ID CVE-2009-1386
Summary ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
References
Vulnerable Configurations
  • cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8c-1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8c-1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8c-2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8c-2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8c-3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8c-3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8c-4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8c-4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8c-5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8c-5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8c-6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8c-6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8c-7:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8c-7:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8c-8:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8c-8:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8c-9:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8c-9:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8d-1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8d-1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8d-2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8d-2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8d-3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8d-3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8d-4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8d-4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8d-5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8d-5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8d-6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8d-6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8d-7:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8d-7:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8d-8:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8d-8:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8d-9:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8d-9:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8e-1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8e-1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8e-2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8e-2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8e-3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8e-3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8e-4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8e-4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8e-5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8e-5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8e-6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8e-6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8e-7:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8e-7:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8e-8:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8e-8:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8e-9:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8e-9:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8f-1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8f-1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8f-2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8f-2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8f-3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8f-3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8f-4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8f-4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8f-5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8f-5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8f-6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8f-6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8f-7:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8f-7:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8f-8:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8f-8:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8f-9:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8f-9:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.15:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.15:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.17:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.17:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.2.18:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.6.7:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.8:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.9:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.10:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.10:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.11:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.11:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.12:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.12:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.13:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.13:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.14:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.14:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.15:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.15:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.16:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.16:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.7.17:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.7.17:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8g-1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8g-1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8g-2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8g-2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8g-3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8g-3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8g-4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8g-4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8g-5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8g-5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8g-6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8g-6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8g-7:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8g-7:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8g-8:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8g-8:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl_project:openssl:0.9.8g-9:*:*:*:*:*:*:*
    cpe:2.3:a:openssl_project:openssl:0.9.8g-9:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openssl:0.9.6-15:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openssl:0.9.6-15:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*
    cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*
  • cpe:2.3:a:redhat:openssl:0.9.6b-3:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openssl:0.9.6b-3:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*
    cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*
  • cpe:2.3:a:redhat:openssl:0.9.7a-2:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openssl:0.9.7a-2:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*
    cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*
  • cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*
    cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*
  • cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*
    cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*
CVSS
Base: 5.0 (as of 29-09-2017 - 01:34)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
oval via4
  • accepted 2013-04-29T04:12:05.974-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
    family unix
    id oval:org.mitre.oval:def:11179
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
    version 18
  • accepted 2014-01-20T04:01:35.092-05:00
    class vulnerability
    contributors
    • name J. Daniel Brown
      organization DTCC
    • name Chris Coffin
      organization The MITRE Corporation
    definition_extensions
    comment VMware ESX Server 4.0 is installed
    oval oval:org.mitre.oval:def:6293
    description ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
    family unix
    id oval:org.mitre.oval:def:7469
    status accepted
    submitted 2010-06-01T17:30:00.000-05:00
    title OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability
    version 8
redhat via4
advisories
rhsa
id RHSA-2009:1335
rpms
  • openssl-0:0.9.8e-12.el5
  • openssl-devel-0:0.9.8e-12.el5
  • openssl-perl-0:0.9.8e-12.el5
refmap via4
bid 35174
confirm
exploit-db 8873
hp
  • HPSBMA02492
  • SSRT100079
mlist
  • [oss-security] 20090602 Re: Two OpenSSL DTLS remote DoS
  • [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
netbsd NetBSD-SA2009-009
secunia
  • 35571
  • 35685
  • 35729
  • 36533
  • 38794
  • 38834
suse SUSE-SR:2009:012
ubuntu USN-792-1
vupen ADV-2010-0528
xf openssl-changecipherspec-dos(50963)
Last major update 29-09-2017 - 01:34
Published 04-06-2009 - 16:30
Back to Top