Back to search
CVE-2014-0195
Published: Jun 5, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
59342
third-party-advisory
x_refsource_SECUNIA
59669
third-party-advisory
x_refsource_SECUNIA
59530
third-party-advisory
x_refsource_SECUNIA
59990
third-party-advisory
x_refsource_SECUNIA
1030337
vdb-entry
x_refsource_SECTRACK
59454
third-party-advisory
x_refsource_SECUNIA
59188
third-party-advisory
x_refsource_SECUNIA
59126
third-party-advisory
x_refsource_SECUNIA
59306
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21678289
x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
x_refsource_CONFIRM
SSRT101846
vendor-advisory
x_refsource_HP
HPSBUX03046
vendor-advisory
x_refsource_HP
61254
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=1103598
x_refsource_CONFIRM
59223
third-party-advisory
x_refsource_SECUNIA
59895
third-party-advisory
x_refsource_SECUNIA
58743
third-party-advisory
x_refsource_SECUNIA
59449
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=isg400001843
x_refsource_CONFIRM
HPSBOV03047
vendor-advisory
x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg21676879
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21677828
x_refsource_CONFIRM
59441
third-party-advisory
x_refsource_SECUNIA
HPSBMU03074
vendor-advisory
x_refsource_HP
59189
third-party-advisory
x_refsource_SECUNIA
MDVSA-2014:106
vendor-advisory
x_refsource_MANDRIVA
59300
third-party-advisory
x_refsource_SECUNIA
GLSA-201407-05
vendor-advisory
x_refsource_GENTOO
HPSBHF03293
vendor-advisory
x_refsource_HP
http://www.ibm.com/support/docview.wss?uid=swg24037783
x_refsource_CONFIRM
59365
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21677695
x_refsource_CONFIRM
59305
third-party-advisory
x_refsource_SECUNIA
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
mailing-list
x_refsource_BUGTRAQ
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21676889
x_refsource_CONFIRM
FEDORA-2014-9308
vendor-advisory
x_refsource_FEDORA
58945
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=isg400001841
x_refsource_CONFIRM
58883
third-party-advisory
x_refsource_SECUNIA
59659
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2016:0640
vendor-advisory
x_refsource_SUSE
59429
third-party-advisory
x_refsource_SECUNIA
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
x_refsource_CONFIRM
59655
third-party-advisory
x_refsource_SECUNIA
58660
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21676071
x_refsource_CONFIRM
59437
third-party-advisory
x_refsource_SECUNIA
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754
x_refsource_CONFIRM
67900
vdb-entry
x_refsource_BID
http://www.vmware.com/security/advisories/VMSA-2014-0006.html
x_refsource_CONFIRM
59310
third-party-advisory
x_refsource_SECUNIA
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
x_refsource_CONFIRM
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc
x_refsource_CONFIRM
http://www.fortiguard.com/advisory/FG-IR-14-018/
x_refsource_CONFIRM
SUSE-SU-2015:0743
vendor-advisory
x_refsource_SUSE
http://www.ibm.com/support/docview.wss?uid=swg21676793
x_refsource_CONFIRM
http://www.ibm.com/support/docview.wss?uid=swg21676356
x_refsource_CONFIRM
HPSBMU03057
vendor-advisory
x_refsource_HP
http://support.citrix.com/article/CTX140876
x_refsource_CONFIRM
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757
x_refsource_CONFIRM
HPSBMU03069
vendor-advisory
x_refsource_HP
58939
third-party-advisory
x_refsource_SECUNIA
SSRT101590
vendor-advisory
x_refsource_HP
59514
third-party-advisory
x_refsource_SECUNIA
20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
vendor-advisory
x_refsource_CISCO
https://kc.mcafee.com/corporate/index?page=content&id=SB10075
x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21676419
x_refsource_CONFIRM
58714
third-party-advisory
x_refsource_SECUNIA
HPSBGN03050
vendor-advisory
x_refsource_HP
http://www.openssl.org/news/secadv_20140605.txt
x_refsource_CONFIRM
58615
third-party-advisory
x_refsource_SECUNIA
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15356.html
x_refsource_CONFIRM
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
mailing-list
x_refsource_FULLDISC
http://www-01.ibm.com/support/docview.wss?uid=swg21676644
x_refsource_CONFIRM
http://support.apple.com/kb/HT6443
x_refsource_CONFIRM
59587
third-party-advisory
x_refsource_SECUNIA
59301
third-party-advisory
x_refsource_SECUNIA
59784
third-party-advisory
x_refsource_SECUNIA
https://kb.bluecoat.com/index?page=content&id=SA80
x_refsource_CONFIRM
HPSBMU03076
vendor-advisory
x_refsource_HP
http://www.f-secure.com/en/web/labs_global/fsc-2014-6
x_refsource_CONFIRM
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21678167
x_refsource_CONFIRM
59192
third-party-advisory
x_refsource_SECUNIA
FEDORA-2014-9301
vendor-advisory
x_refsource_FEDORA
HPSBMU03062
vendor-advisory
x_refsource_HP
59040
third-party-advisory
x_refsource_SECUNIA
HPSBMU03056
vendor-advisory
x_refsource_HP
59175
third-party-advisory
x_refsource_SECUNIA
HPSBMU03051
vendor-advisory
x_refsource_HP
59666
third-party-advisory
x_refsource_SECUNIA
HPSBMU03055
vendor-advisory
x_refsource_HP
59413
third-party-advisory
x_refsource_SECUNIA
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21675821
x_refsource_CONFIRM
59721
third-party-advisory
x_refsource_SECUNIA
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21676062
x_refsource_CONFIRM
58713
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21673137
x_refsource_CONFIRM
MDVSA-2015:062
vendor-advisory
x_refsource_MANDRIVA
http://www-01.ibm.com/support/docview.wss?uid=swg21676035
x_refsource_CONFIRM
59450
third-party-advisory
x_refsource_SECUNIA
59287
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21683332
x_refsource_CONFIRM
59491
third-party-advisory
x_refsource_SECUNIA
59364
third-party-advisory
x_refsource_SECUNIA
59451
third-party-advisory
x_refsource_SECUNIA
58977
third-party-advisory
x_refsource_SECUNIA
https://www.novell.com/support/kb/doc.php?id=7015271
x_refsource_CONFIRM
60571
third-party-advisory
x_refsource_SECUNIA
http://www.blackberry.com/btsc/KB36051
x_refsource_CONFIRM
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21677527
x_refsource_CONFIRM
59528
third-party-advisory
x_refsource_SECUNIA
58337
third-party-advisory
x_refsource_SECUNIA
59518
third-party-advisory
x_refsource_SECUNIA
59162
third-party-advisory
x_refsource_SECUNIA
59490
third-party-advisory
x_refsource_SECUNIA
HPSBMU03065
vendor-advisory
x_refsource_HP
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now