Lucene search

PRIOn knowledge basePRION:CVE-2014-3470

HistoryJun 05, 2014 - 9:55 p.m.

Null pointer dereference

2014-06-0521:55:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.971 High

EPSS

Percentile

99.8%

JSON

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.

CPENameOperatorVersion
fedoraeq20
fedoraeq19
mariadbge10.0.0
mariadblt10.0.13
opensslge1.0.0
openssllt1.0.0
opensslge1.0.1
openssllt1.0.1
openssleq< 0.9.8za
leapeq42.1

Name	Operator	Version
fedora	eq	20
fedora	eq	19
mariadb	ge	10.0.0
mariadb	lt	10.0.13
openssl	ge	1.0.0
openssl	lt	1.0.0
openssl	ge	1.0.1
openssl	lt	1.0.1
openssl	eq	< 0.9.8za
leap	eq	42.1

Rows per page:

1-10 of 181

References

aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc

kb.juniper.net/InfoCenter/index?page=content&id=JSA10629

kb.juniper.net/InfoCenter/index?page=content&id=KB29195

lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html

seclists.org/fulldisclosure/2014/Dec/23

secunia.com/advisories/58337

secunia.com/advisories/58579

secunia.com/advisories/58615

secunia.com/advisories/58667

secunia.com/advisories/58713

secunia.com/advisories/58714

secunia.com/advisories/58716

secunia.com/advisories/58742

secunia.com/advisories/58797

secunia.com/advisories/58939

secunia.com/advisories/58945

secunia.com/advisories/58977

secunia.com/advisories/59120

secunia.com/advisories/59126

secunia.com/advisories/59162

secunia.com/advisories/59167

secunia.com/advisories/59175

secunia.com/advisories/59189

secunia.com/advisories/59191

secunia.com/advisories/59192

secunia.com/advisories/59223

secunia.com/advisories/59264

secunia.com/advisories/59282

secunia.com/advisories/59284

secunia.com/advisories/59287

secunia.com/advisories/59300

secunia.com/advisories/59301

secunia.com/advisories/59306

secunia.com/advisories/59310

secunia.com/advisories/59340

secunia.com/advisories/59342

secunia.com/advisories/59362

secunia.com/advisories/59364

secunia.com/advisories/59365

secunia.com/advisories/59413

secunia.com/advisories/59431

secunia.com/advisories/59437

secunia.com/advisories/59438

secunia.com/advisories/59440

secunia.com/advisories/59441

secunia.com/advisories/59442

secunia.com/advisories/59445

secunia.com/advisories/59449

secunia.com/advisories/59450

secunia.com/advisories/59451

secunia.com/advisories/59459

secunia.com/advisories/59460

secunia.com/advisories/59483

secunia.com/advisories/59490

secunia.com/advisories/59491

secunia.com/advisories/59495

secunia.com/advisories/59514

secunia.com/advisories/59518

secunia.com/advisories/59525

secunia.com/advisories/59655

secunia.com/advisories/59659

secunia.com/advisories/59666

secunia.com/advisories/59669

secunia.com/advisories/59721

secunia.com/advisories/59784

secunia.com/advisories/59895

secunia.com/advisories/59916

secunia.com/advisories/59990

secunia.com/advisories/60571

secunia.com/advisories/61254

security.gentoo.org/glsa/glsa-201407-05.xml

support.apple.com/kb/HT6443

support.citrix.com/article/CTX140876

support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl

www-01.ibm.com/support/docview.wss?uid=isg400001841

www-01.ibm.com/support/docview.wss?uid=isg400001843

www-01.ibm.com/support/docview.wss?uid=nas8N1020163

www-01.ibm.com/support/docview.wss?uid=swg21673137

www-01.ibm.com/support/docview.wss?uid=swg21675626

www-01.ibm.com/support/docview.wss?uid=swg21675821

www-01.ibm.com/support/docview.wss?uid=swg21676035

www-01.ibm.com/support/docview.wss?uid=swg21676062

www-01.ibm.com/support/docview.wss?uid=swg21676071

www-01.ibm.com/support/docview.wss?uid=swg21676419

www-01.ibm.com/support/docview.wss?uid=swg21676496

www-01.ibm.com/support/docview.wss?uid=swg21676501

www-01.ibm.com/support/docview.wss?uid=swg21676529

www-01.ibm.com/support/docview.wss?uid=swg21676615

www-01.ibm.com/support/docview.wss?uid=swg21676655

www-01.ibm.com/support/docview.wss?uid=swg21676879

www-01.ibm.com/support/docview.wss?uid=swg21676889

www-01.ibm.com/support/docview.wss?uid=swg21677527

www-01.ibm.com/support/docview.wss?uid=swg21677695

www-01.ibm.com/support/docview.wss?uid=swg21677828

www-01.ibm.com/support/docview.wss?uid=swg21677836

www-01.ibm.com/support/docview.wss?uid=swg21678167

www-01.ibm.com/support/docview.wss?uid=swg21678289

www-01.ibm.com/support/docview.wss?uid=swg21683332

www-01.ibm.com/support/docview.wss?uid=swg24037761

www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754

www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755

www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756

www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757

www.blackberry.com/btsc/KB36051

www.f-secure.com/en/web/labs_global/fsc-2014-6

www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm

www.ibm.com/support/docview.wss?uid=swg21676356

www.ibm.com/support/docview.wss?uid=swg21676793

www.ibm.com/support/docview.wss?uid=swg24037783

www.mandriva.com/security/advisories?name=MDVSA-2014:105

www.mandriva.com/security/advisories?name=MDVSA-2014:106

www.mandriva.com/security/advisories?name=MDVSA-2015:062

www.novell.com/support/kb/doc.php?id=7015264

www.novell.com/support/kb/doc.php?id=7015300

www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

www.securityfocus.com/archive/1/534161/100/0/threaded

www.securityfocus.com/bid/67898

www.splunk.com/view/SP-CAAAM2D

www.vmware.com/security/advisories/VMSA-2014-0006.html

www.vmware.com/security/advisories/VMSA-2014-0012.html

www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E

www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E

bugzilla.redhat.com/show_bug.cgi?id=1103600

cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf

git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=8011cd56e39a433b1837465259a9bd24a38727fb

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946

kb.bluecoat.com/index?page=content&id=SA80

kc.mcafee.com/corporate/index?page=content&id=SB10075

lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html

lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html

marc.info/?l=bugtraq&m=140266410314613&w=2

marc.info/?l=bugtraq&m=140317760000786&w=2

marc.info/?l=bugtraq&m=140389274407904&w=2

marc.info/?l=bugtraq&m=140389355508263&w=2

marc.info/?l=bugtraq&m=140431828824371&w=2

marc.info/?l=bugtraq&m=140448122410568&w=2

marc.info/?l=bugtraq&m=140482916501310&w=2

marc.info/?l=bugtraq&m=140491231331543&w=2

marc.info/?l=bugtraq&m=140499827729550&w=2

marc.info/?l=bugtraq&m=140621259019789&w=2

marc.info/?l=bugtraq&m=140752315422991&w=2

marc.info/?l=bugtraq&m=140904544427729&w=2

www.novell.com/support/kb/doc.php?id=7015271

www.openssl.org/news/secadv_20140605.txt

7.1 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.971 High

EPSS

Percentile

99.8%

JSON

Null pointer dereference

References

Related