CVE-2014-3568 (GCVE-0-2014-3568)
Vulnerability from cvelistv5
Published
2014-10-19 01:00
Modified
2024-08-06 10:50
Severity ?
CWE
  • n/a
Summary
OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.
References
secalert@redhat.com ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc
secalert@redhat.com http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
secalert@redhat.com http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
secalert@redhat.com http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html
secalert@redhat.com http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html
secalert@redhat.com http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html
secalert@redhat.com http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
secalert@redhat.com http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
secalert@redhat.com http://marc.info/?l=bugtraq&m=141477196830952&w=2
secalert@redhat.com http://marc.info/?l=bugtraq&m=141477196830952&w=2
secalert@redhat.com http://marc.info/?l=bugtraq&m=142103967620673&w=2
secalert@redhat.com http://marc.info/?l=bugtraq&m=142103967620673&w=2
secalert@redhat.com http://marc.info/?l=bugtraq&m=142495837901899&w=2
secalert@redhat.com http://marc.info/?l=bugtraq&m=142495837901899&w=2
secalert@redhat.com http://marc.info/?l=bugtraq&m=142624590206005&w=2
secalert@redhat.com http://marc.info/?l=bugtraq&m=142791032306609&w=2
secalert@redhat.com http://marc.info/?l=bugtraq&m=142804214608580&w=2
secalert@redhat.com http://marc.info/?l=bugtraq&m=143290437727362&w=2
secalert@redhat.com http://marc.info/?l=bugtraq&m=143290522027658&w=2
secalert@redhat.com http://secunia.com/advisories/59627
secalert@redhat.com http://secunia.com/advisories/61058
secalert@redhat.com http://secunia.com/advisories/61073
secalert@redhat.com http://secunia.com/advisories/61130
secalert@redhat.com http://secunia.com/advisories/61207
secalert@redhat.com http://secunia.com/advisories/61819
secalert@redhat.com http://secunia.com/advisories/61959
secalert@redhat.com http://secunia.com/advisories/62030
secalert@redhat.com http://secunia.com/advisories/62070
secalert@redhat.com http://secunia.com/advisories/62124
secalert@redhat.com http://security.gentoo.org/glsa/glsa-201412-39.xml
secalert@redhat.com http://support.apple.com/HT204244
secalert@redhat.com http://www-01.ibm.com/support/docview.wss?uid=swg21686997
secalert@redhat.com http://www.debian.org/security/2014/dsa-3053
secalert@redhat.com http://www.securityfocus.com/bid/70585
secalert@redhat.com http://www.securitytracker.com/id/1031053
secalert@redhat.com https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6
secalert@redhat.com https://exchange.xforce.ibmcloud.com/vulnerabilities/97037
secalert@redhat.com https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=26a59d9b46574e457870197dffa802871b4c8fc7
secalert@redhat.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
secalert@redhat.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
secalert@redhat.com https://kc.mcafee.com/corporate/index?page=content&id=SB10091
secalert@redhat.com https://support.apple.com/HT205217
secalert@redhat.com https://support.citrix.com/article/CTX216642
secalert@redhat.com https://www.openssl.org/news/secadv_20141015.txt Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc
af854a3a-2127-422b-91ae-364da2661108 http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=141477196830952&w=2
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=141477196830952&w=2
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=142103967620673&w=2
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=142103967620673&w=2
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=142495837901899&w=2
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=142495837901899&w=2
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=142624590206005&w=2
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=142791032306609&w=2
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=142804214608580&w=2
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=143290437727362&w=2
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=143290522027658&w=2
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/59627
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/61058
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/61073
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/61130
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/61207
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/61819
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/61959
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/62030
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/62070
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/62124
af854a3a-2127-422b-91ae-364da2661108 http://security.gentoo.org/glsa/glsa-201412-39.xml
af854a3a-2127-422b-91ae-364da2661108 http://support.apple.com/HT204244
af854a3a-2127-422b-91ae-364da2661108 http://www-01.ibm.com/support/docview.wss?uid=swg21686997
af854a3a-2127-422b-91ae-364da2661108 http://www.debian.org/security/2014/dsa-3053
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/70585
af854a3a-2127-422b-91ae-364da2661108 http://www.securitytracker.com/id/1031053
af854a3a-2127-422b-91ae-364da2661108 https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/97037
af854a3a-2127-422b-91ae-364da2661108 https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=26a59d9b46574e457870197dffa802871b4c8fc7
af854a3a-2127-422b-91ae-364da2661108 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
af854a3a-2127-422b-91ae-364da2661108 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
af854a3a-2127-422b-91ae-364da2661108 https://kc.mcafee.com/corporate/index?page=content&id=SB10091
af854a3a-2127-422b-91ae-364da2661108 https://support.apple.com/HT205217
af854a3a-2127-422b-91ae-364da2661108 https://support.citrix.com/article/CTX216642
af854a3a-2127-422b-91ae-364da2661108 https://www.openssl.org/news/secadv_20141015.txt Vendor Advisory
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:50:17.862Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "HPSBOV03227",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
          },
          {
            "name": "HPSBHF03300",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2014:1331",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
          },
          {
            "name": "HPSBUX03162",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
          },
          {
            "name": "61130",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61130"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv_20141015.txt"
          },
          {
            "name": "62070",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62070"
          },
          {
            "name": "70585",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70585"
          },
          {
            "name": "61073",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61073"
          },
          {
            "name": "HPSBMU03304",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=26a59d9b46574e457870197dffa802871b4c8fc7"
          },
          {
            "name": "GLSA-201412-39",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
          },
          {
            "name": "DSA-3053",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3053"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
          },
          {
            "name": "HPSBMU03260",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT205217"
          },
          {
            "name": "SSRT101779",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2016:0640",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
          },
          {
            "name": "APPLE-SA-2015-09-16-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html"
          },
          {
            "name": "SUSE-SU-2014:1357",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091"
          },
          {
            "name": "openssl-cve20143568-sec-bypass(97037)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97037"
          },
          {
            "name": "NetBSD-SA2014-015",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/HT204244"
          },
          {
            "name": "SSRT101767",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
          },
          {
            "name": "61207",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61207"
          },
          {
            "name": "SUSE-SU-2015:0578",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
          },
          {
            "name": "62124",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62124"
          },
          {
            "name": "59627",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59627"
          },
          {
            "name": "SSRT101894",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
          },
          {
            "name": "HPSBMU03263",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
          },
          {
            "name": "SUSE-SU-2014:1361",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"
          },
          {
            "name": "61959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61959"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
          },
          {
            "name": "HPSBMU03267",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
          },
          {
            "name": "HPSBMU03261",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
          },
          {
            "name": "61058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61058"
          },
          {
            "name": "62030",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62030"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX216642"
          },
          {
            "name": "APPLE-SA-2015-01-27-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
          },
          {
            "name": "1031053",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031053"
          },
          {
            "name": "61819",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61819"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-14T10:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "HPSBOV03227",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
        },
        {
          "name": "HPSBHF03300",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2014:1331",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
        },
        {
          "name": "HPSBUX03162",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
        },
        {
          "name": "61130",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61130"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.openssl.org/news/secadv_20141015.txt"
        },
        {
          "name": "62070",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62070"
        },
        {
          "name": "70585",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70585"
        },
        {
          "name": "61073",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61073"
        },
        {
          "name": "HPSBMU03304",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=26a59d9b46574e457870197dffa802871b4c8fc7"
        },
        {
          "name": "GLSA-201412-39",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
        },
        {
          "name": "DSA-3053",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3053"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
        },
        {
          "name": "HPSBMU03260",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT205217"
        },
        {
          "name": "SSRT101779",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2016:0640",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
        },
        {
          "name": "APPLE-SA-2015-09-16-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html"
        },
        {
          "name": "SUSE-SU-2014:1357",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091"
        },
        {
          "name": "openssl-cve20143568-sec-bypass(97037)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97037"
        },
        {
          "name": "NetBSD-SA2014-015",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/HT204244"
        },
        {
          "name": "SSRT101767",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
        },
        {
          "name": "61207",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61207"
        },
        {
          "name": "SUSE-SU-2015:0578",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
        },
        {
          "name": "62124",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62124"
        },
        {
          "name": "59627",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59627"
        },
        {
          "name": "SSRT101894",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
        },
        {
          "name": "HPSBMU03263",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
        },
        {
          "name": "SUSE-SU-2014:1361",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"
        },
        {
          "name": "61959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61959"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
        },
        {
          "name": "HPSBMU03267",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
        },
        {
          "name": "HPSBMU03261",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
        },
        {
          "name": "61058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61058"
        },
        {
          "name": "62030",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62030"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX216642"
        },
        {
          "name": "APPLE-SA-2015-01-27-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
        },
        {
          "name": "1031053",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031053"
        },
        {
          "name": "61819",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61819"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-3568",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "HPSBOV03227",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
            },
            {
              "name": "HPSBHF03300",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2014:1331",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
            },
            {
              "name": "HPSBUX03162",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
            },
            {
              "name": "61130",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61130"
            },
            {
              "name": "https://www.openssl.org/news/secadv_20141015.txt",
              "refsource": "CONFIRM",
              "url": "https://www.openssl.org/news/secadv_20141015.txt"
            },
            {
              "name": "62070",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62070"
            },
            {
              "name": "70585",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70585"
            },
            {
              "name": "61073",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61073"
            },
            {
              "name": "HPSBMU03304",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
            },
            {
              "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=26a59d9b46574e457870197dffa802871b4c8fc7",
              "refsource": "CONFIRM",
              "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=26a59d9b46574e457870197dffa802871b4c8fc7"
            },
            {
              "name": "GLSA-201412-39",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
            },
            {
              "name": "DSA-3053",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3053"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
            },
            {
              "name": "HPSBMU03260",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
            },
            {
              "name": "https://support.apple.com/HT205217",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT205217"
            },
            {
              "name": "SSRT101779",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2016:0640",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
            },
            {
              "name": "APPLE-SA-2015-09-16-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html"
            },
            {
              "name": "SUSE-SU-2014:1357",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091"
            },
            {
              "name": "openssl-cve20143568-sec-bypass(97037)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97037"
            },
            {
              "name": "NetBSD-SA2014-015",
              "refsource": "NETBSD",
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"
            },
            {
              "name": "http://support.apple.com/HT204244",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/HT204244"
            },
            {
              "name": "SSRT101767",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
            },
            {
              "name": "61207",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61207"
            },
            {
              "name": "SUSE-SU-2015:0578",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
            },
            {
              "name": "62124",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62124"
            },
            {
              "name": "59627",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59627"
            },
            {
              "name": "SSRT101894",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
            },
            {
              "name": "HPSBMU03263",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
            },
            {
              "name": "SUSE-SU-2014:1361",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"
            },
            {
              "name": "61959",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61959"
            },
            {
              "name": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6",
              "refsource": "CONFIRM",
              "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
            },
            {
              "name": "HPSBMU03267",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
            },
            {
              "name": "HPSBMU03261",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
            },
            {
              "name": "61058",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61058"
            },
            {
              "name": "62030",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62030"
            },
            {
              "name": "https://support.citrix.com/article/CTX216642",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX216642"
            },
            {
              "name": "APPLE-SA-2015-01-27-4",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
            },
            {
              "name": "1031053",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031053"
            },
            {
              "name": "61819",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61819"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-3568",
    "datePublished": "2014-10-19T01:00:00",
    "dateReserved": "2014-05-14T00:00:00",
    "dateUpdated": "2024-08-06T10:50:17.862Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-3568\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-10-19T01:55:13.980\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.\"},{\"lang\":\"es\",\"value\":\"OpenSSL anterior a 0.9.8zc, 1.0.0 anterior a 1.0.0o, y 1.0.1 anterior a 1.0.1j no fuerza correctamente la opci\u00f3n build no-ssl3, lo que permite a atacantes remotos evadir las restricciones de acceso a trav\u00e9s de una negociaci\u00f3n SSL 3.0, relacionado con s23_clnt.c y s23_srvr.c.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.9.8zb\",\"matchCriteriaId\":\"7AA6173C-DA1F-4A3B-BB8A-E52F3B846134\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A2075BD-6102-4B0F-839A-836E9585F43B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A2FA09E-2BF7-4968-B62D-00DA57F81EA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F02E634E-1E3D-4E44-BADA-76F92483A732\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCC2B07A-49EF-411F-8A4D-89435E22B043\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E9480D6-3B6A-4C41-B8C1-C3F945040772\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10FF0A06-DA61-4250-B083-67E55E362677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A6BA453-C150-4159-B80B-5465EFF83F11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"638A2E69-8AB6-4FEA-852A-FEF16A500C1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56C47D3A-B99D-401D-B6B8-1194B2DB4809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08355B10-E004-4BE6-A5AE-4D428810580B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"738BCFDC-1C49-4774-95AE-E099F707DEF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4B242C0-D27D-4644-AD19-5ACB853C9DC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DC683F2-4346-4E5E-A8D7-67B4F4D7827B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"764B7D38-BC1B-47DB-B1DF-D092BDA4BFCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6604E7BE-9F9B-444D-A63A-F65D1CFDF3BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"132B9217-B0E0-4E3E-9096-162AA28E158E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7619F9A0-9054-4217-93D1-3EA64876C5B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D82C405-17E2-4DF1-8DF5-315BD5A41595\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C96806F-4718-4BD3-9102-55A26AA86498\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D1C00C0-C77E-4255-9ECA-20F2673C7366\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"21F16D65-8A46-4AC7-8970-73AB700035FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F393FF-7E6F-4671-BFBF-060162E12659\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1B85A09-CF8D-409D-966E-168F9959F6F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C684FB18-FDDC-4BED-A28C-C23EE6CD0094\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74A79A7-4FAF-4C81-8622-050008B96AE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEDACCB9-8D61-49EE-9957-9E58BC7BB031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4993DD56-F9E3-4AC8-AC3E-BF204B950DEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E884B241-F9C3-44F8-A420-DE65F5F3D660\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A383620-B4F7-44A7-85DA-A4FF2E115D80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F0C6812-F455-49CF-B29B-9AC00306DA43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F2D462C-A1B4-4572-A615-BDE9DC5F1E55\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/59627\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/61058\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/61073\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/61130\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/61207\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/61819\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/61959\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/62030\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/62070\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/62124\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201412-39.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://support.apple.com/HT204244\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686997\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2014/dsa-3053\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/70585\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id/1031053\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/97037\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=26a59d9b46574e457870197dffa802871b4c8fc7\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.apple.com/HT205217\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.citrix.com/article/CTX216642\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.openssl.org/news/secadv_20141015.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/59627\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61058\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61073\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61130\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61207\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61819\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61959\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/62030\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/62070\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/62124\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201412-39.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/HT204244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686997\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2014/dsa-3053\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/70585\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1031053\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/97037\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=26a59d9b46574e457870197dffa802871b4c8fc7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT205217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.citrix.com/article/CTX216642\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssl.org/news/secadv_20141015.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.