Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2007-5135 First vendor Publication 2007-09-27
Vendor Cve Last vendor Modification 2018-10-15

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10904
 
Oval ID: oval:org.mitre.oval:def:10904
Title: Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.
Description: Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.
Family: unix Class: vulnerability
Reference(s): CVE-2007-5135
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17415
 
Oval ID: oval:org.mitre.oval:def:17415
Title: USN-522-1 -- openssl vulnerabilities
Description: It was discovered that OpenSSL did not correctly perform Montgomery multiplications.
Family: unix Class: patch
Reference(s): USN-522-1
CVE-2007-3108
CVE-2007-5135
Version: 7
Platform(s): Ubuntu 6.06
Ubuntu 6.10
Ubuntu 7.04
Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18654
 
Oval ID: oval:org.mitre.oval:def:18654
Title: DSA-1379-1 openssl - arbitrary code execution
Description: An off-by-one error has been identified in the SSL_get_shared_ciphers() routine in the libssl library from OpenSSL, an implementation of Secure Socket Layer cryptographic libraries and utilities. This error could allow an attacker to crash an application making use of OpenSSL's libssl library, or potentially execute arbitrary code in the security context of the user running such an application.
Family: unix Class: patch
Reference(s): DSA-1379-1
CVE-2007-5135
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): openssl
openssl097
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22488
 
Oval ID: oval:org.mitre.oval:def:22488
Title: ELSA-2007:0964: openssl security update (Important)
Description: Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.
Family: unix Class: patch
Reference(s): ELSA-2007:0964-02
CVE-2007-3108
CVE-2007-4995
CVE-2007-5135
Version: 17
Platform(s): Oracle Linux 5
Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5337
 
Oval ID: oval:org.mitre.oval:def:5337
Title: Security Vulnerability in Solaris 10 OpenSSL SSL_get_shared_ciphers() Function
Description: Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.
Family: unix Class: vulnerability
Reference(s): CVE-2007-5135
Version: 1
Platform(s): Sun Solaris 10
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 26

OpenVAS Exploits

Date Description
2010-05-12 Name : Mac OS X Security Update 2008-005
File : nvt/macosx_secupd_2008-005.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13 Name : SLES10: Security update for compat-openssl097g
File : nvt/sles10_compat-openssl01.nasl
2009-10-10 Name : SLES9: Security update for OpenSSL
File : nvt/sles9p5019012.nasl
2009-06-03 Name : Solaris Update for kernel 127127-11
File : nvt/gb_solaris_127127_11.nasl
2009-06-03 Name : Solaris Update for kernel 127128-11
File : nvt/gb_solaris_127128_11.nasl
2009-05-05 Name : HP-UX Update for Apache HPSBUX02292
File : nvt/gb_hp_ux_HPSBUX02292.nasl
2009-04-09 Name : Mandriva Update for openssl MDKSA-2007:193 (openssl)
File : nvt/gb_mandriva_MDKSA_2007_193.nasl
2009-03-23 Name : Ubuntu Update for openssl vulnerabilities USN-522-1
File : nvt/gb_ubuntu_USN_522_1.nasl
2009-02-27 Name : Fedora Update for openssl FEDORA-2007-2530
File : nvt/gb_fedora_2007_2530_openssl_fc7.nasl
2009-02-27 Name : Fedora Update for openssl FEDORA-2007-725
File : nvt/gb_fedora_2007_725_openssl_fc6.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200710-06 (openssl)
File : nvt/glsa_200710_06.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200805-07 (ltsp)
File : nvt/glsa_200805_07.nasl
2008-09-04 Name : FreeBSD Security Advisory (FreeBSD-SA-07:08.openssl.asc)
File : nvt/freebsdsa_openssl5.nasl
2008-01-17 Name : Debian Security Advisory DSA 1379-1 (openssl)
File : nvt/deb_1379_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1379-2 (openssl097, openssl096)
File : nvt/deb_1379_2.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
29262 OpenSSL SSL_get_shared_ciphers Function Unspecified Remote Overflow

A remote overflow exists in OpenSSL. OpenSSL contains an unspecified issue in the SSL_get_shared_ciphers function. With a specially crafted request, an attacker can cause an unspecified impact.

Snort® IPS/IDS

Date Description
2014-01-10 SSLv2 openssl get shared ciphers overflow attempt
RuleID : 8440 - Revision : 11 - Type : IMAP
2014-01-10 SSLv3 openssl get shared ciphers overflow attempt
RuleID : 8439 - Revision : 16 - Type : IMAP
2014-01-10 SSLv2 openssl get shared ciphers overflow attempt
RuleID : 8438 - Revision : 16 - Type : IMAP
2014-01-10 SSLv2 openssl get shared ciphers overflow attempt
RuleID : 8437 - Revision : 15 - Type : SMTP
2014-01-10 SSLv2 openssl get shared ciphers overflow attempt
RuleID : 8436 - Revision : 14 - Type : SMTP
2014-01-10 SSLv3 openssl get shared ciphers overflow attempt
RuleID : 8435 - Revision : 16 - Type : SMTP
2014-01-10 SSLv3 openssl get shared ciphers overflow attempt
RuleID : 8434 - Revision : 16 - Type : SMTP
2014-01-10 SSLv2 openssl get shared ciphers overflow attempt
RuleID : 8433 - Revision : 15 - Type : SMTP
2014-01-10 SSLv2 openssl get shared ciphers overflow attempt
RuleID : 8432 - Revision : 15 - Type : SMTP
2014-01-10 SSLv2 openssl get shared ciphers overflow attempt
RuleID : 8431 - Revision : 14 - Type : POP3
2014-01-10 SSLv3 openssl get shared ciphers overflow attempt
RuleID : 8430 - Revision : 15 - Type : POP3
2014-01-10 SSLv2 openssl get shared ciphers overflow attempt
RuleID : 8429 - Revision : 14 - Type : POP3
2014-01-10 SSLv2 openssl get shared ciphers overflow attempt
RuleID : 8428 - Revision : 21 - Type : SERVER-OTHER
2014-01-10 SSLv2 openssl get shared ciphers overflow attempt
RuleID : 8427 - Revision : 18 - Type : MISC
2014-01-10 SSLv3 openssl get shared ciphers overflow attempt
RuleID : 8426 - Revision : 20 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2015-09-18 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL8106.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-11.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0964.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0813.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-1003.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20071115_openssl_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20071022_openssl_on_SL3.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20071012_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-01-04 Name : The remote server is affected by an unspecified buffer overflow vulnerability.
File : openssl_0_9_7m_0_9_8e.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0964.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_11843.nasl - Type : ACT_GATHER_INFO
2009-07-27 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2008-0001.nasl - Type : ACT_GATHER_INFO
2009-07-27 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2008-0013.nasl - Type : ACT_GATHER_INFO
2008-08-01 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2008-005.nasl - Type : ACT_GATHER_INFO
2008-05-11 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200805-07.nasl - Type : ACT_GATHER_INFO
2008-03-07 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_compat-openssl097g-5055.nasl - Type : ACT_GATHER_INFO
2008-03-07 Name : The remote openSUSE host is missing a security update.
File : suse_compat-openssl097g-5054.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_openssl-4477.nasl - Type : ACT_GATHER_INFO
2007-11-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-1003.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-522-1.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-353-1.nasl - Type : ACT_GATHER_INFO
2007-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2007-2530.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0813.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0813.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_libopenssl-devel-4476.nasl - Type : ACT_GATHER_INFO
2007-10-16 Name : The remote Fedora Core host is missing a security update.
File : fedora_2007-725.nasl - Type : ACT_GATHER_INFO
2007-10-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0964.nasl - Type : ACT_GATHER_INFO
2007-10-09 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200710-06.nasl - Type : ACT_GATHER_INFO
2007-10-09 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-193.nasl - Type : ACT_GATHER_INFO
2007-10-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1379.nasl - Type : ACT_GATHER_INFO
2007-02-18 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2006-178.nasl - Type : ACT_GATHER_INFO
2007-02-18 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2006-172.nasl - Type : ACT_GATHER_INFO
2007-02-18 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2006-177.nasl - Type : ACT_GATHER_INFO
2004-07-12 Name : The remote host is missing Sun Security Patch number 114568-29
File : solaris9_x86_114568.nasl - Type : ACT_GATHER_INFO
2004-07-12 Name : The remote host is missing Sun Security Patch number 113713-30
File : solaris9_113713.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
APPLE http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
BID http://www.securityfocus.com/bid/25831
BUGTRAQ http://www.securityfocus.com/archive/1/480855/100/0/threaded
http://www.securityfocus.com/archive/1/481217/100/0/threaded
http://www.securityfocus.com/archive/1/481488/100/0/threaded
http://www.securityfocus.com/archive/1/481506/100/0/threaded
http://www.securityfocus.com/archive/1/485936/100/0/threaded
http://www.securityfocus.com/archive/1/486859/100/0/threaded
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0241
http://www.openssl.org/news/secadv_20071012.txt
http://www.vmware.com/security/advisories/VMSA-2008-0001.html
http://www.vmware.com/security/advisories/VMSA-2008-0013.html
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&I...
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&I...
https://issues.rpath.com/browse/RPL-1769
https://issues.rpath.com/browse/RPL-1770
DEBIAN http://www.debian.org/security/2007/dsa-1379
FEDORA https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00218...
FREEBSD http://security.freebsd.org/advisories/FreeBSD-SA-07:08.openssl.asc
GENTOO http://security.gentoo.org/glsa/glsa-200710-06.xml
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
HP http://www.securityfocus.com/archive/1/484353/100/0/threaded
MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:193
MISC https://bugs.gentoo.org/show_bug.cgi?id=194039
MLIST http://lists.vmware.com/pipermail/security-announce/2008/000002.html
NETBSD ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc
OPENBSD http://www.openbsd.org/errata40.html
http://www.openbsd.org/errata41.html
http://www.openbsd.org/errata42.html
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT http://www.redhat.com/support/errata/RHSA-2007-0813.html
http://www.redhat.com/support/errata/RHSA-2007-0964.html
http://www.redhat.com/support/errata/RHSA-2007-1003.html
SECTRACK http://www.securitytracker.com/id?1018755
SECUNIA http://secunia.com/advisories/22130
http://secunia.com/advisories/27012
http://secunia.com/advisories/27021
http://secunia.com/advisories/27031
http://secunia.com/advisories/27051
http://secunia.com/advisories/27078
http://secunia.com/advisories/27097
http://secunia.com/advisories/27186
http://secunia.com/advisories/27205
http://secunia.com/advisories/27217
http://secunia.com/advisories/27229
http://secunia.com/advisories/27330
http://secunia.com/advisories/27394
http://secunia.com/advisories/27851
http://secunia.com/advisories/27870
http://secunia.com/advisories/27961
http://secunia.com/advisories/28368
http://secunia.com/advisories/29242
http://secunia.com/advisories/30124
http://secunia.com/advisories/30161
http://secunia.com/advisories/31308
http://secunia.com/advisories/31326
http://secunia.com/advisories/31467
http://secunia.com/advisories/31489
SREASON http://securityreason.com/securityalert/3179
SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-103130-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200858-1
SUSE http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
http://www.novell.com/linux/security/advisories/2007_20_sr.html
UBUNTU https://usn.ubuntu.com/522-1/
VUPEN http://www.vupen.com/english/advisories/2007/3325
http://www.vupen.com/english/advisories/2007/3625
http://www.vupen.com/english/advisories/2007/4042
http://www.vupen.com/english/advisories/2007/4144
http://www.vupen.com/english/advisories/2008/0064
http://www.vupen.com/english/advisories/2008/2268
http://www.vupen.com/english/advisories/2008/2361
http://www.vupen.com/english/advisories/2008/2362
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/36837

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Date Informations
2024-02-02 01:07:24
  • Multiple Updates
2024-02-01 12:02:25
  • Multiple Updates
2023-09-05 12:06:55
  • Multiple Updates
2023-09-05 01:02:17
  • Multiple Updates
2023-09-02 12:07:01
  • Multiple Updates
2023-09-02 01:02:17
  • Multiple Updates
2023-08-12 12:08:09
  • Multiple Updates
2023-08-12 01:02:17
  • Multiple Updates
2023-08-11 12:07:04
  • Multiple Updates
2023-08-11 01:02:22
  • Multiple Updates
2023-08-06 12:06:45
  • Multiple Updates
2023-08-06 01:02:18
  • Multiple Updates
2023-08-04 12:06:50
  • Multiple Updates
2023-08-04 01:02:21
  • Multiple Updates
2023-07-14 12:06:49
  • Multiple Updates
2023-07-14 01:02:19
  • Multiple Updates
2023-03-29 01:07:38
  • Multiple Updates
2023-03-28 12:02:25
  • Multiple Updates
2022-10-11 12:06:03
  • Multiple Updates
2022-10-11 01:02:09
  • Multiple Updates
2021-05-04 12:06:27
  • Multiple Updates
2021-04-22 01:06:59
  • Multiple Updates
2020-05-23 00:20:31
  • Multiple Updates
2018-10-16 00:19:16
  • Multiple Updates
2018-10-04 00:19:30
  • Multiple Updates
2017-09-29 09:23:13
  • Multiple Updates
2017-07-29 12:02:34
  • Multiple Updates
2016-04-26 16:38:46
  • Multiple Updates
2015-09-19 13:23:23
  • Multiple Updates
2014-12-16 13:24:27
  • Multiple Updates
2014-02-17 10:41:54
  • Multiple Updates
2014-01-19 21:24:29
  • Multiple Updates
2013-05-11 10:37:45
  • Multiple Updates