CVE - CVE-2010-0740

CVE-ID
CVE-2010-0740	Learn more at National Vulnerability Database (NVD) • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX URL:http://www.securityfocus.com/archive/1/archive/1/516397/100/0/threaded MLIST:[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released URL:https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html MLIST:[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released URL:https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html CONFIRM:http://www.openssl.org/news/secadv_20100324.txt CONFIRM:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc CONFIRM:https://kb.bluecoat.com/index?page=content&id=SA50 CONFIRM:http://www.vmware.com/security/advisories/VMSA-2011-0003.html CONFIRM:http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html CONFIRM:http://support.apple.com/kb/HT4723 APPLE:APPLE-SA-2011-06-23-1 URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html FEDORA:FEDORA-2010-5744 URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html HP:HPSBUX02517 URL:http://marc.info/?l=bugtraq&m=127128920008563&w=2 HP:HPSBUX02531 URL:http://marc.info/?l=bugtraq&m=127557640302499&w=2 HP:SSRT100058 URL:http://marc.info/?l=bugtraq&m=127128920008563&w=2 HP:SSRT100108 URL:http://marc.info/?l=bugtraq&m=127557640302499&w=2 MANDRIVA:MDVSA-2010:076 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:076 OVAL:oval:org.mitre.oval:def:11731 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11731 SECTRACK:1023748 URL:http://www.securitytracker.com/id?1023748 SECUNIA:39932 URL:http://secunia.com/advisories/39932 SECUNIA:42724 URL:http://secunia.com/advisories/42724 SECUNIA:42733 URL:http://secunia.com/advisories/42733 SECUNIA:43311 URL:http://secunia.com/advisories/43311 VUPEN:ADV-2010-0710 URL:http://www.vupen.com/english/advisories/2010/0710 VUPEN:ADV-2010-0839 URL:http://www.vupen.com/english/advisories/2010/0839 VUPEN:ADV-2010-0933 URL:http://www.vupen.com/english/advisories/2010/0933 VUPEN:ADV-2010-1216 URL:http://www.vupen.com/english/advisories/2010/1216
Assigning CNA
N/A
Date Entry Created
20100226	Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20100226)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE list, which standardizes names for security problems.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org