fkie_cve-2014-5139
Vulnerability from fkie_nvd
Published
2014-08-13 23:55
Modified
2025-04-12 10:46
Severity ?
Summary
The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client.
References
cret@cert.orgftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc
cret@cert.orghttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc
cret@cert.orghttp://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html
cret@cert.orghttp://marc.info/?l=bugtraq&m=142350350616251&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142350350616251&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142495837901899&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142495837901899&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142624590206005&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142624619906067
cret@cert.orghttp://marc.info/?l=bugtraq&m=142624619906067&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142624679706236&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142624679706236&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142624719706349&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142624719706349&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142660345230545&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142660345230545&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=142791032306609&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=143290437727362&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=143290522027658&w=2
cret@cert.orghttp://secunia.com/advisories/59700
cret@cert.orghttp://secunia.com/advisories/59710
cret@cert.orghttp://secunia.com/advisories/59756
cret@cert.orghttp://secunia.com/advisories/60022
cret@cert.orghttp://secunia.com/advisories/60221
cret@cert.orghttp://secunia.com/advisories/60493
cret@cert.orghttp://secunia.com/advisories/60803
cret@cert.orghttp://secunia.com/advisories/60810
cret@cert.orghttp://secunia.com/advisories/60917
cret@cert.orghttp://secunia.com/advisories/60921
cret@cert.orghttp://secunia.com/advisories/61017
cret@cert.orghttp://secunia.com/advisories/61100
cret@cert.orghttp://secunia.com/advisories/61171
cret@cert.orghttp://secunia.com/advisories/61184
cret@cert.orghttp://secunia.com/advisories/61392
cret@cert.orghttp://secunia.com/advisories/61775
cret@cert.orghttp://secunia.com/advisories/61959
cret@cert.orghttp://security.gentoo.org/glsa/glsa-201412-39.xml
cret@cert.orghttp://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html
cret@cert.orghttp://www-01.ibm.com/support/docview.wss?uid=nas8N1020240
cret@cert.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21682293
cret@cert.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21683389
cret@cert.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686997
cret@cert.orghttp://www.debian.org/security/2014/dsa-2998
cret@cert.orghttp://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm
cret@cert.orghttp://www.securityfocus.com/bid/69077
cret@cert.orghttp://www.securitytracker.com/id/1030693
cret@cert.orghttp://www.tenable.com/security/tns-2014-06
cret@cert.orghttps://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=80bd7b41b30af6ee96f519e629463583318de3b0
cret@cert.orghttps://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=83764a989dcc87fbea337da5f8f86806fe767b7e
cret@cert.orghttps://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html
cret@cert.orghttps://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc
cret@cert.orghttps://www.openssl.org/news/secadv_20140806.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc
af854a3a-2127-422b-91ae-364da2661108http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142350350616251&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142350350616251&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142495837901899&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142495837901899&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142624590206005&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142624619906067
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142624619906067&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142624679706236&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142624679706236&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142624719706349&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142624719706349&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142660345230545&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142660345230545&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142791032306609&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143290437727362&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143290522027658&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59700
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59710
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59756
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60022
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60221
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60493
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60803
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60810
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60917
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60921
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61017
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61100
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61171
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61184
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61392
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61775
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61959
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201412-39.xml
af854a3a-2127-422b-91ae-364da2661108http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21682293
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21683389
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686997
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-2998
af854a3a-2127-422b-91ae-364da2661108http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/69077
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030693
af854a3a-2127-422b-91ae-364da2661108http://www.tenable.com/security/tns-2014-06
af854a3a-2127-422b-91ae-364da2661108https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=80bd7b41b30af6ee96f519e629463583318de3b0
af854a3a-2127-422b-91ae-364da2661108https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=83764a989dcc87fbea337da5f8f86806fe767b7e
af854a3a-2127-422b-91ae-364da2661108https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html
af854a3a-2127-422b-91ae-364da2661108https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/news/secadv_20140806.txtVendor Advisory
Impacted products
Vendor Product Version
openssl openssl 1.0.1
openssl openssl 1.0.1
openssl openssl 1.0.1
openssl openssl 1.0.1
openssl openssl 1.0.1a
openssl openssl 1.0.1b
openssl openssl 1.0.1c
openssl openssl 1.0.1d
openssl openssl 1.0.1e
openssl openssl 1.0.1f
openssl openssl 1.0.1g
openssl openssl 1.0.1h


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D1C00C0-C77E-4255-9ECA-20F2673C7366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "21F16D65-8A46-4AC7-8970-73AB700035FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "92F393FF-7E6F-4671-BFBF-060162E12659",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "E1B85A09-CF8D-409D-966E-168F9959F6F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "C684FB18-FDDC-4BED-A28C-C23EE6CD0094",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "A74A79A7-4FAF-4C81-8622-050008B96AE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEDACCB9-8D61-49EE-9957-9E58BC7BB031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
              "matchCriteriaId": "4993DD56-F9E3-4AC8-AC3E-BF204B950DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
              "matchCriteriaId": "E884B241-F9C3-44F8-A420-DE65F5F3D660",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A383620-B4F7-44A7-85DA-A4FF2E115D80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F0C6812-F455-49CF-B29B-9AC00306DA43",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n ssl_set_client_disabled en t1_lib.c en OpenSSL 1.0.1 anterior a 1.0.1i permite a servidores SSL remotos causar una denegaci\u00f3n de servicio (referencia a puntero nulo y ca\u00edda de la aplicaci\u00f3n del cliente) a trav\u00e9s de un mensaje ServerHello que incluye un suite de cifrado SRP sin la negociaci\u00f3n necesaria de este suite de cifrada con el cliente."
    }
  ],
  "evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\" target=\"_blank\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
  "id": "CVE-2014-5139",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-08-13T23:55:07.717",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc"
    },
    {
      "source": "cret@cert.org",
      "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
    },
    {
      "source": "cret@cert.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/59700"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/59710"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/59756"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/60022"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/60221"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/60493"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/60803"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/60810"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/60917"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/60921"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/61017"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/61100"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/61171"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/61184"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/61392"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/61775"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/61959"
    },
    {
      "source": "cret@cert.org",
      "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
    },
    {
      "source": "cret@cert.org",
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.debian.org/security/2014/dsa-2998"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/69077"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id/1030693"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.tenable.com/security/tns-2014-06"
    },
    {
      "source": "cret@cert.org",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=80bd7b41b30af6ee96f519e629463583318de3b0"
    },
    {
      "source": "cret@cert.org",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=83764a989dcc87fbea337da5f8f86806fe767b7e"
    },
    {
      "source": "cret@cert.org",
      "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html"
    },
    {
      "source": "cret@cert.org",
      "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv_20140806.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59700"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60493"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60803"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60810"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61100"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61171"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61184"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61392"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61775"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-2998"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/69077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030693"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.tenable.com/security/tns-2014-06"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=80bd7b41b30af6ee96f519e629463583318de3b0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=83764a989dcc87fbea337da5f8f86806fe767b7e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv_20140806.txt"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.