CVE-2014-3509

CVSS V2 Medium 6.8 CVSS V3 None

Description

Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data.

Overview

CVE ID
CVE-2014-3509

Assigner
secalert@redhat.com

Vulnerability Status
Modified

Published Version
2014-08-13T23:55:07

Last Modified Date
2017-11-15T02:29:04

Weakness Enumerations

CWE	URL
CWE-362	http://cwe.mitre.org/data/definitions/362.html

CPE Configuration (Product)

CPE	Vulnerable	Operator
cpe:2.3:a:openssl:openssl:1.0.0:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0:beta1::::::	1	OR
cpe:2.3:a:openssl:openssl:1.0.0:beta2::::::	1	OR
cpe:2.3:a:openssl:openssl:1.0.0:beta3::::::	1	OR
cpe:2.3:a:openssl:openssl:1.0.0:beta4::::::	1	OR
cpe:2.3:a:openssl:openssl:1.0.0:beta5::::::	1	OR
cpe:2.3:a:openssl:openssl:1.0.0a:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0b:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0c:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0d:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0e:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0f:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0g:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0h:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0i:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0j:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0k:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0l:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.0m:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.1:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.1:beta1::::::	1	OR
cpe:2.3:a:openssl:openssl:1.0.1:beta2::::::	1	OR
cpe:2.3:a:openssl:openssl:1.0.1:beta3::::::	1	OR
cpe:2.3:a:openssl:openssl:1.0.1a:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.1b:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.1c:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.1d:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.1e:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.1f:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.1g:::::::*	1	OR
cpe:2.3:a:openssl:openssl:1.0.1h:::::::*	1	OR

CVSS Version 2

Version
2.0

Vector String
AV:N/AC:M/Au:N/C:P/I:P/A:P

Access Vector
NETWORK

Access Compatibility
MEDIUM

Authentication
NONE

Confidentiality Impact
PARTIAL

Integrity Impact
PARTIAL

Availability Impact
PARTIAL

Base Score
6.8

Severity
MEDIUM

Exploitability Score
8.6

Impact Score
6.4

References

Reference URL	Reference Tags
https://www.openssl.org/news/secadv_20140806.txt	Vendor Advisory
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=fb0bc2b273bcc2d5401dd883fe869af4fc74bb21
http://secunia.com/advisories/60917
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc
http://secunia.com/advisories/60938
http://secunia.com/advisories/60921
http://www.debian.org/security/2014/dsa-2998
http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm
http://secunia.com/advisories/61775
http://secunia.com/advisories/61959
http://www-01.ibm.com/support/docview.wss?uid=swg21686997
http://www-01.ibm.com/support/docview.wss?uid=swg21682293
http://secunia.com/advisories/59756
http://security.gentoo.org/glsa/glsa-201412-39.xml
http://marc.info/?l=bugtraq&m=142495837901899&w=2
http://marc.info/?l=bugtraq&m=142624590206005&w=2
http://rhn.redhat.com/errata/RHSA-2015-0197.html
http://marc.info/?l=bugtraq&m=142350350616251&w=2
http://marc.info/?l=bugtraq&m=142660345230545&w=2
http://marc.info/?l=bugtraq&m=142791032306609&w=2
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
http://marc.info/?l=bugtraq&m=143290437727362&w=2
http://marc.info/?l=bugtraq&m=143290522027658&w=2
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc
https://techzone.ergon.ch/CVE-2014-3511
https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html
https://bugzilla.redhat.com/show_bug.cgi?id=1127498
http://www-01.ibm.com/support/docview.wss?uid=swg21683389
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240
http://www.securitytracker.com/id/1030693
http://www.securityfocus.com/bid/69084
http://www.mandriva.com/security/advisories?name=MDVSA-2014:158
http://secunia.com/advisories/61184
http://secunia.com/advisories/61139
http://secunia.com/advisories/61100
http://secunia.com/advisories/61017
http://secunia.com/advisories/60803
http://secunia.com/advisories/60684
http://secunia.com/advisories/60493
http://secunia.com/advisories/60221
http://secunia.com/advisories/60022
http://secunia.com/advisories/59710
http://secunia.com/advisories/59700
http://secunia.com/advisories/58962
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html
http://linux.oracle.com/errata/ELSA-2014-1052.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/95159
https://support.citrix.com/article/CTX216642

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2014-3509
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509

History

Created	Old Value	New Value	Data Type	Notes
2022-05-10 08:11:36				Added to TrackCVE
2022-12-02 00:14:53	2014-08-13T23:55Z	2014-08-13T23:55:07	CVE Published Date	updated
2022-12-02 00:14:53		2017-11-15T02:29:04	CVE Modified Date	updated
2022-12-02 00:14:53		Modified	Vulnerability Status	updated