CVE-2010-3864

CVSS V2 High 7.6 CVSS V3 None
Description
Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.
Overview
  • CVE ID
  • CVE-2010-3864
  • Assigner
  • secalert@redhat.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2010-11-17T16:00:01
  • Last Modified Date
  • 2023-02-13T04:27:08
Weakness Enumerations
CWE URL
CWE-362 http://cwe.mitre.org/data/definitions/362.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:H/Au:N/C:C/I:C/A:C
  • Access Vector
  • NETWORK
  • Access Compatibility
  • HIGH
  • Authentication
  • NONE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 7.6
  • Severity
  • HIGH
  • Exploitability Score
  • 4.9
  • Impact Score
  • 10
References
Reference URL Reference Tags
http://openssl.org/news/secadv_20101116.txt Patch Vendor Advisory
https://rhn.redhat.com/errata/RHSA-2010-0888.html
http://secunia.com/advisories/42243 Vendor Advisory
http://securitytracker.com/id?1024743 Patch
https://bugzilla.redhat.com/show_bug.cgi?id=649304 Patch
http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html
http://secunia.com/advisories/42336
http://secunia.com/advisories/42352
http://secunia.com/advisories/42397
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793
http://secunia.com/advisories/42309
http://www.debian.org/security/2010/dsa-2125
http://www.vupen.com/english/advisories/2010/3121
http://www.vupen.com/english/advisories/2010/3041
http://blogs.sun.com/security/entry/cve_2010_3864_race_condition
http://secunia.com/advisories/42413
http://secunia.com/advisories/42241
http://www.vupen.com/english/advisories/2010/3097
http://www.vupen.com/english/advisories/2010/3077
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
http://secunia.com/advisories/43312
http://secunia.com/advisories/44269
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777
http://www.adobe.com/support/security/bulletins/apsb11-11.html
http://support.apple.com/kb/HT4723
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
http://marc.info/?l=bugtraq&m=132828103218869&w=2
http://www.kb.cert.org/vuls/id/737740 US Government Resource
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
http://secunia.com/advisories/57353
http://marc.info/?l=bugtraq&m=129916880600544&w=2
http://marc.info/?l=bugtraq&m=130497251507577&w=2
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2010-3864
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864
History
Created Old Value New Value Data Type Notes
2022-05-10 18:30:19 Added to TrackCVE
2023-02-02 17:03:10 2023-02-02T15:15:17 CVE Modified Date updated
2023-02-02 17:03:10 Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. CVE-2010-3864 OpenSSL TLS extension parsing race condition Description updated
2023-02-13 05:03:58 2023-02-13T04:27:08 CVE Modified Date updated
2023-02-13 05:03:58 CVE-2010-3864 OpenSSL TLS extension parsing race condition Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. Description updated