Back to search
CVE-2014-0198
Published: May 6, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
59342
third-party-advisory
x_refsource_SECUNIA
59669
third-party-advisory
x_refsource_SECUNIA
59525
third-party-advisory
x_refsource_SECUNIA
59282
third-party-advisory
x_refsource_SECUNIA
59990
third-party-advisory
x_refsource_SECUNIA
59264
third-party-advisory
x_refsource_SECUNIA
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html
x_refsource_CONFIRM
59126
third-party-advisory
x_refsource_SECUNIA
67193
vdb-entry
x_refsource_BID
59306
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=1093837
x_refsource_CONFIRM
HPSBGN03068
vendor-advisory
x_refsource_HP
59190
third-party-advisory
x_refsource_SECUNIA
59529
third-party-advisory
x_refsource_SECUNIA
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
x_refsource_CONFIRM
61254
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21676655
x_refsource_CONFIRM
http://puppetlabs.com/security/cve/cve-2014-0198
x_refsource_CONFIRM
59449
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21676879
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21677828
x_refsource_CONFIRM
HPSBMU03074
vendor-advisory
x_refsource_HP
59300
third-party-advisory
x_refsource_SECUNIA
58667
third-party-advisory
x_refsource_SECUNIA
GLSA-201407-05
vendor-advisory
x_refsource_GENTOO
59284
third-party-advisory
x_refsource_SECUNIA
http://www.ibm.com/support/docview.wss?uid=swg24037783
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21677695
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21676529
x_refsource_CONFIRM
http://advisories.mageia.org/MGASA-2014-0204.html
x_refsource_CONFIRM
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
mailing-list
x_refsource_BUGTRAQ
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21676889
x_refsource_CONFIRM
FEDORA-2014-9308
vendor-advisory
x_refsource_FEDORA
58945
third-party-advisory
x_refsource_SECUNIA
[5.5] 005: RELIABILITY FIX: May 1, 2014
vendor-advisory
x_refsource_OPENBSD
59440
third-party-advisory
x_refsource_SECUNIA
https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321
x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
x_refsource_CONFIRM
59655
third-party-advisory
x_refsource_SECUNIA
59163
third-party-advisory
x_refsource_SECUNIA
DSA-2931
vendor-advisory
x_refsource_DEBIAN
http://www-01.ibm.com/support/docview.wss?uid=swg21677836
x_refsource_CONFIRM
59437
third-party-advisory
x_refsource_SECUNIA
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754
x_refsource_CONFIRM
59374
third-party-advisory
x_refsource_SECUNIA
http://www.vmware.com/security/advisories/VMSA-2014-0006.html
x_refsource_CONFIRM
59310
third-party-advisory
x_refsource_SECUNIA
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
x_refsource_CONFIRM
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc
x_refsource_CONFIRM
http://www.fortiguard.com/advisory/FG-IR-14-018/
x_refsource_CONFIRM
SUSE-SU-2015:0743
vendor-advisory
x_refsource_SUSE
http://www.ibm.com/support/docview.wss?uid=swg21676356
x_refsource_CONFIRM
HPSBMU03057
vendor-advisory
x_refsource_HP
http://support.citrix.com/article/CTX140876
x_refsource_CONFIRM
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757
x_refsource_CONFIRM
58939
third-party-advisory
x_refsource_SECUNIA
59514
third-party-advisory
x_refsource_SECUNIA
20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
vendor-advisory
x_refsource_CISCO
http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195
x_refsource_CONFIRM
https://kc.mcafee.com/corporate/index?page=content&id=SB10075
x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21676419
x_refsource_CONFIRM
59438
third-party-advisory
x_refsource_SECUNIA
58714
third-party-advisory
x_refsource_SECUNIA
HPSBHF03052
vendor-advisory
x_refsource_HP
http://www.openssl.org/news/secadv_20140605.txt
x_refsource_CONFIRM
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
mailing-list
x_refsource_FULLDISC
60066
third-party-advisory
x_refsource_SECUNIA
59301
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2014:0634
vendor-advisory
x_refsource_SUSE
59784
third-party-advisory
x_refsource_SECUNIA
https://kb.bluecoat.com/index?page=content&id=SA80
x_refsource_CONFIRM
HPSBMU03076
vendor-advisory
x_refsource_HP
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21678167
x_refsource_CONFIRM
FEDORA-2014-9301
vendor-advisory
x_refsource_FEDORA
HPSBMU03062
vendor-advisory
x_refsource_HP
MDVSA-2014:080
vendor-advisory
x_refsource_MANDRIVA
HPSBMU03056
vendor-advisory
x_refsource_HP
HPSBMU03051
vendor-advisory
x_refsource_HP
59666
third-party-advisory
x_refsource_SECUNIA
HPSBMU03055
vendor-advisory
x_refsource_HP
59413
third-party-advisory
x_refsource_SECUNIA
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
x_refsource_CONFIRM
59721
third-party-advisory
x_refsource_SECUNIA
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21676062
x_refsource_CONFIRM
58713
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21673137
x_refsource_CONFIRM
MDVSA-2015:062
vendor-advisory
x_refsource_MANDRIVA
http://www-01.ibm.com/support/docview.wss?uid=swg21676035
x_refsource_CONFIRM
59450
third-party-advisory
x_refsource_SECUNIA
59287
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21683332
x_refsource_CONFIRM
59491
third-party-advisory
x_refsource_SECUNIA
58977
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2014:0635
vendor-advisory
x_refsource_SUSE
https://www.novell.com/support/kb/doc.php?id=7015271
x_refsource_CONFIRM
60571
third-party-advisory
x_refsource_SECUNIA
http://www.blackberry.com/btsc/KB36051
x_refsource_CONFIRM
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21677527
x_refsource_CONFIRM
59202
third-party-advisory
x_refsource_SECUNIA
58337
third-party-advisory
x_refsource_SECUNIA
59162
third-party-advisory
x_refsource_SECUNIA
59398
third-party-advisory
x_refsource_SECUNIA
59490
third-party-advisory
x_refsource_SECUNIA
60049
third-party-advisory
x_refsource_SECUNIA
https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now