CVSS: 5.9EPSS: 1%CPEs: 59EXPL: 0CVE-2014-3510 – openssl: DTLS anonymous (EC)DH denial of service
https://notcve.org/view.php?id=CVE-2014-3510
06 Aug 2014 — The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersuite. La función ssl3_send_client_key_exchange en s3_clnt.c en OpenSSL 0.9.8 anterior a 0.9.8zb, 1.0.0 anterior a 1.0.0n, y 1.0.1 anterior a 1.0.1i permite a servidor... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc • CWE-476: NULL Pointer Dereference •
CVSS: 6.8EPSS: 2%CPEs: 31EXPL: 0CVE-2014-3509 – openssl: race condition in ssl_parse_serverhello_tlsext
https://notcve.org/view.php?id=CVE-2014-3509
06 Aug 2014 — Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data. Condición de carrera en la función ssl_parse_serverhello_tlsext en t1_lib.c en OpenSSL 1.0.0 anterior a 1.0.0n y 1.... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 78%CPEs: 59EXPL: 0CVE-2014-3506 – openssl: DTLS memory exhaustion
https://notcve.org/view.php?id=CVE-2014-3506
06 Aug 2014 — d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values. d1_both.c en la implementación DTLS en OpenSSL 0.9.8 anterior a 0.9.8zb, 1.0.0 anterior a 1.0.0n, y 1.0.1 anterior a 1.0.1i permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través d... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 90%CPEs: 59EXPL: 1CVE-2014-3507 – openssl: DTLS memory leak from zero-length fragments
https://notcve.org/view.php?id=CVE-2014-3507
06 Aug 2014 — Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function. Fuga de memoria en d1_both.c en la implementación DTLS en OpenSSL 0.9.8 anterior a 0.9.8zb, 1.0.0 anterior a 1.0.0n, y 1.0.1 anterior a 1.0.1i permite a atacantes remotos causar una denegación de ... • https://github.com/Satheesh575555/openSSL_1.0.1g_CVE-2014-3507 • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.9EPSS: 0%CPEs: 31EXPL: 0CVE-2014-3511 – openssl: TLS protocol downgrade attack
https://notcve.org/view.php?id=CVE-2014-3511
06 Aug 2014 — The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue. La función ssl23_get_client_hello en s23_srvr.c en OpenSSL 1.0.1 anterior a 1.0.1i permite a atacantes man-in-the-middle forzar el uso de TLS 1.0 mediante la provocación de la fragmentación de men... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc • CWE-390: Detection of Error Condition Without Action •
CVSS: 5.9EPSS: 1%CPEs: 59EXPL: 0CVE-2014-3508 – openssl: information leak in pretty printing functions
https://notcve.org/view.php?id=CVE-2014-3508
06 Aug 2014 — The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions. La función OBJ_obj2txt en crypto/objects/obj_dat.c en OpenSSL 0.9.8 anterior a 0.9.8zb, 1.0.0 anterior a 1.... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 85%CPEs: 59EXPL: 0CVE-2014-3505 – openssl: DTLS packet processing double free
https://notcve.org/view.php?id=CVE-2014-3505
06 Aug 2014 — Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (application crash) via crafted DTLS packets that trigger an error condition. Vulnerabilidad de doble liberación en d1_both.c en la implementación DTLS en OpenSSL 0.9.8 anterior a 0.9.8zb, 1.0.0 anterior a 1.0.0n, y 1.0.1 anterior a 1.0.1i permite a atacantes remotos causar una denegación de servicio (caída de apl... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc • CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 7.5EPSS: 85%CPEs: 31EXPL: 0CVE-2014-3512 – FreeBSD Security Advisory - OpenSSL Vulnerabilities
https://notcve.org/view.php?id=CVE-2014-3512
06 Aug 2014 — Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter. Múltiples desbordamientos de buffer en crypto/srp/srp_lib.c en la implementación SRP en OpenSSL 1.0.1 anterior a 1.0.1i permiten a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente tener otro impacto... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.4EPSS: 97%CPEs: 28EXPL: 7CVE-2014-0224 – openssl: SSL/TLS MITM vulnerability
https://notcve.org/view.php?id=CVE-2014-0224
05 Jun 2014 — OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability. OpenSSL anterior a 0.9.8za, 1.0.0 anterior a 1.0.0m y 1.0.1 anterior a 1.0.1h no restringe debidamente el proce... • https://packetstorm.news/files/id/180961 • CWE-326: Inadequate Encryption Strength CWE-841: Improper Enforcement of Behavioral Workflow •
CVSS: 7.5EPSS: 96%CPEs: 8EXPL: 3CVE-2014-0195 – OpenSSL DTLS Fragment Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0195
05 Jun 2014 — The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. La función dtls1_reassemble_fragment en d1_both.c en OpenSSL anterior a 0.9.8za, 1.0.0 anterior a 1.0.0m y 1.0.1 anterior a 1.0.1h no valida debidamente lon... • https://packetstorm.news/files/id/180495 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •