ID CVE-2014-3567
Summary Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.
References
Vulnerable Configurations
  • cpe:2.3:a:openssl:openssl:-:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:-:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.3:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.3:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.3:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.3:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6d:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6d:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta4:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta4:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta5:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta5:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta6:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta6:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*
CVSS
Base: 7.1 (as of 15-11-2017 - 02:29)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:C
redhat via4
advisories
  • bugzilla
    id 1152961
    title CVE-2014-3567 openssl: Invalid TLS/SSL session tickets could cause memory leak leading to server crash
    oval
    OR
    • AND
      • OR
        • comment Red Hat Enterprise Linux 7 Client is installed
          oval oval:com.redhat.rhba:tst:20150364001
        • comment Red Hat Enterprise Linux 7 Server is installed
          oval oval:com.redhat.rhba:tst:20150364002
        • comment Red Hat Enterprise Linux 7 Workstation is installed
          oval oval:com.redhat.rhba:tst:20150364003
        • comment Red Hat Enterprise Linux 7 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20150364004
      • OR
        • AND
          • comment openssl is earlier than 1:1.0.1e-34.el7_0.6
            oval oval:com.redhat.rhsa:tst:20141652005
          • comment openssl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888006
        • AND
          • comment openssl-devel is earlier than 1:1.0.1e-34.el7_0.6
            oval oval:com.redhat.rhsa:tst:20141652007
          • comment openssl-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888012
        • AND
          • comment openssl-libs is earlier than 1:1.0.1e-34.el7_0.6
            oval oval:com.redhat.rhsa:tst:20141652011
          • comment openssl-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140679014
        • AND
          • comment openssl-perl is earlier than 1:1.0.1e-34.el7_0.6
            oval oval:com.redhat.rhsa:tst:20141652009
          • comment openssl-perl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888008
        • AND
          • comment openssl-static is earlier than 1:1.0.1e-34.el7_0.6
            oval oval:com.redhat.rhsa:tst:20141652013
          • comment openssl-static is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888010
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhba:tst:20111656001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhba:tst:20111656002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhba:tst:20111656003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20111656004
      • OR
        • AND
          • comment openssl is earlier than 0:1.0.1e-30.el6_6.2
            oval oval:com.redhat.rhsa:tst:20141652019
          • comment openssl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888006
        • AND
          • comment openssl-devel is earlier than 0:1.0.1e-30.el6_6.2
            oval oval:com.redhat.rhsa:tst:20141652022
          • comment openssl-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888012
        • AND
          • comment openssl-perl is earlier than 0:1.0.1e-30.el6_6.2
            oval oval:com.redhat.rhsa:tst:20141652020
          • comment openssl-perl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888008
        • AND
          • comment openssl-static is earlier than 0:1.0.1e-30.el6_6.2
            oval oval:com.redhat.rhsa:tst:20141652021
          • comment openssl-static is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888010
    rhsa
    id RHSA-2014:1652
    released 2014-10-16
    severity Important
    title RHSA-2014:1652: openssl security update (Important)
  • rhsa
    id RHSA-2014:1692
  • rhsa
    id RHSA-2015:0126
rpms
  • openssl-1:1.0.1e-34.el7_0.6
  • openssl-devel-1:1.0.1e-34.el7_0.6
  • openssl-libs-1:1.0.1e-34.el7_0.6
  • openssl-perl-1:1.0.1e-34.el7_0.6
  • openssl-static-1:1.0.1e-34.el7_0.6
  • openssl-0:1.0.1e-30.el6_6.2
  • openssl-devel-0:1.0.1e-30.el6_6.2
  • openssl-perl-0:1.0.1e-30.el6_6.2
  • openssl-static-0:1.0.1e-30.el6_6.2
refmap via4
apple
  • APPLE-SA-2015-01-27-4
  • APPLE-SA-2015-09-16-2
bid 70586
confirm
debian DSA-3053
gentoo GLSA-201412-39
hp
  • HPSBGN03233
  • HPSBHF03300
  • HPSBMU03223
  • HPSBMU03260
  • HPSBMU03261
  • HPSBMU03263
  • HPSBMU03267
  • HPSBMU03296
  • HPSBMU03304
  • HPSBOV03227
  • HPSBUX03162
  • SSRT101739
  • SSRT101767
  • SSRT101779
  • SSRT101868
  • SSRT101894
mandriva
  • MDVSA-2014:203
  • MDVSA-2015:062
netbsd NetBSD-SA2014-015
sectrack 1031052
secunia
  • 59627
  • 61058
  • 61073
  • 61130
  • 61207
  • 61298
  • 61819
  • 61837
  • 61959
  • 61990
  • 62030
  • 62070
  • 62124
suse
  • SUSE-SU-2014:1357
  • SUSE-SU-2014:1361
  • openSUSE-SU-2014:1331
  • openSUSE-SU-2016:0640
ubuntu USN-2385-1
Last major update 15-11-2017 - 02:29
Published 19-10-2014 - 01:55
Back to Top