1
openssl openssl 1.0.1
openssl openssl 1.0.1a
openssl openssl 1.0.1b
openssl openssl 1.0.1c
openssl openssl 1.0.1d
openssl openssl 1.0.1e
openssl openssl 1.0.1f
openssl openssl 1.0.1g
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A28EB262-0B86-4956-B15A-66E93EBA408F",
              "versionEndIncluding": "0.9.8z",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "3A2075BD-6102-4B0F-839A-836E9585F43B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "2A2FA09E-2BF7-4968-B62D-00DA57F81EA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "F02E634E-1E3D-4E44-BADA-76F92483A732",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "FCC2B07A-49EF-411F-8A4D-89435E22B043",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "7E9480D6-3B6A-4C41-B8C1-C3F945040772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "10FF0A06-DA61-4250-B083-67E55E362677",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A6BA453-C150-4159-B80B-5465EFF83F11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
              "matchCriteriaId": "638A2E69-8AB6-4FEA-852A-FEF16A500C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C47D3A-B99D-401D-B6B8-1194B2DB4809",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
              "matchCriteriaId": "08355B10-E004-4BE6-A5AE-4D428810580B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
              "matchCriteriaId": "738BCFDC-1C49-4774-95AE-E099F707DEF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4B242C0-D27D-4644-AD19-5ACB853C9DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DC683F2-4346-4E5E-A8D7-67B4F4D7827B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*",
              "matchCriteriaId": "764B7D38-BC1B-47DB-B1DF-D092BDA4BFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*",
              "matchCriteriaId": "6604E7BE-9F9B-444D-A63A-F65D1CFDF3BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*",
              "matchCriteriaId": "132B9217-B0E0-4E3E-9096-162AA28E158E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*",
              "matchCriteriaId": "7619F9A0-9054-4217-93D1-3EA64876C5B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D1C00C0-C77E-4255-9ECA-20F2673C7366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "21F16D65-8A46-4AC7-8970-73AB700035FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "92F393FF-7E6F-4671-BFBF-060162E12659",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "E1B85A09-CF8D-409D-966E-168F9959F6F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "C684FB18-FDDC-4BED-A28C-C23EE6CD0094",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "A74A79A7-4FAF-4C81-8622-050008B96AE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEDACCB9-8D61-49EE-9957-9E58BC7BB031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
              "matchCriteriaId": "4993DD56-F9E3-4AC8-AC3E-BF204B950DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
              "matchCriteriaId": "E884B241-F9C3-44F8-A420-DE65F5F3D660",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A383620-B4F7-44A7-85DA-A4FF2E115D80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n dtls1_clear_queues en ssl/d1_lib.c en OpenSSL anterior a 0.9.8za, 1.0.0 anterior a 1.0.0m, y 1.0.1 anterior a 1.0.1h libera estructuras de datos sin considerar que los datos de la aplicaci\u00f3n puedan llegar entre un mensaje ChangeCipherSpec y un mensaje Finished, lo que permite a pares remotos de DTLS causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) o posiblemente tener otro impacto no especificado a trav\u00e9s de datos de la aplicaci\u00f3n no esperados."
    }
  ],
  "id": "CVE-2014-8176",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-06-12T19:59:00.070",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1115.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2015/dsa-3287"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/75159"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id/1032564"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-2639-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bto.bluecoat.com/security-advisory/sa98"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10122"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://openssl.org/news/secadv/20150611.txt"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://rt.openssl.org/Ticket/Display.html?id=3286\u0026user=guest\u0026pass=guest"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://security.gentoo.org/glsa/201506-02"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv_20150611.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1115.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2015/dsa-3287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/75159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032564"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2639-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bto.bluecoat.com/security-advisory/sa98"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10122"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://openssl.org/news/secadv/20150611.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://rt.openssl.org/Ticket/Display.html?id=3286\u0026user=guest\u0026pass=guest"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201506-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv_20150611.txt"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.