CVE-2010-4180

openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG ciphersuite downgrade attack

Severity Score

4.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.

OpenSSL en versiones anteriores a 0.9.8q y 1.0.x en versiones anteriores a 1.0.0c, cuando SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG está habilitado, no previene adecuadamente la modificación del conjunto de cifrado en la caché de sesión, lo que permite a atacantes remotos forzar la degradación para un cifrado no destinado a través de vectores que involucran rastreo de tráfico de red para descubrir un identificador de sesión.

*Credits: N/A

CVSS Scores

NISTv2 4.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2010-11-04 CVE Reserved
2010-12-03 CVE Published
2024-06-06 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (43)

URL	Tag	Source
http://osvdb.org/69565	Broken Link
http://secunia.com/advisories/42469	Not Applicable
http://secunia.com/advisories/42473	Not Applicable
http://secunia.com/advisories/42493	Not Applicable
http://secunia.com/advisories/42571	Not Applicable
http://secunia.com/advisories/42620	Not Applicable
http://secunia.com/advisories/42811	Not Applicable
http://secunia.com/advisories/42877	Not Applicable
http://secunia.com/advisories/43169	Not Applicable
http://secunia.com/advisories/43170	Not Applicable
http://secunia.com/advisories/43171	Not Applicable
http://secunia.com/advisories/43172	Not Applicable
http://secunia.com/advisories/43173	Not Applicable
http://secunia.com/advisories/44269	Not Applicable
http://support.apple.com/kb/HT4723	Third Party Advisory
http://www.kb.cert.org/vuls/id/737740	Third Party Advisory
http://www.securityfocus.com/bid/45164	Third Party Advisory
http://www.securitytracker.com/id?1024822	Broken Link
https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST	Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910	Signature

URL	Date	SRC

URL	Date	SRC
http://cvs.openssl.org/chngview?cn=20131	2022-08-04
http://openssl.org/news/secadv_20101202.txt	2022-08-04
https://bugzilla.redhat.com/show_bug.cgi?id=659462	2011-06-22

URL	Date	SRC
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777	2022-08-04
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	2022-08-04
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html	2022-08-04
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html	2022-08-04
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html	2022-08-04
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html	2022-08-04
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html	2022-08-04
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html	2022-08-04
http://marc.info/?l=bugtraq&m=129916880600544&w=2	2022-08-04
http://marc.info/?l=bugtraq&m=130497251507577&w=2	2022-08-04
http://marc.info/?l=bugtraq&m=132077688910227&w=2	2022-08-04
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471	2022-08-04
http://ubuntu.com/usn/usn-1029-1	2022-08-04
http://www.debian.org/security/2011/dsa-2141	2022-08-04
http://www.redhat.com/support/errata/RHSA-2010-0977.html	2022-08-04
http://www.redhat.com/support/errata/RHSA-2010-0978.html	2022-08-04
http://www.redhat.com/support/errata/RHSA-2010-0979.html	2022-08-04
http://www.redhat.com/support/errata/RHSA-2011-0896.html	2022-08-04
http://www.securityfocus.com/archive/1/522176	2022-08-04
https://access.redhat.com/security/cve/CVE-2010-4180	2011-06-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				< 0.9.8q Search vendor "Openssl" for product "Openssl" and version " < 0.9.8q"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				>= 1.0.0 < 1.0.0c Search vendor "Openssl" for product "Openssl" and version " >= 1.0.0 < 1.0.0c"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				13 Search vendor "Fedoraproject" for product "Fedora" and version "13"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				14 Search vendor "Fedoraproject" for product "Fedora" and version "14"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				5.0 Search vendor "Debian" for product "Debian Linux" and version "5.0"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				6.06 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				8.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "8.04"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				9.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "9.04"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				10.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				10.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.10"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				11.1 Search vendor "Opensuse" for product "Opensuse" and version "11.1"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				11.2 Search vendor "Opensuse" for product "Opensuse" and version "11.2"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				11.3 Search vendor "Opensuse" for product "Opensuse" and version "11.3"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				11.4 Search vendor "Opensuse" for product "Opensuse" and version "11.4"		-		Affected
Suse Search vendor "Suse"		Linux Enterprise Search vendor "Suse" for product "Linux Enterprise"				11.0 Search vendor "Suse" for product "Linux Enterprise" and version "11.0"		sp1		Affected
Suse Search vendor "Suse"		Linux Enterprise Desktop Search vendor "Suse" for product "Linux Enterprise Desktop"				10 Search vendor "Suse" for product "Linux Enterprise Desktop" and version "10"		sp3		Affected
Suse Search vendor "Suse"		Linux Enterprise Desktop Search vendor "Suse" for product "Linux Enterprise Desktop"				10 Search vendor "Suse" for product "Linux Enterprise Desktop" and version "10"		sp4		Affected
Suse Search vendor "Suse"		Linux Enterprise Desktop Search vendor "Suse" for product "Linux Enterprise Desktop"				11 Search vendor "Suse" for product "Linux Enterprise Desktop" and version "11"		sp1		Affected
Suse Search vendor "Suse"		Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server"				9 Search vendor "Suse" for product "Linux Enterprise Server" and version "9"		-		Affected
Suse Search vendor "Suse"		Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server"				10 Search vendor "Suse" for product "Linux Enterprise Server" and version "10"		sp3		Affected
Suse Search vendor "Suse"		Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server"				10 Search vendor "Suse" for product "Linux Enterprise Server" and version "10"		sp4		Affected
F5 Search vendor "F5"		Nginx Search vendor "F5" for product "Nginx"				< 0.9.2 Search vendor "F5" for product "Nginx" and version " < 0.9.2"		-		Affected