CVE-2014-0198 - The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS

CVE-2014-0198

Summary

The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.

References

Vulnerable Configurations

cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:-:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:-:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0s:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0s:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0t:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0t:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:-:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:-:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.12:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 29-08-2022 - 20:50)
Impact:
Exploitability:

CWE

CWE-476

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

redhat via4

rpms

openssl-0:1.0.1e-16.el6_5.14
openssl-debuginfo-0:1.0.1e-16.el6_5.14
openssl-devel-0:1.0.1e-16.el6_5.14
openssl-perl-0:1.0.1e-16.el6_5.14
openssl-static-0:1.0.1e-16.el6_5.14
openssl-0:1.0.1e-16.el6_5.14
openssl-debuginfo-0:1.0.1e-16.el6_5.14
openssl-devel-0:1.0.1e-16.el6_5.14
openssl-perl-0:1.0.1e-16.el6_5.14
openssl-static-0:1.0.1e-16.el6_5.14
openssl-1:1.0.1e-34.el7_0.3
openssl-debuginfo-1:1.0.1e-34.el7_0.3
openssl-devel-1:1.0.1e-34.el7_0.3
openssl-libs-1:1.0.1e-34.el7_0.3
openssl-perl-1:1.0.1e-34.el7_0.3
openssl-static-1:1.0.1e-34.el7_0.3

refmap via4

bid	67193
bugtraq	20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
cisco	20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
confirm	http://advisories.mageia.org/MGASA-2014-0204.html http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 http://puppetlabs.com/security/cve/cve-2014-0198 http://support.citrix.com/article/CTX140876 http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163 http://www-01.ibm.com/support/docview.wss?uid=swg21673137 http://www-01.ibm.com/support/docview.wss?uid=swg21676035 http://www-01.ibm.com/support/docview.wss?uid=swg21676062 http://www-01.ibm.com/support/docview.wss?uid=swg21676419 http://www-01.ibm.com/support/docview.wss?uid=swg21676529 http://www-01.ibm.com/support/docview.wss?uid=swg21676655 http://www-01.ibm.com/support/docview.wss?uid=swg21676879 http://www-01.ibm.com/support/docview.wss?uid=swg21676889 http://www-01.ibm.com/support/docview.wss?uid=swg21677527 http://www-01.ibm.com/support/docview.wss?uid=swg21677695 http://www-01.ibm.com/support/docview.wss?uid=swg21677828 http://www-01.ibm.com/support/docview.wss?uid=swg21677836 http://www-01.ibm.com/support/docview.wss?uid=swg21678167 http://www-01.ibm.com/support/docview.wss?uid=swg21683332 http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 http://www.blackberry.com/btsc/KB36051 http://www.fortiguard.com/advisory/FG-IR-14-018/ http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm http://www.ibm.com/support/docview.wss?uid=swg21676356 http://www.ibm.com/support/docview.wss?uid=swg24037783 http://www.openssl.org/news/secadv_20140605.txt http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html http://www.vmware.com/security/advisories/VMSA-2014-0006.html http://www.vmware.com/security/advisories/VMSA-2014-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=1093837 https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946 https://kb.bluecoat.com/index?page=content&id=SA80 https://kc.mcafee.com/corporate/index?page=content&id=SB10075 https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321 https://www.novell.com/support/kb/doc.php?id=7015271
debian	DSA-2931
fedora	FEDORA-2014-9301 FEDORA-2014-9308
fulldisc	20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
gentoo	GLSA-201407-05
hp	HPSBGN03068 HPSBHF03052 HPSBMU03051 HPSBMU03055 HPSBMU03056 HPSBMU03057 HPSBMU03062 HPSBMU03074 HPSBMU03076
mandriva	MDVSA-2014:080 MDVSA-2015:062
openbsd	[5.5] 005: RELIABILITY FIX: May 1, 2014
secunia	58337 58667 58713 58714 58939 58945 58977 59126 59162 59163 59190 59202 59264 59282 59284 59287 59300 59301 59306 59310 59342 59374 59398 59413 59437 59438 59440 59449 59450 59490 59491 59514 59525 59529 59655 59666 59669 59721 59784 59990 60049 60066 60571 61254
suse	SUSE-SU-2015:0743 openSUSE-SU-2014:0634 openSUSE-SU-2014:0635

Last major update

29-08-2022 - 20:50

Published

06-05-2014 - 10:44

Last modified

29-08-2022 - 20:50