- Home
- CVEs with nessus.description==Multiple vulnerabilities have been discovered in OpenSSL, a Secure
Sockets Layer toolkit. The Common Vulnerabilities and Exposures
project identifies the following issues :
- CVE-2014-3569
Frank Schmirler reported that the ssl23_get_client_hello
function in OpenSSL does not properly handle attempts to
use unsupported protocols. When OpenSSL is built with
the no-ssl3 option and a SSL v3 ClientHello is received,
the ssl method would be set to NULL which could later
result in a NULL pointer dereference and daemon crash.
- CVE-2014-3570
Pieter Wuille of Blockstream reported that the bignum
squaring (BN_sqr) may produce incorrect results on some
platforms, which might make it easier for remote
attackers to defeat cryptographic protection mechanisms.
- CVE-2014-3571
Markus Stenberg of Cisco Systems, Inc. reported that a
carefully crafted DTLS message can cause a segmentation
fault in OpenSSL due to a NULL pointer dereference. A
remote attacker could use this flaw to mount a denial of
service attack.
- CVE-2014-3572
Karthikeyan Bhargavan of the PROSECCO team at INRIA
reported that an OpenSSL client would accept a handshake
using an ephemeral ECDH ciphersuite if the server key
exchange message is omitted. This allows remote SSL
servers to conduct ECDHE-to-ECDH downgrade attacks and
trigger a loss of forward secrecy.
- CVE-2014-8275
Antti Karjalainen and Tuomo Untinen of the Codenomicon
CROSS project and Konrad Kraszewski of Google reported
various certificate fingerprint issues, which allow
remote attackers to defeat a fingerprint-based
certificate-blacklist protection mechanism.
- CVE-2015-0204
Karthikeyan Bhargavan of the PROSECCO team at INRIA
reported that an OpenSSL client will accept the use of
an ephemeral RSA key in a non-export RSA key exchange
ciphersuite, violating the TLS standard. This allows
remote SSL servers to downgrade the security of the
session.
- CVE-2015-0205
Karthikeyan Bhargavan of the PROSECCO team at INRIA
reported that an OpenSSL server will accept a DH
certificate for client authentication without the
certificate verify message. This flaw effectively allows
a client to authenticate without the use of a private
key via crafted TLS handshake protocol traffic to a
server that recognizes a certification authority with DH
support.
- CVE-2015-0206
Chris Mueller discovered a memory leak in the
dtls1_buffer_record function. A remote attacker could
exploit this flaw to mount a denial of service through
memory exhaustion by repeatedly sending specially
crafted DTLS records.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top