Lucene search

PRIOn knowledge basePRION:CVE-2014-3513

HistoryOct 19, 2014 - 1:55 a.m.

Memory corruption

2014-10-1901:55:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.862 High

EPSS

Percentile

98.5%

JSON

Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.

CPENameOperatorVersion
openssleq1.0.1 beta2
openssleq1.0.1104
openssleq1.0.199
openssleq1.0.1103
openssleq1.0.1 beta3
openssleq1.0.197
openssleq1.0.1 beta1
openssleq1.0.1100
openssleq1.0.198
openssleq1.0.1101

Name	Operator	Version
openssl	eq	1.0.1 beta2
openssl	eq	1.0.1104
openssl	eq	1.0.199
openssl	eq	1.0.1103
openssl	eq	1.0.1 beta3
openssl	eq	1.0.197
openssl	eq	1.0.1 beta1
openssl	eq	1.0.1100
openssl	eq	1.0.198
openssl	eq	1.0.1101

Rows per page:

1-10 of 131

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc

advisories.mageia.org/MGASA-2014-0416.html

aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc

lists.apple.com/archives/security-announce/2015/Sep/msg00002.html

lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html

lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html

rhn.redhat.com/errata/RHSA-2014-1652.html

rhn.redhat.com/errata/RHSA-2014-1692.html

secunia.com/advisories/59627

secunia.com/advisories/61058

secunia.com/advisories/61073

secunia.com/advisories/61207

secunia.com/advisories/61298

secunia.com/advisories/61439

secunia.com/advisories/61837

secunia.com/advisories/61959

secunia.com/advisories/61990

secunia.com/advisories/62070

security.gentoo.org/glsa/glsa-201412-39.xml

www-01.ibm.com/support/docview.wss?uid=swg21686997

www.debian.org/security/2014/dsa-3053

www.mandriva.com/security/advisories?name=MDVSA-2015:062

www.securityfocus.com/bid/70584

www.securitytracker.com/id/1031052

www.ubuntu.com/usn/USN-2385-1

blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6

git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2b0532f3984324ebe1236a63d15893792384328d

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380

kc.mcafee.com/corporate/index?page=content&id=SB10091

marc.info/?l=bugtraq&m=142118135300698&w=2

marc.info/?l=bugtraq&m=142495837901899&w=2

marc.info/?l=bugtraq&m=142624590206005&w=2

marc.info/?l=bugtraq&m=142791032306609&w=2

marc.info/?l=bugtraq&m=142804214608580&w=2

marc.info/?l=bugtraq&m=142834685803386&w=2

marc.info/?l=bugtraq&m=143290437727362&w=2

marc.info/?l=bugtraq&m=143290522027658&w=2

marc.info/?l=bugtraq&m=143290583027876&w=2

support.apple.com/HT205217

support.f5.com/kb/en-us/solutions/public/15000/700/sol15722.html

www.openssl.org/news/secadv_20141015.txt

6.8 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.862 High

EPSS

Percentile

98.5%

JSON

Memory corruption

References

Related