ID |
CVE-2017-3731
|
Summary |
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:openssl:openssl:1.1.0a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.1.0a:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.1.0b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.1.0b:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.1.0c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.1.0c:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*
-
cpe:2.3:a:openssl:openssl:1.0.2j:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2j:*:*:*:*:*:*:*
|
CVSS |
Base: | 5.0 (as of 23-04-2019 - 19:29) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-125 |
CAPEC |
-
Overread Buffers
An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
redhat
via4
|
advisories | bugzilla | id | 1416852 | title | CVE-2017-3731 openssl: Truncated packet could crash via OOB read |
| oval | OR | AND | OR | comment | Red Hat Enterprise Linux 6 Client is installed | oval | oval:com.redhat.rhba:tst:20111656001 |
comment | Red Hat Enterprise Linux 6 Server is installed | oval | oval:com.redhat.rhba:tst:20111656002 |
comment | Red Hat Enterprise Linux 6 Workstation is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
comment | Red Hat Enterprise Linux 6 ComputeNode is installed | oval | oval:com.redhat.rhba:tst:20111656004 |
|
OR | AND | comment | openssl is earlier than 0:1.0.1e-48.el6_8.4 | oval | oval:com.redhat.rhsa:tst:20170286009 |
comment | openssl is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20100888006 |
|
AND | comment | openssl-devel is earlier than 0:1.0.1e-48.el6_8.4 | oval | oval:com.redhat.rhsa:tst:20170286005 |
comment | openssl-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20100888012 |
|
AND | comment | openssl-perl is earlier than 0:1.0.1e-48.el6_8.4 | oval | oval:com.redhat.rhsa:tst:20170286007 |
comment | openssl-perl is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20100888008 |
|
AND | comment | openssl-static is earlier than 0:1.0.1e-48.el6_8.4 | oval | oval:com.redhat.rhsa:tst:20170286011 |
comment | openssl-static is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20100888010 |
|
|
|
AND | OR | comment | Red Hat Enterprise Linux 7 Client is installed | oval | oval:com.redhat.rhba:tst:20150364001 |
comment | Red Hat Enterprise Linux 7 Server is installed | oval | oval:com.redhat.rhba:tst:20150364002 |
comment | Red Hat Enterprise Linux 7 Workstation is installed | oval | oval:com.redhat.rhba:tst:20150364003 |
comment | Red Hat Enterprise Linux 7 ComputeNode is installed | oval | oval:com.redhat.rhba:tst:20150364004 |
|
OR | AND | comment | openssl is earlier than 1:1.0.1e-60.el7_3.1 | oval | oval:com.redhat.rhsa:tst:20170286022 |
comment | openssl is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20100888006 |
|
AND | comment | openssl-devel is earlier than 1:1.0.1e-60.el7_3.1 | oval | oval:com.redhat.rhsa:tst:20170286017 |
comment | openssl-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20100888012 |
|
AND | comment | openssl-libs is earlier than 1:1.0.1e-60.el7_3.1 | oval | oval:com.redhat.rhsa:tst:20170286019 |
comment | openssl-libs is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140679014 |
|
AND | comment | openssl-perl is earlier than 1:1.0.1e-60.el7_3.1 | oval | oval:com.redhat.rhsa:tst:20170286021 |
comment | openssl-perl is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20100888008 |
|
AND | comment | openssl-static is earlier than 1:1.0.1e-60.el7_3.1 | oval | oval:com.redhat.rhsa:tst:20170286018 |
comment | openssl-static is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20100888010 |
|
|
|
|
| rhsa | id | RHSA-2017:0286 | released | 2017-02-20 | severity | Moderate | title | RHSA-2017:0286: openssl security update (Moderate) |
|
| rpms | - openssl-0:1.0.1e-48.el6_8.4
- openssl-devel-0:1.0.1e-48.el6_8.4
- openssl-perl-0:1.0.1e-48.el6_8.4
- openssl-static-0:1.0.1e-48.el6_8.4
- openssl-1:1.0.1e-60.el7_3.1
- openssl-devel-1:1.0.1e-60.el7_3.1
- openssl-libs-1:1.0.1e-60.el7_3.1
- openssl-perl-1:1.0.1e-60.el7_3.1
- openssl-static-1:1.0.1e-60.el7_3.1
|
|
refmap
via4
|
bid | 95813 | confirm | | debian | DSA-3773 | freebsd | FreeBSD-SA-17:02 | gentoo | GLSA-201702-07 | misc | | sectrack | 1037717 |
|
Last major update |
23-04-2019 - 19:29 |
Published |
04-05-2017 - 19:29 |