CVE - CVE-2007-5135

CVE-ID
CVE-2007-5135	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20070927 OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow URL:http://www.securityfocus.com/archive/1/480855/100/0/threaded BUGTRAQ:20071004 Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow URL:http://www.securityfocus.com/archive/1/481506/100/0/threaded BUGTRAQ:20071003 FLEA-2007-0058-1 openssl openssl-scripts URL:http://www.securityfocus.com/archive/1/481488/100/0/threaded BUGTRAQ:20071001 Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow URL:http://www.securityfocus.com/archive/1/481217/100/0/threaded BUGTRAQ:20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages URL:http://www.securityfocus.com/archive/1/485936/100/0/threaded BUGTRAQ:20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages URL:http://www.securityfocus.com/archive/1/486859/100/0/threaded MLIST:[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages URL:http://lists.vmware.com/pipermail/security-announce/2008/000002.html MISC:https://bugs.gentoo.org/show_bug.cgi?id=194039 CONFIRM:http://www.openssl.org/news/secadv_20071012.txt CONFIRM:https://issues.rpath.com/browse/RPL-1769 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm CONFIRM:http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4037 CONFIRM:http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4038 CONFIRM:http://www.vmware.com/security/advisories/VMSA-2008-0001.html CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0241 CONFIRM:https://issues.rpath.com/browse/RPL-1770 CONFIRM:http://www.vmware.com/security/advisories/VMSA-2008-0013.html APPLE:APPLE-SA-2008-07-31 URL:http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html DEBIAN:DSA-1379 URL:http://www.debian.org/security/2007/dsa-1379 FEDORA:FEDORA-2007-725 URL:https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00218.html FREEBSD:FreeBSD-SA-07:08 URL:http://security.freebsd.org/advisories/FreeBSD-SA-07:08.openssl.asc GENTOO:GLSA-200710-06 URL:http://security.gentoo.org/glsa/glsa-200710-06.xml GENTOO:GLSA-200805-07 URL:http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml HP:HPSBUX02292 URL:http://www.securityfocus.com/archive/1/484353/100/0/threaded HP:SSRT071499 URL:http://www.securityfocus.com/archive/1/484353/100/0/threaded MANDRIVA:MDKSA-2007:193 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:193 NETBSD:NetBSD-SA2008-007 URL:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc OPENBSD:[4.0] 017: SECURITY FIX: October 10, 2007 URL:http://www.openbsd.org/errata40.html OPENBSD:[4.1] 011: SECURITY FIX: October 10, 2007 URL:http://www.openbsd.org/errata41.html OPENBSD:[4.2] 002: SECURITY FIX: October 10, 2007 URL:http://www.openbsd.org/errata42.html REDHAT:RHSA-2007:0964 URL:http://www.redhat.com/support/errata/RHSA-2007-0964.html REDHAT:RHSA-2007:0813 URL:http://www.redhat.com/support/errata/RHSA-2007-0813.html REDHAT:RHSA-2007:1003 URL:http://www.redhat.com/support/errata/RHSA-2007-1003.html SUNALERT:103130 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-103130-1 SUNALERT:200858 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-66-200858-1 SUSE:SUSE-SR:2007:020 URL:http://www.novell.com/linux/security/advisories/2007_20_sr.html SUSE:SUSE-SR:2008:005 URL:http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html UBUNTU:USN-522-1 URL:https://usn.ubuntu.com/522-1/ BID:25831 URL:http://www.securityfocus.com/bid/25831 OVAL:oval:org.mitre.oval:def:10904 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10904 VUPEN:ADV-2007-3625 URL:http://www.vupen.com/english/advisories/2007/3625 VUPEN:ADV-2007-3325 URL:http://www.vupen.com/english/advisories/2007/3325 VUPEN:ADV-2007-4042 URL:http://www.vupen.com/english/advisories/2007/4042 VUPEN:ADV-2007-4144 URL:http://www.vupen.com/english/advisories/2007/4144 VUPEN:ADV-2008-0064 URL:http://www.vupen.com/english/advisories/2008/0064 VUPEN:ADV-2008-2268 URL:http://www.vupen.com/english/advisories/2008/2268 VUPEN:ADV-2008-2361 URL:http://www.vupen.com/english/advisories/2008/2361 VUPEN:ADV-2008-2362 URL:http://www.vupen.com/english/advisories/2008/2362 OVAL:oval:org.mitre.oval:def:5337 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5337 SECTRACK:1018755 URL:http://www.securitytracker.com/id?1018755 SECUNIA:27021 URL:http://secunia.com/advisories/27021 SECUNIA:22130 URL:http://secunia.com/advisories/22130 SECUNIA:27012 URL:http://secunia.com/advisories/27012 SECUNIA:27051 URL:http://secunia.com/advisories/27051 SECUNIA:27097 URL:http://secunia.com/advisories/27097 SECUNIA:27078 URL:http://secunia.com/advisories/27078 SECUNIA:27186 URL:http://secunia.com/advisories/27186 SECUNIA:27205 URL:http://secunia.com/advisories/27205 SECUNIA:27217 URL:http://secunia.com/advisories/27217 SECUNIA:27330 URL:http://secunia.com/advisories/27330 SECUNIA:27394 URL:http://secunia.com/advisories/27394 SECUNIA:27229 URL:http://secunia.com/advisories/27229 SECUNIA:27031 URL:http://secunia.com/advisories/27031 SECUNIA:27870 URL:http://secunia.com/advisories/27870 SECUNIA:27851 URL:http://secunia.com/advisories/27851 SECUNIA:27961 URL:http://secunia.com/advisories/27961 SECUNIA:28368 URL:http://secunia.com/advisories/28368 SECUNIA:29242 URL:http://secunia.com/advisories/29242 SECUNIA:30124 URL:http://secunia.com/advisories/30124 SECUNIA:30161 URL:http://secunia.com/advisories/30161 SECUNIA:31326 URL:http://secunia.com/advisories/31326 SECUNIA:31308 URL:http://secunia.com/advisories/31308 SECUNIA:31467 URL:http://secunia.com/advisories/31467 SECUNIA:31489 URL:http://secunia.com/advisories/31489 SREASON:3179 URL:http://securityreason.com/securityalert/3179 XF:openssl-sslgetshared-bo(36837) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/36837
Assigning CNA
N/A
Date Entry Created
20070927	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070927)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org