Lucene search

[email protected]CVE-2014-0221

HistoryJun 05, 2014 - 9:55 p.m.

CVE-2014-0221

2014-06-0521:55:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

openssl

cve-2014-0221

dtls

denial of service

nvd

7.2 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.966 High

EPSS

Percentile

99.6%

JSON

The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.

CPENameOperatorVersion
openssl:opensslopenssllt1.0.0m
openssl:opensslopenssllt1.0.1h
openssl:opensslopenssllt0.9.8za
redhat:enterprise_linuxredhat enterprise linuxeq6.0
redhat:storageredhat storageeq2.1
redhat:enterprise_linuxredhat enterprise linuxeq5
fedoraproject:fedorafedoraproject fedoraeq*
mariadb:mariadbmariadblt10.0.13
fedoraproject:fedorafedoraproject fedoraeq20
fedoraproject:fedorafedoraproject fedoraeq19

CPE	Name	Operator	Version
openssl:openssl	openssl	lt	1.0.0m
openssl:openssl	openssl	lt	1.0.1h
openssl:openssl	openssl	lt	0.9.8za
redhat:enterprise_linux	redhat enterprise linux	eq	6.0
redhat:storage	redhat storage	eq	2.1
redhat:enterprise_linux	redhat enterprise linux	eq	5
fedoraproject:fedora	fedoraproject fedora	eq	*
mariadb:mariadb	mariadb	lt	10.0.13
fedoraproject:fedora	fedoraproject fedora	eq	20
fedoraproject:fedora	fedoraproject fedora	eq	19

Rows per page:

1-10 of 161

References

aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc

kb.juniper.net/InfoCenter/index?page=content&id=JSA10629

linux.oracle.com/errata/ELSA-2014-1053.html

lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html

lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html

marc.info/?l=bugtraq&m=140266410314613&w=2

marc.info/?l=bugtraq&m=140317760000786&w=2

marc.info/?l=bugtraq&m=140389274407904&w=2

marc.info/?l=bugtraq&m=140389355508263&w=2

marc.info/?l=bugtraq&m=140431828824371&w=2

marc.info/?l=bugtraq&m=140448122410568&w=2

marc.info/?l=bugtraq&m=140482916501310&w=2

marc.info/?l=bugtraq&m=140491231331543&w=2

marc.info/?l=bugtraq&m=140499827729550&w=2

marc.info/?l=bugtraq&m=140621259019789&w=2

marc.info/?l=bugtraq&m=140752315422991&w=2

marc.info/?l=bugtraq&m=140904544427729&w=2

rhn.redhat.com/errata/RHSA-2014-1021.html

seclists.org/fulldisclosure/2014/Dec/23

secunia.com/advisories/58337

secunia.com/advisories/58615

secunia.com/advisories/58713

secunia.com/advisories/58714

secunia.com/advisories/58939

secunia.com/advisories/58945

secunia.com/advisories/58977

secunia.com/advisories/59027

secunia.com/advisories/59120

secunia.com/advisories/59126

secunia.com/advisories/59162

secunia.com/advisories/59167

secunia.com/advisories/59175

secunia.com/advisories/59189

secunia.com/advisories/59192

secunia.com/advisories/59221

secunia.com/advisories/59284

secunia.com/advisories/59287

secunia.com/advisories/59300

secunia.com/advisories/59301

secunia.com/advisories/59306

secunia.com/advisories/59310

secunia.com/advisories/59342

secunia.com/advisories/59364

secunia.com/advisories/59365

secunia.com/advisories/59413

secunia.com/advisories/59429

secunia.com/advisories/59437

secunia.com/advisories/59441

secunia.com/advisories/59449

secunia.com/advisories/59450

secunia.com/advisories/59451

secunia.com/advisories/59454

secunia.com/advisories/59460

secunia.com/advisories/59490

secunia.com/advisories/59491

secunia.com/advisories/59495

secunia.com/advisories/59514

secunia.com/advisories/59518

secunia.com/advisories/59528

secunia.com/advisories/59655

secunia.com/advisories/59659

secunia.com/advisories/59666

secunia.com/advisories/59669

secunia.com/advisories/59721

secunia.com/advisories/59784

secunia.com/advisories/59895

secunia.com/advisories/59990

secunia.com/advisories/60571

secunia.com/advisories/60687

secunia.com/advisories/61254

security.gentoo.org/glsa/glsa-201407-05.xml

support.apple.com/kb/HT6443

support.citrix.com/article/CTX140876

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl

www-01.ibm.com/support/docview.wss?uid=isg400001841

www-01.ibm.com/support/docview.wss?uid=isg400001843

www-01.ibm.com/support/docview.wss?uid=nas8N1020163

www-01.ibm.com/support/docview.wss?uid=swg21673137

www-01.ibm.com/support/docview.wss?uid=swg21675821

www-01.ibm.com/support/docview.wss?uid=swg21676035

www-01.ibm.com/support/docview.wss?uid=swg21676062

www-01.ibm.com/support/docview.wss?uid=swg21676071

www-01.ibm.com/support/docview.wss?uid=swg21676419

www-01.ibm.com/support/docview.wss?uid=swg21676879

www-01.ibm.com/support/docview.wss?uid=swg21676889

www-01.ibm.com/support/docview.wss?uid=swg21677527

www-01.ibm.com/support/docview.wss?uid=swg21677695

www-01.ibm.com/support/docview.wss?uid=swg21677828

www-01.ibm.com/support/docview.wss?uid=swg21678167

www-01.ibm.com/support/docview.wss?uid=swg21678289

www-01.ibm.com/support/docview.wss?uid=swg21683332

www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754

www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755

www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756

www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757

www.blackberry.com/btsc/KB36051

www.fortiguard.com/advisory/FG-IR-14-018/

www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm

www.ibm.com/support/docview.wss?uid=swg21676226

www.ibm.com/support/docview.wss?uid=swg21676356

www.ibm.com/support/docview.wss?uid=swg21676793

www.ibm.com/support/docview.wss?uid=swg24037783

www.mandriva.com/security/advisories?name=MDVSA-2014:105

www.mandriva.com/security/advisories?name=MDVSA-2014:106

www.mandriva.com/security/advisories?name=MDVSA-2015:062

www.novell.com/support/kb/doc.php?id=7015264

www.novell.com/support/kb/doc.php?id=7015300

www.openssl.org/news/secadv_20140605.txt

www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

www.securityfocus.com/archive/1/534161/100/0/threaded

www.securityfocus.com/bid/67901

www.securitytracker.com/id/1030337

www.vmware.com/security/advisories/VMSA-2014-0006.html

www.vmware.com/security/advisories/VMSA-2014-0012.html

www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E

www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E

bugzilla.redhat.com/show_bug.cgi?id=1103593

git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=d3152655d5319ce883c8e3ac4b99f8de4c59d846

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946

kb.bluecoat.com/index?page=content&id=SA80

kc.mcafee.com/corporate/index?page=content&id=SB10075

www.novell.com/support/kb/doc.php?id=7015271

7.2 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.966 High

EPSS

Percentile

99.6%

JSON

CVE-2014-0221

References

Related