CVE - CVE-2014-3510

CVE-ID
CVE-2014-3510	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersuite.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MLIST:[syslog-ng-announce] 20140910 syslog-ng Premium Edition 5 LTS (5.0.6a) has been released URL:https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html CONFIRM:https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=17160033765480453be0a41335fa6b833691c049 CONFIRM:https://www.openssl.org/news/secadv_20140806.txt CONFIRM:http://linux.oracle.com/errata/ELSA-2014-1053.html CONFIRM:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21686997 CONFIRM:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21682293 CONFIRM:http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15568.html CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21683389 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1127503 CONFIRM:http://linux.oracle.com/errata/ELSA-2014-1052.html CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240 DEBIAN:DSA-2998 URL:http://www.debian.org/security/2014/dsa-2998 FEDORA:FEDORA-2014-9301 URL:http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html FEDORA:FEDORA-2014-9308 URL:http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html FREEBSD:FreeBSD-SA-14:18 URL:https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc GENTOO:GLSA-201412-39 URL:http://security.gentoo.org/glsa/glsa-201412-39.xml HP:HPSBOV03099 URL:http://marc.info/?l=bugtraq&m=141077370928502&w=2 HP:HPSBUX03095 URL:http://marc.info/?l=bugtraq&m=140853041709441&w=2 HP:SSRT101674 URL:http://marc.info/?l=bugtraq&m=140853041709441&w=2 HP:HPSBHF03293 URL:http://marc.info/?l=bugtraq&m=142660345230545&w=2 HP:SSRT101846 URL:http://marc.info/?l=bugtraq&m=142660345230545&w=2 MANDRIVA:MDVSA-2014:158 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:158 NETBSD:NetBSD-SA2014-008 URL:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc REDHAT:RHSA-2014:1256 URL:http://rhn.redhat.com/errata/RHSA-2014-1256.html REDHAT:RHSA-2014:1297 URL:http://rhn.redhat.com/errata/RHSA-2014-1297.html SUSE:openSUSE-SU-2014:1052 URL:http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html SUSE:openSUSE-SU-2016:0640 URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html BID:69082 URL:http://www.securityfocus.com/bid/69082 SECTRACK:1030693 URL:http://www.securitytracker.com/id/1030693 SECUNIA:59221 URL:http://secunia.com/advisories/59221 SECUNIA:60687 URL:http://secunia.com/advisories/60687 SECUNIA:60824 URL:http://secunia.com/advisories/60824 SECUNIA:60917 URL:http://secunia.com/advisories/60917 SECUNIA:60921 URL:http://secunia.com/advisories/60921 SECUNIA:60938 URL:http://secunia.com/advisories/60938 SECUNIA:61775 URL:http://secunia.com/advisories/61775 SECUNIA:61959 URL:http://secunia.com/advisories/61959 SECUNIA:59756 URL:http://secunia.com/advisories/59756 SECUNIA:60803 URL:http://secunia.com/advisories/60803 SECUNIA:61017 URL:http://secunia.com/advisories/61017 SECUNIA:61045 URL:http://secunia.com/advisories/61045 SECUNIA:61100 URL:http://secunia.com/advisories/61100 SECUNIA:61250 URL:http://secunia.com/advisories/61250 SECUNIA:61184 URL:http://secunia.com/advisories/61184 SECUNIA:59743 URL:http://secunia.com/advisories/59743 SECUNIA:60778 URL:http://secunia.com/advisories/60778 SECUNIA:58962 URL:http://secunia.com/advisories/58962 SECUNIA:59700 URL:http://secunia.com/advisories/59700 SECUNIA:59710 URL:http://secunia.com/advisories/59710 SECUNIA:60022 URL:http://secunia.com/advisories/60022 SECUNIA:60684 URL:http://secunia.com/advisories/60684 SECUNIA:60221 URL:http://secunia.com/advisories/60221 SECUNIA:60493 URL:http://secunia.com/advisories/60493 XF:openssl-cve20143510-dos(95164) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/95164
Assigning CNA
N/A
Date Entry Created
20140514	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20140514)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org