CVE-2013-6450

openssl: crash in DTLS renegotiation after packet loss

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.

La implementación de retransmisión DTLS en OpenSSL través 0.9.8y y 1.x través 1.0.1e no mantiene adecuadamente las estructuras de datos para sumarios (hashes) y contextos de cifrado, lo que podría permitir a atacantes man-in-the-middle para activar el uso de un contexto diferente e interferir con la entrega de paquetes, relacionado con ssl/d1_both.c y ssl/t1_enc.c.

OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way OpenSSL determined which hashing algorithm to use when TLS protocol version 1.2 was enabled. This could possibly cause OpenSSL to use an incorrect hashing algorithm, leading to a crash of an application using the library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL did not properly maintain encryption and digest contexts during renegotiation. A lost or discarded renegotiation handshake packet could cause a DTLS client or server using OpenSSL to crash.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

Partial

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2013-11-04 CVE Reserved
2014-01-01 CVE Published
2024-08-06 CVE Updated
2025-04-05 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-310: Cryptographic Issues

CAPEC

References (24)

URL	Tag	Source
http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=34628967f1e65dc8f34e000f0f5518e21afbfc7b	X_refsource_confirm
http://seclists.org/fulldisclosure/2014/Dec/23	Mailing List
http://www-01.ibm.com/support/docview.wss?uid=isg400001841	X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=isg400001843	X_refsource_confirm
http://www.openssl.org/news/vulnerabilities.html	X_refsource_confirm
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	X_refsource_confirm
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	X_refsource_confirm
http://www.securityfocus.com/archive/1/534161/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/64618	Vdb Entry
http://www.securitytracker.com/id/1029549	Vdb Entry
http://www.securitytracker.com/id/1031594	Vdb Entry
http://www.vmware.com/security/advisories/VMSA-2014-0012.html	X_refsource_confirm
https://puppet.com/security/cve/cve-2013-6450	X_refsource_confirm
https://security-tracker.debian.org/tracker/CVE-2013-6450	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html	2023-11-07
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html	2023-11-07
http://lists.opensuse.org/opensuse-updates/2014-01/msg00031.html	2023-11-07
http://lists.opensuse.org/opensuse-updates/2014-01/msg00032.html	2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-0015.html	2023-11-07
http://security.gentoo.org/glsa/glsa-201412-39.xml	2023-11-07
http://www.debian.org/security/2014/dsa-2833	2023-11-07
http://www.ubuntu.com/usn/USN-2079-1	2023-11-07
https://access.redhat.com/security/cve/CVE-2013-6450	2014-01-08
https://bugzilla.redhat.com/show_bug.cgi?id=1047840	2014-01-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		beta1		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		beta2		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		beta3		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		beta4		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		beta5		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0a Search vendor "Openssl" for product "Openssl" and version "1.0.0a"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0b Search vendor "Openssl" for product "Openssl" and version "1.0.0b"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0c Search vendor "Openssl" for product "Openssl" and version "1.0.0c"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0d Search vendor "Openssl" for product "Openssl" and version "1.0.0d"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0e Search vendor "Openssl" for product "Openssl" and version "1.0.0e"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0f Search vendor "Openssl" for product "Openssl" and version "1.0.0f"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0g Search vendor "Openssl" for product "Openssl" and version "1.0.0g"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0h Search vendor "Openssl" for product "Openssl" and version "1.0.0h"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0i Search vendor "Openssl" for product "Openssl" and version "1.0.0i"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0j Search vendor "Openssl" for product "Openssl" and version "1.0.0j"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		beta1		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		beta2		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		beta3		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1a Search vendor "Openssl" for product "Openssl" and version "1.0.1a"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1b Search vendor "Openssl" for product "Openssl" and version "1.0.1b"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1c Search vendor "Openssl" for product "Openssl" and version "1.0.1c"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1d Search vendor "Openssl" for product "Openssl" and version "1.0.1d"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1e Search vendor "Openssl" for product "Openssl" and version "1.0.1e"		-		Affected