Lucene search

K

[email protected]CVE-2014-3512

HistoryAug 13, 2014 - 11:55 p.m.

CVE-2014-3512

2014-08-1323:55:00

CWE-119

[email protected]

web.nvd.nist.gov

89

cve

buffer overflow

openssl

srp

denial of service

nvd

4.9 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.926 High

EPSS

Percentile

99.0%

Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.

CPENameOperatorVersion
openssl:opensslopenssleq1.0.1
openssl:opensslopenssleq1.0.0c
openssl:opensslopenssleq1.0.0i
openssl:opensslopenssleq1.0.0
openssl:opensslopenssleq1.0.1h
openssl:opensslopenssleq1.0.0m
openssl:opensslopenssleq1.0.1c
openssl:opensslopenssleq1.0.1g
openssl:opensslopenssleq1.0.0h
openssl:opensslopenssleq1.0.0e

Rows per page:

1-10 of 231

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc

aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc

lists.opensuse.org/opensuse-updates/2014-08/msg00036.html

marc.info/?l=bugtraq&m=142660345230545&w=2

secunia.com/advisories/59700

secunia.com/advisories/59710

secunia.com/advisories/59756

secunia.com/advisories/60022

secunia.com/advisories/60221

secunia.com/advisories/60493

secunia.com/advisories/60803

secunia.com/advisories/60810

secunia.com/advisories/60917

secunia.com/advisories/60921

secunia.com/advisories/61017

secunia.com/advisories/61100

secunia.com/advisories/61171

secunia.com/advisories/61184

secunia.com/advisories/61775

secunia.com/advisories/61959

security.gentoo.org/glsa/glsa-201412-39.xml

support.f5.com/kb/en-us/solutions/public/15000/500/sol15565.html

www-01.ibm.com/support/docview.wss?uid=nas8N1020240

www-01.ibm.com/support/docview.wss?uid=swg21682293

www-01.ibm.com/support/docview.wss?uid=swg21683389

www-01.ibm.com/support/docview.wss?uid=swg21686997

www.debian.org/security/2014/dsa-2998

www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm

www.securityfocus.com/bid/69083

www.securitytracker.com/id/1030693

www.tenable.com/security/tns-2014-06

exchange.xforce.ibmcloud.com/vulnerabilities/95158

git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=4a23b12a031860253b58d503f296377ca076427b

lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html

www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc

www.openssl.org/news/secadv_20140806.txt

4.9 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.926 High

EPSS

Percentile

99.0%