fkie_cve-2014-8176
Vulnerability from fkie_nvd
Published
2015-06-12 19:59
Modified
2024-11-21 02:18
Severity ?
Summary
The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openssl | openssl | * | |
| openssl | openssl | 1.0.0 | |
| openssl | openssl | 1.0.0 | |
| openssl | openssl | 1.0.0 | |
| openssl | openssl | 1.0.0 | |
| openssl | openssl | 1.0.0 | |
| openssl | openssl | 1.0.0 | |
| openssl | openssl | 1.0.0a | |
| openssl | openssl | 1.0.0b | |
| openssl | openssl | 1.0.0c | |
| openssl | openssl | 1.0.0d | |
| openssl | openssl | 1.0.0e | |
| openssl | openssl | 1.0.0f | |
| openssl | openssl | 1.0.0g | |
| openssl | openssl | 1.0.0h | |
| openssl | openssl | 1.0.0i | |
| openssl | openssl | 1.0.0j | |
| openssl | openssl | 1.0.0k | |
| openssl | openssl | 1.0.0l | |
| openssl | openssl | 1.0.1 | |
| openssl | openssl | 1.0.1 | |
| openssl | openssl | 1.0.1 | |
| openssl | openssl | 1.0.1 | |
| openssl | openssl | 1.0.1a | |
| openssl | openssl | 1.0.1b | |
| openssl | openssl | 1.0.1c | |
| openssl | openssl | 1.0.1d | |
| openssl | openssl | 1.0.1e | |
| openssl | openssl | 1.0.1f | |
| openssl | openssl | 1.0.1g |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "A28EB262-0B86-4956-B15A-66E93EBA408F", versionEndIncluding: "0.9.8z", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", matchCriteriaId: "3A2075BD-6102-4B0F-839A-836E9585F43B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", matchCriteriaId: "2A2FA09E-2BF7-4968-B62D-00DA57F81EA1", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", matchCriteriaId: "F02E634E-1E3D-4E44-BADA-76F92483A732", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", matchCriteriaId: "FCC2B07A-49EF-411F-8A4D-89435E22B043", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", matchCriteriaId: "7E9480D6-3B6A-4C41-B8C1-C3F945040772", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", matchCriteriaId: "10FF0A06-DA61-4250-B083-67E55E362677", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", matchCriteriaId: "8A6BA453-C150-4159-B80B-5465EFF83F11", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", matchCriteriaId: "638A2E69-8AB6-4FEA-852A-FEF16A500C1A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*", matchCriteriaId: "56C47D3A-B99D-401D-B6B8-1194B2DB4809", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*", matchCriteriaId: "08355B10-E004-4BE6-A5AE-4D428810580B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", matchCriteriaId: "738BCFDC-1C49-4774-95AE-E099F707DEF9", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*", matchCriteriaId: "D4B242C0-D27D-4644-AD19-5ACB853C9DC2", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*", matchCriteriaId: "8DC683F2-4346-4E5E-A8D7-67B4F4D7827B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*", matchCriteriaId: "764B7D38-BC1B-47DB-B1DF-D092BDA4BFCB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", matchCriteriaId: "6604E7BE-9F9B-444D-A63A-F65D1CFDF3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*", matchCriteriaId: "132B9217-B0E0-4E3E-9096-162AA28E158E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*", matchCriteriaId: "7619F9A0-9054-4217-93D1-3EA64876C5B0", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2D1C00C0-C77E-4255-9ECA-20F2673C7366", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*", matchCriteriaId: "21F16D65-8A46-4AC7-8970-73AB700035FB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*", matchCriteriaId: "92F393FF-7E6F-4671-BFBF-060162E12659", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*", matchCriteriaId: "E1B85A09-CF8D-409D-966E-168F9959F6F6", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", matchCriteriaId: "3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", matchCriteriaId: "C684FB18-FDDC-4BED-A28C-C23EE6CD0094", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", matchCriteriaId: "A74A79A7-4FAF-4C81-8622-050008B96AE1", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", matchCriteriaId: "CEDACCB9-8D61-49EE-9957-9E58BC7BB031", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", matchCriteriaId: "4993DD56-F9E3-4AC8-AC3E-BF204B950DEC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", matchCriteriaId: "E884B241-F9C3-44F8-A420-DE65F5F3D660", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", matchCriteriaId: "3A383620-B4F7-44A7-85DA-A4FF2E115D80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data.", }, { lang: "es", value: "La función dtls1_clear_queues en ssl/d1_lib.c en OpenSSL anterior a 0.9.8za, 1.0.0 anterior a 1.0.0m, y 1.0.1 anterior a 1.0.1h libera estructuras de datos sin considerar que los datos de la aplicación puedan llegar entre un mensaje ChangeCipherSpec y un mensaje Finished, lo que permite a pares remotos de DTLS causar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente tener otro impacto no especificado a través de datos de la aplicación no esperados.", }, ], id: "CVE-2014-8176", lastModified: "2024-11-21T02:18:42.943", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-12T19:59:00.070", references: [ { source: "secalert@redhat.com", url: "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015", }, { source: "secalert@redhat.com", url: "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1115.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "secalert@redhat.com", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2015/dsa-3287", }, { source: "secalert@redhat.com", url: "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/75159", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1032564", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2639-1", }, { source: "secalert@redhat.com", url: "https://bto.bluecoat.com/security-advisory/sa98", }, { source: "secalert@redhat.com", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "secalert@redhat.com", url: "https://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351", }, { source: "secalert@redhat.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10122", }, { source: "secalert@redhat.com", url: "https://openssl.org/news/secadv/20150611.txt", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://rt.openssl.org/Ticket/Display.html?id=3286&user=guest&pass=guest", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201506-02", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv_20150611.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1115.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3287", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75159", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032564", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2639-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bto.bluecoat.com/security-advisory/sa98", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10122", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://openssl.org/news/secadv/20150611.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://rt.openssl.org/Ticket/Display.html?id=3286&user=guest&pass=guest", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201506-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv_20150611.txt", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.