fkie_cve-2014-3513
Vulnerability from fkie_nvd
Published
2014-10-19 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.
References
secalert@redhat.comftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc
secalert@redhat.comhttp://advisories.mageia.org/MGASA-2014-0416.html
secalert@redhat.comhttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=142118135300698&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=142495837901899&w=2Patch
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=142624590206005&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=142791032306609&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=142804214608580&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=142834685803386&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=143290437727362&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=143290522027658&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=143290583027876&w=2
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-1652.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-1692.html
secalert@redhat.comhttp://secunia.com/advisories/59627
secalert@redhat.comhttp://secunia.com/advisories/61058
secalert@redhat.comhttp://secunia.com/advisories/61073
secalert@redhat.comhttp://secunia.com/advisories/61207
secalert@redhat.comhttp://secunia.com/advisories/61298
secalert@redhat.comhttp://secunia.com/advisories/61439
secalert@redhat.comhttp://secunia.com/advisories/61837
secalert@redhat.comhttp://secunia.com/advisories/61959
secalert@redhat.comhttp://secunia.com/advisories/61990
secalert@redhat.comhttp://secunia.com/advisories/62070
secalert@redhat.comhttp://security.gentoo.org/glsa/glsa-201412-39.xmlPatch
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21686997
secalert@redhat.comhttp://www.debian.org/security/2014/dsa-3053
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:062
secalert@redhat.comhttp://www.securityfocus.com/bid/70584
secalert@redhat.comhttp://www.securitytracker.com/id/1031052
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2385-1
secalert@redhat.comhttps://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6
secalert@redhat.comhttps://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2b0532f3984324ebe1236a63d15893792384328d
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
secalert@redhat.comhttps://kc.mcafee.com/corporate/index?page=content&id=SB10091
secalert@redhat.comhttps://support.apple.com/HT205217
secalert@redhat.comhttps://support.f5.com/kb/en-us/solutions/public/15000/700/sol15722.html
secalert@redhat.comhttps://www.openssl.org/news/secadv_20141015.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc
af854a3a-2127-422b-91ae-364da2661108http://advisories.mageia.org/MGASA-2014-0416.html
af854a3a-2127-422b-91ae-364da2661108http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142118135300698&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142495837901899&w=2Patch
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142624590206005&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142791032306609&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142804214608580&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142834685803386&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143290437727362&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143290522027658&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143290583027876&w=2
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1652.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1692.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59627
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61058
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61073
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61207
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61298
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61439
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61837
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61959
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61990
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62070
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201412-39.xmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686997
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-3053
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/70584
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031052
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2385-1
af854a3a-2127-422b-91ae-364da2661108https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6
af854a3a-2127-422b-91ae-364da2661108https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2b0532f3984324ebe1236a63d15893792384328d
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10091
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/HT205217
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/15000/700/sol15722.html
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/news/secadv_20141015.txtVendor Advisory
Impacted products
Vendor Product Version
openssl openssl 1.0.1
openssl openssl 1.0.1
openssl openssl 1.0.1
openssl openssl 1.0.1
openssl openssl 1.0.1a
openssl openssl 1.0.1b
openssl openssl 1.0.1c
openssl openssl 1.0.1d
openssl openssl 1.0.1e
openssl openssl 1.0.1f
openssl openssl 1.0.1g
openssl openssl 1.0.1h
openssl openssl 1.0.1i


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D1C00C0-C77E-4255-9ECA-20F2673C7366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "21F16D65-8A46-4AC7-8970-73AB700035FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "92F393FF-7E6F-4671-BFBF-060162E12659",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "E1B85A09-CF8D-409D-966E-168F9959F6F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "C684FB18-FDDC-4BED-A28C-C23EE6CD0094",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "A74A79A7-4FAF-4C81-8622-050008B96AE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEDACCB9-8D61-49EE-9957-9E58BC7BB031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
              "matchCriteriaId": "4993DD56-F9E3-4AC8-AC3E-BF204B950DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
              "matchCriteriaId": "E884B241-F9C3-44F8-A420-DE65F5F3D660",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A383620-B4F7-44A7-85DA-A4FF2E115D80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F0C6812-F455-49CF-B29B-9AC00306DA43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2D462C-A1B4-4572-A615-BDE9DC5F1E55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message."
    },
    {
      "lang": "es",
      "value": "Fuga de memoria en d1_srtp.c en la extensi\u00f3n DTLS SRTP en OpenSSL 1.0.1 anterior a 1.0.1j permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de un mensaje de negociaci\u00f3n manipulado."
    }
  ],
  "id": "CVE-2014-3513",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-10-19T01:55:13.887",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://advisories.mageia.org/MGASA-2014-0416.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=142834685803386\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59627"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61058"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61073"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61207"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61298"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61439"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61837"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61959"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61990"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/62070"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2014/dsa-3053"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/70584"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id/1031052"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-2385-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2b0532f3984324ebe1236a63d15893792384328d"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://support.apple.com/HT205217"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/700/sol15722.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv_20141015.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://advisories.mageia.org/MGASA-2014-0416.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142834685803386\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59627"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61207"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61298"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61837"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61990"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-3053"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/70584"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2385-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2b0532f3984324ebe1236a63d15893792384328d"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/HT205217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/700/sol15722.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv_20141015.txt"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.