5 - USN-792-1

Executive Summary

Summary
Title	OpenSSL vulnerabilities

Informations
Name	USN-792-1	First vendor Publication	2009-06-25
Vendor	Ubuntu	Last vendor Modification	2009-06-25
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS:
libssl0.9.8 0.9.8a-7ubuntu0.9

Ubuntu 8.04 LTS:
libssl0.9.8 0.9.8g-4ubuntu3.7

Ubuntu 8.10:
libssl0.9.8 0.9.8g-10.1ubuntu2.4

Ubuntu 9.04:
libssl0.9.8 0.9.8g-15ubuntu3.2

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

Details follow:

It was discovered that OpenSSL did not limit the number of DTLS records it would buffer when they arrived with a future epoch. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. (CVE-2009-1377)

It was discovered that OpenSSL did not properly free memory when processing DTLS fragments. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. (CVE-2009-1378)

It was discovered that OpenSSL did not properly handle certain server certificates when processing DTLS packets. A remote DTLS server could cause a denial of service by sending a message containing a specially crafted server certificate. (CVE-2009-1379)

It was discovered that OpenSSL did not properly handle a DTLS ChangeCipherSpec packet when it occured before ClientHello. A remote attacker could cause a denial of service by sending a specially crafted request. (CVE-2009-1386)

It was discovered that OpenSSL did not properly handle out of sequence DTLS handshake messages. A remote attacker could cause a denial of service by sending a specially crafted request. (CVE-2009-1387)

Original Source

Url : http://www.ubuntu.com/usn/USN-792-1

CWE : Common Weakness Enumeration

%	Id	Name
40 %	CWE-476	NULL Pointer Dereference
20 %	CWE-401	Failure to Release Memory Before Removing Last Reference ('Memory Leak')
20 %	CWE-399	Resource Management Errors
20 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10740

Oval ID:	oval:org.mitre.oval:def:10740
Title:	The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."
Description:	The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-1387	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section openssl-perl is earlier than 0:0.9.8e-12.el5 AND openssl-devel is earlier than 0:0.9.8e-12.el5 AND openssl is earlier than 0:0.9.8e-12.el5

Definition Id: oval:org.mitre.oval:def:11179

Oval ID:	oval:org.mitre.oval:def:11179
Title:	ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
Description:	ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-1386	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section openssl-perl is earlier than 0:0.9.8e-12.el5 AND openssl-devel is earlier than 0:0.9.8e-12.el5 AND openssl is earlier than 0:0.9.8e-12.el5

Definition Id: oval:org.mitre.oval:def:11309

Oval ID:	oval:org.mitre.oval:def:11309
Title:	Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."
Description:	Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-1378	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section openssl-perl is earlier than 0:0.9.8e-12.el5 AND openssl-devel is earlier than 0:0.9.8e-12.el5 AND openssl is earlier than 0:0.9.8e-12.el5

Definition Id: oval:org.mitre.oval:def:13721

Oval ID:	oval:org.mitre.oval:def:13721
Title:	DSA-1888-1 openssl, openssl097 -- cryptographic weakness
Description:	Certificates with MD2 hash signatures are no longer accepted by OpenSSL, since they’re no longer considered cryptographically secure. For the stable distribution, this problem has been fixed in version 0.9.8g-15+lenny5. For the old stable distribution, this problem has been fixed in version 0.9.8c-4etch9 for openssl and version 0.9.7k-3.1etch5 for openssl097. The OpenSSL 0.9.8 update for oldstable also provides updated packages for multiple denial of service vulnerabilities in the Datagram Transport Layer Security implementation. These fixes were already provided for Debian stable in a previous point update. The OpenSSL 0.9.7 package from oldstable is not affected. For the unstable distribution, this problem has been fixed in version 0.9.8k-5. We recommend that you upgrade your openssl packages.
Family:	unix	Class:	patch
Reference(s):	DSA-1888-1 CVE-2009-2409 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 4.0	Product(s):	openssl openssl097
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Packages section libssl-dev DPKG is earlier than 0.9.8g-15+lenny5 AND libssl0.9.8-dbg DPKG is earlier than 0.9.8g-15+lenny5 AND openssl DPKG is earlier than 0.9.8g-15+lenny5 AND libssl0.9.8 DPKG is earlier than 0.9.8g-15+lenny5 OR Release section Debian GNU/Linux 4.0 is installed. AND Packages section libssl0.9.7-dbg DPKG is earlier than 0.9.7k-3.1etch5 AND libssl-dev DPKG is earlier than 0.9.8c-4etch9 AND libssl0.9.8-dbg DPKG is earlier than 0.9.8c-4etch9 AND openssl DPKG is earlier than 0.9.8c-4etch9 AND libssl0.9.8 DPKG is earlier than 0.9.8c-4etch9 AND libssl0.9.7 DPKG is earlier than 0.9.7k-3.1etch5

Definition Id: oval:org.mitre.oval:def:13891

Oval ID:	oval:org.mitre.oval:def:13891
Title:	USN-792-1 -- openssl vulnerabilities
Description:	It was discovered that OpenSSL did not limit the number of DTLS records it would buffer when they arrived with a future epoch. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. It was discovered that OpenSSL did not properly free memory when processing DTLS fragments. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. It was discovered that OpenSSL did not properly handle certain server certificates when processing DTLS packets. A remote DTLS server could cause a denial of service by sending a message containing a specially crafted server certificate. It was discovered that OpenSSL did not properly handle a DTLS ChangeCipherSpec packet when it occured before ClientHello. A remote attacker could cause a denial of service by sending a specially crafted request. It was discovered that OpenSSL did not properly handle out of sequence DTLS handshake messages. A remote attacker could cause a denial of service by sending a specially crafted request
Family:	unix	Class:	patch
Reference(s):	USN-792-1 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387	Version:	5
Platform(s):	Ubuntu 8.04 Ubuntu 9.04 Ubuntu 6.06 Ubuntu 8.10	Product(s):	openssl
Definition Synopsis:
Release section Ubuntu 8.04 is installed AND Architecture section Architecture independent section Installed architecture is all AND openssl-doc DPKG is earlier than 0.9.8g-4ubuntu3.7 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is sparc AND Installed architecture is lpia AND Packages section libcrypto0.9.8-udeb DPKG is earlier than 0.9.8g-4ubuntu3.7 AND libssl0.9.8-dbg DPKG is earlier than 0.9.8g-4ubuntu3.7 AND libssl0.9.8 DPKG is earlier than 0.9.8g-4ubuntu3.7 AND libssl-dev DPKG is earlier than 0.9.8g-4ubuntu3.7 AND openssl DPKG is earlier than 0.9.8g-4ubuntu3.7 OR Release section Ubuntu 9.04 is installed AND Architecture section Architecture independent section Installed architecture is all AND openssl-doc DPKG is earlier than 0.9.8g-15ubuntu3.2 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is sparc AND Installed architecture is lpia AND Packages section libcrypto0.9.8-udeb DPKG is earlier than 0.9.8g-15ubuntu3.2 AND libssl0.9.8-dbg DPKG is earlier than 0.9.8g-15ubuntu3.2 AND libssl0.9.8 DPKG is earlier than 0.9.8g-15ubuntu3.2 AND libssl-dev DPKG is earlier than 0.9.8g-15ubuntu3.2 AND openssl DPKG is earlier than 0.9.8g-15ubuntu3.2 OR Release section Ubuntu 6.06 is installed AND Supported architectures section Installed architecture is sparc AND Installed architecture is i386 AND Installed architecture is amd64 AND Installed architecture is powerpc AND Packages section libssl0.9.8 DPKG is earlier than 0.9.8a-7ubuntu0.9 AND libcrypto0.9.8-udeb DPKG is earlier than 0.9.8a-7ubuntu0.9 AND libssl0.9.8-dbg DPKG is earlier than 0.9.8a-7ubuntu0.9 AND openssl DPKG is earlier than 0.9.8a-7ubuntu0.9 AND libssl-dev DPKG is earlier than 0.9.8a-7ubuntu0.9 OR Release section Ubuntu 8.10 is installed AND Architecture section Architecture independent section Installed architecture is all AND openssl-doc DPKG is earlier than 0.9.8g-10.1ubuntu2.4 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is sparc AND Installed architecture is lpia AND Packages section libcrypto0.9.8-udeb DPKG is earlier than 0.9.8g-10.1ubuntu2.4 AND libssl0.9.8-dbg DPKG is earlier than 0.9.8g-10.1ubuntu2.4 AND libssl0.9.8 DPKG is earlier than 0.9.8g-10.1ubuntu2.4 AND libssl-dev DPKG is earlier than 0.9.8g-10.1ubuntu2.4 AND openssl DPKG is earlier than 0.9.8g-10.1ubuntu2.4

Definition Id: oval:org.mitre.oval:def:22755

Oval ID:	oval:org.mitre.oval:def:22755
Title:	ELSA-2009:1335: openssl security, bug fix, and enhancement update (Moderate)
Description:	The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."
Family:	unix	Class:	patch
Reference(s):	ELSA-2009:1335-02 CVE-2006-7250 CVE-2009-0590 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387	Version:	33
Platform(s):	Oracle Linux 5	Product(s):	openssl
Definition Synopsis:
Oracle Linux 5.x rpm test openssl is earlier than 0:0.9.8e-12.el5 AND openssl-perl is earlier than 0:0.9.8e-12.el5 AND openssl-devel is earlier than 0:0.9.8e-12.el5

Definition Id: oval:org.mitre.oval:def:24227

Oval ID:	oval:org.mitre.oval:def:24227
Title:	Vulnerability in OpenSSL 0.9.8k and earlier 0.9.8 versions, allows remote attackers to cause a denial of service (memory consumption)
Description:	The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1377	Version:	3
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2	Product(s):	OpenSSL
Definition Synopsis:
Check vulnerable OpenSSL Check vulnerable versions of OpenSSL Check if the version of OpenSSL 0.9.8 before 0.9.8l AND OpenSSL is installed OR Check vulnerable OpenSSL (32_bit) Check vulnerable versions of OpenSSL (32_bit) Check if the version of OpenSSL 0.9.8 before 0.9.8l (32_bit) AND OpenSSL (32_bit) is installed AND Check if the version of ssleay32.dll 0.9.8 before 0.9.8l ProgramFilesDir AND Check if the version of ssleay32.dll 0.9.8 before 0.9.8l ProgramFilesDir x86 AND Check if the version of ssleay32.dll 0.9.8 before 0.9.8l Sytem32 and SysWOW64

Definition Id: oval:org.mitre.oval:def:24700

Oval ID:	oval:org.mitre.oval:def:24700
Title:	Vulnerability in OpenSSL before 1.0.0 Beta 2, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)
Description:	The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1387	Version:	3
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2	Product(s):	OpenSSL
Definition Synopsis:
Check vulnerable OpenSSL Check vulnerable versions of OpenSSL Check if the version of OpenSSL 0.9.1c before 0.9.8h AND Check if the version of OpenSSL 1.0.0 before 1.0.0a AND OpenSSL is installed OR Check vulnerable OpenSSL (32_bit) Check vulnerable versions of OpenSSL (32_bit) Check if the version of OpenSSL 0.9.1c before 0.9.8h (32_bit) AND Check if the version of OpenSSL 1.0.0 before 1.0.0a (32_bit) AND OpenSSL (32_bit) is installed AND Check if the version of ssleay32.dll 0.9.1c before 0.9.8h ProgramFilesDir AND Check if the version of ssleay32.dll 0.9.1c before 0.9.8h ProgramFilesDir x86 AND Check if the version of ssleay32.dll 0.9.1c before 0.9.8h under Sytem32 and SysWOW64 AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0a ProgramFilesDir AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0a ProgramFilesDir x86 AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0a under Sytem32 and SysWOW64

Definition Id: oval:org.mitre.oval:def:25108

Oval ID:	oval:org.mitre.oval:def:25108
Title:	Vulnerability in OpenSSL before 0.9.8i, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)
Description:	ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1386	Version:	3
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2	Product(s):	OpenSSL
Definition Synopsis:
Check vulnerable OpenSSL Check vulnerable versions of OpenSSL Check if the version of OpenSSL 0.9.1c before 0.9.8i AND OpenSSL is installed OR Check vulnerable OpenSSL (32_bit) Check vulnerable versions of OpenSSL (32_bit) Check if the version of OpenSSL 0.9.1c before 0.9.8i (32_bit) AND OpenSSL (32_bit) is installed AND Check if the version of ssleay32.dll 0.9.1c before 0.9.8i ProgramFilesDir AND Check if the version of ssleay32.dll 0.9.1c before 0.9.8i ProgramFilesDir x86 AND Check if the version of ssleay32.dll 0.9.1c before 0.9.8i under Sytem32 and SysWOW64

Definition Id: oval:org.mitre.oval:def:25119

Oval ID:	oval:org.mitre.oval:def:25119
Title:	Vulnerability in OpenSSL 1.0.0 Beta 2, allows remote attackers to cause a denial of service (openssl s_client crash)
Description:	Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1379	Version:	3
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2	Product(s):	OpenSSL
Definition Synopsis:
Check vulnerable OpenSSL Check vulnerable versions of OpenSSL Check if the version of OpenSSL 1.0.0 before 1.0.0a AND OpenSSL is installed OR Check vulnerable OpenSSL (32_bit) Check vulnerable versions of OpenSSL (32_bit) Check if the version of OpenSSL 1.0.0 before 1.0.0a (32_bit) AND OpenSSL (32_bit) is installed AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0a ProgramFilesDir AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0a ProgramFilesDir x86 AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0a under Sytem32 and SysWOW64

Definition Id: oval:org.mitre.oval:def:28749

Oval ID:	oval:org.mitre.oval:def:28749
Title:	RHSA-2009:1335 -- openssl security, bug fix, and enhancement update (Moderate)
Description:	Updated openssl packages that fix several security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength general purpose cryptography library. Datagram TLS (DTLS) is a protocol based on TLS that is capable of securing datagram transport (for example, UDP).
Family:	unix	Class:	patch
Reference(s):	RHSA-2009:1335 CESA-2009:1335-CentOS 5 CVE-2006-7250 CVE-2009-0590 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387	Version:	3
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	openssl
Definition Synopsis:
Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages match section openssl-devel is earlier than 0:0.9.8e-12.el5 AND openssl is earlier than 0:0.9.8e-12.el5 AND openssl-perl is earlier than 0:0.9.8e-12.el5

Definition Id: oval:org.mitre.oval:def:6683

Oval ID:	oval:org.mitre.oval:def:6683
Title:	OpenSSL DTLS Packets Multiple Denial of Service Vulnerabilities
Description:	The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-1377	Version:	5
Platform(s):	VMWare ESX Server 4.0	Product(s):
Definition Synopsis:
VMware ESX Server 4.0 is installed AND Patch ESX400-201005401-SG is not installed

Definition Id: oval:org.mitre.oval:def:6848

Oval ID:	oval:org.mitre.oval:def:6848
Title:	OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Packet Denial of Service Vulnerability
Description:	Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-1379	Version:	5
Platform(s):	VMWare ESX Server 4.0	Product(s):
Definition Synopsis:
VMware ESX Server 4.0 is installed AND Patch ESX400-201005401-SG is not installed

Definition Id: oval:org.mitre.oval:def:7229

Oval ID:	oval:org.mitre.oval:def:7229
Title:	OpenSSL DTLS Packets Multiple Denial of Service Vulnerabilities
Description:	Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-1378	Version:	5
Platform(s):	VMWare ESX Server 4.0	Product(s):
Definition Synopsis:
VMware ESX Server 4.0 is installed AND Patch ESX400-201005401-SG is not installed

Definition Id: oval:org.mitre.oval:def:7469

Oval ID:	oval:org.mitre.oval:def:7469
Title:	OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability
Description:	ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-1386	Version:	5
Platform(s):	VMWare ESX Server 4.0	Product(s):
Definition Synopsis:
VMware ESX Server 4.0 is installed AND Patch ESX400-201005401-SG is not installed

Definition Id: oval:org.mitre.oval:def:7592

Oval ID:	oval:org.mitre.oval:def:7592
Title:	OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Remote Denial of Service Vulnerability
Description:	The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-1387	Version:	5
Platform(s):	VMWare ESX Server 4.0	Product(s):
Definition Synopsis:
VMware ESX Server 4.0 is installed AND Patch ESX400-201005401-SG is not installed

Definition Id: oval:org.mitre.oval:def:9663

Oval ID:	oval:org.mitre.oval:def:9663
Title:	The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug."
Description:	The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-1377	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section openssl-perl is earlier than 0:0.9.8e-12.el5 AND openssl-devel is earlier than 0:0.9.8e-12.el5 AND openssl is earlier than 0:0.9.8e-12.el5

Definition Id: oval:org.mitre.oval:def:9744

Oval ID:	oval:org.mitre.oval:def:9744
Title:	Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
Description:	Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-1379	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section openssl-perl is earlier than 0:0.9.8e-12.el5 AND openssl-devel is earlier than 0:0.9.8e-12.el5 AND openssl is earlier than 0:0.9.8e-12.el5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Openssl cpe:2.3:a:openssl:openssl:1.0.0:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.7m:::::::* cpe:2.3:a:openssl:openssl:0.9.7m::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7m::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7m::::::x86: cpe:2.3:a:openssl:openssl:0.9.7l:::::::* cpe:2.3:a:openssl:openssl:0.9.7l::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7l::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7l::::::x86: cpe:2.3:a:openssl:openssl:0.9.7k:::::::* cpe:2.3:a:openssl:openssl:0.9.7k::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7k::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7k::::::x86: cpe:2.3:a:openssl:openssl:0.9.7j:::::::* cpe:2.3:a:openssl:openssl:0.9.7j::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7j::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7j::::::x86: cpe:2.3:a:openssl:openssl:0.9.7i:::::::* cpe:2.3:a:openssl:openssl:0.9.7i::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7i::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7i::::::x86: cpe:2.3:a:openssl:openssl:0.9.7h:::::::* cpe:2.3:a:openssl:openssl:0.9.7h::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7h::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7h::::::x86: cpe:2.3:a:openssl:openssl:0.9.7g:::::::* cpe:2.3:a:openssl:openssl:0.9.7g::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7g::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7g::::::x86: cpe:2.3:a:openssl:openssl:0.9.7f:::::::* cpe:2.3:a:openssl:openssl:0.9.7f::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7f::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7f::::::x86: cpe:2.3:a:openssl:openssl:0.9.7e:::::::* cpe:2.3:a:openssl:openssl:0.9.7e::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7e::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7e::::::x86: cpe:2.3:a:openssl:openssl:0.9.7d:::::::* cpe:2.3:a:openssl:openssl:0.9.7d::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7d::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7d::::::x86: cpe:2.3:a:openssl:openssl:0.9.7c:::::::* cpe:2.3:a:openssl:openssl:0.9.7c::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7c::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7c::::::x86: cpe:2.3:a:openssl:openssl:0.9.7b:::::::* cpe:2.3:a:openssl:openssl:0.9.7b::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7b::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7b::::::x86: cpe:2.3:a:openssl:openssl:0.9.7a:::::::* cpe:2.3:a:openssl:openssl:0.9.7a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7a::::::x86: cpe:2.3:a:openssl:openssl:0.9.7:beta3:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.7:-:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta5:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta6:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta4:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta4:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta5:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta3:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7:beta6:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta5:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta4:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta6:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta3:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7::::::x86: cpe:2.3:a:openssl:openssl:0.9.7:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta3:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta4:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta5:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta6:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6m:::::::* cpe:2.3:a:openssl:openssl:0.9.6m::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6m::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6m::::::x86: cpe:2.3:a:openssl:openssl:0.9.6l:::::::* cpe:2.3:a:openssl:openssl:0.9.6l::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6l::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6l::::::x86: cpe:2.3:a:openssl:openssl:0.9.6k:::::::* cpe:2.3:a:openssl:openssl:0.9.6k::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6k::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6k::::::x86: cpe:2.3:a:openssl:openssl:0.9.6j:::::::* cpe:2.3:a:openssl:openssl:0.9.6j::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6j::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6j::::::x86: cpe:2.3:a:openssl:openssl:0.9.6i:::::::* cpe:2.3:a:openssl:openssl:0.9.6i::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6i::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6i::::::x86: cpe:2.3:a:openssl:openssl:0.9.6h:::::::* cpe:2.3:a:openssl:openssl:0.9.6h:bogus:::::: cpe:2.3:a:openssl:openssl:0.9.6h::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6h::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6h::::::x86: cpe:2.3:a:openssl:openssl:0.9.6g:::::::* cpe:2.3:a:openssl:openssl:0.9.6g::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6g::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6g::::::x86: cpe:2.3:a:openssl:openssl:0.9.6f:::::::* cpe:2.3:a:openssl:openssl:0.9.6f::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6f::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6f::::::x86: cpe:2.3:a:openssl:openssl:0.9.6e:::::::* cpe:2.3:a:openssl:openssl:0.9.6e::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6e::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6e::::::x86: cpe:2.3:a:openssl:openssl:0.9.6d:-:::::: cpe:2.3:a:openssl:openssl:0.9.6d::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6d::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6d::::::x86: cpe:2.3:a:openssl:openssl:0.9.6c:::::::* cpe:2.3:a:openssl:openssl:0.9.6c::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6c::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6c::::::x86: cpe:2.3:a:openssl:openssl:0.9.6b:::::::* cpe:2.3:a:openssl:openssl:0.9.6b::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6b::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6b::::::x86: cpe:2.3:a:openssl:openssl:0.9.6a:-:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta3:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta3:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta3:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6a::::::x86: cpe:2.3:a:openssl:openssl:0.9.6a:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6a:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6a:beta3:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.6:-:::::: cpe:2.3:a:openssl:openssl:0.9.6:beta3:::::: cpe:2.3:a:openssl:openssl:0.9.6:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.6:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta3:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta3:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6::::::x86: cpe:2.3:a:openssl:openssl:0.9.6:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta3:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.5a:-:::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5a::::::x86: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.5:-:::::: cpe:2.3:a:openssl:openssl:0.9.5:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.5:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.5:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.5::::::x86: cpe:2.3:a:openssl:openssl:0.9.5:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.4:::::::* cpe:2.3:a:openssl:openssl:0.9.4::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.4::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.4::::::x86: cpe:2.3:a:openssl:openssl:0.9.3a:::::::* cpe:2.3:a:openssl:openssl:0.9.3a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.3a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.3a::::::x86: cpe:2.3:a:openssl:openssl:0.9.3:-:::::: cpe:2.3:a:openssl:openssl:0.9.3::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.3::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.3::::::x86: cpe:2.3:a:openssl:openssl:0.9.2b:::::::* cpe:2.3:a:openssl:openssl:0.9.2b::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.2b::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.2b::::::x86: cpe:2.3:a:openssl:openssl:0.9.1c:::::::* cpe:2.3:a:openssl:openssl:0.9.1c::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.1c::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.1c::::::x86: cpe:2.3:a:openssl:openssl:0.9.1b:::::::* cpe:2.3:a:openssl:openssl:0.9.0b:::::::* cpe:2.3:a:openssl:openssl:::::::: cpe:2.3:a:openssl:openssl:::openvms:::::* cpe:2.3:a:openssl:openssl:-:::::::*	211
Application	Redhat Openssl cpe:2.3:a:redhat:openssl:0.9.7a-2:::::::* cpe:2.3:a:redhat:openssl:0.9.6b-3:::::::* cpe:2.3:a:redhat:openssl:0.9.6-15:::::::*	3
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:9.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:8.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:8.04::::-::: cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*	4

ExploitDB Exploits

id	Description
2009-06-04	OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
2009-05-18	OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS

OpenVAS Exploits

Date	Description
2012-04-16	Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates File : nvt/gb_VMSA-2010-0009.nasl
2011-08-09	Name : CentOS Update for openssl CESA-2009:1335 centos5 i386 File : nvt/gb_CESA-2009_1335_openssl_centos5_i386.nasl
2010-06-25	Name : Fedora Update for openssl FEDORA-2010-9421 File : nvt/gb_fedora_2010_9421_openssl_fc11.nasl
2010-04-19	Name : Fedora Update for openssl FEDORA-2010-5357 File : nvt/gb_fedora_2010_5357_openssl_fc11.nasl
2009-12-14	Name : Gentoo Security Advisory GLSA 200912-01 (openssl) File : nvt/glsa_200912_01.nasl
2009-12-10	Name : Mandriva Security Advisory MDVSA-2009:310 (openssl) File : nvt/mdksa_2009_310.nasl
2009-10-13	Name : SLES10: Security update for OpenSSL File : nvt/sles10_openssl2.nasl
2009-10-13	Name : SLES10: Security update for OpenSSL File : nvt/sles10_openssl0.nasl
2009-10-11	Name : SLES11: Security update for OpenSSL File : nvt/sles11_libopenssl0_9_81.nasl
2009-10-11	Name : SLES11: Security update for OpenSSL File : nvt/sles11_libopenssl0_9_80.nasl
2009-09-28	Name : Mandrake Security Advisory MDVSA-2009:239 (openssl) File : nvt/mdksa_2009_239.nasl
2009-09-28	Name : Mandrake Security Advisory MDVSA-2009:238 (openssl) File : nvt/mdksa_2009_238.nasl
2009-09-28	Name : Mandrake Security Advisory MDVSA-2009:237 (openssl) File : nvt/mdksa_2009_237.nasl
2009-09-21	Name : Debian Security Advisory DSA 1888-1 (openssl, openssl097) File : nvt/deb_1888_1.nasl
2009-09-21	Name : CentOS Security Advisory CESA-2009:1335 (openssl) File : nvt/ovcesa2009_1335.nasl
2009-09-09	Name : RedHat Security Advisory RHSA-2009:1335 File : nvt/RHSA_2009_1335.nasl
2009-07-06	Name : SuSE Security Summary SUSE-SR:2009:012 File : nvt/suse_sr_2009_012.nasl
2009-06-30	Name : Ubuntu USN-792-1 (openssl) File : nvt/ubuntu_792_1.nasl
2009-06-23	Name : Fedora Core 11 FEDORA-2009-5452 (openssl) File : nvt/fcore_2009_5452.nasl
2009-06-23	Name : Fedora Core 9 FEDORA-2009-5423 (openssl) File : nvt/fcore_2009_5423.nasl
2009-06-23	Name : Fedora Core 10 FEDORA-2009-5412 (openssl) File : nvt/fcore_2009_5412.nasl
2009-06-15	Name : SuSE Security Summary SUSE-SR:2009:011 File : nvt/suse_sr_2009_011.nasl
2009-06-12	Name : Denial Of Service Vulnerability in OpenSSL June-09 (Linux) File : nvt/gb_openssl_dos_vuln_lin_jun09.nasl
2009-06-05	Name : Mandrake Security Advisory MDVSA-2009:120 (openssl) File : nvt/mdksa_2009_120.nasl
2009-06-05	Name : FreeBSD Ports: opensll File : nvt/freebsd_opensll.nasl
2009-05-28	Name : OpenSSL DTLS Packets Multiple Denial of Service Vulnerabilities (Linux) File : nvt/secpod_openssl_mult_dos_vuln_lin.nasl
2009-05-28	Name : OpenSSL DTLS Packets Multiple DOS Vulnerabilities (win) File : nvt/secpod_openssl_mult_dos_vuln_win.nasl
0000-00-00	Name : Slackware Advisory SSA:2010-060-02 openssl File : nvt/esoft_slk_ssa_2010_060_02.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
55073	OpenSSL ssl/s3_pkt.c DTLS ChangeCipherSpec Packet Handling Remote DoS
55072	OpenSSL ssl/d1_both.cdtls1_retrieve_buffered_fragment Function DTLS Handshake...
54614	OpenSSL ssl/d1_both.c dtls1_retrieve_buffered_fragment Function DTLS Packet H...
54613	OpenSSL ssl/d1_both.c dtls1_process_out_of_seq_message Function DTLS Record H...
54612	OpenSSL ssl/d1_pkt.c dtls1_buffer_record Function Buffered DTLS Record Handli...

Nessus® Vulnerability Scanner

Date	Description
2016-03-08	Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO
2016-03-08	Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15348.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1335.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090902_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-01-04	Name : The remote server is affected by a denial of service vulnerability. File : openssl_1_0_0.nasl - Type : ACT_GATHER_INFO
2012-01-04	Name : The remote server is affected by a denial of service vulnerability. File : openssl_0_9_8i.nasl - Type : ACT_GATHER_INFO
2012-01-04	Name : The remote server is affected by multiple vulnerabilities. File : openssl_0_9_8l.nasl - Type : ACT_GATHER_INFO
2010-07-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-239.nasl - Type : ACT_GATHER_INFO
2010-06-01	Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO
2010-04-27	Name : The remote web server has multiple vulnerabilities. File : hpsmh_6_0_0_95.nasl - Type : ACT_GATHER_INFO
2010-03-05	Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO
2010-03-02	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-060-02.nasl - Type : ACT_GATHER_INFO
2010-02-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1888.nasl - Type : ACT_GATHER_INFO
2010-01-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1335.nasl - Type : ACT_GATHER_INFO
2009-12-04	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-310.nasl - Type : ACT_GATHER_INFO
2009-12-02	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200912-01.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-6296.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-6267.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_openssl-090610.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-090522.nasl - Type : ACT_GATHER_INFO
2009-09-22	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-238.nasl - Type : ACT_GATHER_INFO
2009-07-21	Name : The remote openSUSE host is missing a security update. File : suse_11_0_libopenssl-devel-090609.nasl - Type : ACT_GATHER_INFO
2009-07-21	Name : The remote openSUSE host is missing a security update. File : suse_11_1_libopenssl-devel-090609.nasl - Type : ACT_GATHER_INFO
2009-07-21	Name : The remote openSUSE host is missing a security update. File : suse_11_1_libopenssl-devel-090522.nasl - Type : ACT_GATHER_INFO
2009-07-21	Name : The remote openSUSE host is missing a security update. File : suse_11_0_libopenssl-devel-090522.nasl - Type : ACT_GATHER_INFO
2009-06-26	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-792-1.nasl - Type : ACT_GATHER_INFO
2009-06-21	Name : The remote Fedora host is missing a security update. File : fedora_2009-5452.nasl - Type : ACT_GATHER_INFO
2009-06-21	Name : The remote Fedora host is missing a security update. File : fedora_2009-5423.nasl - Type : ACT_GATHER_INFO
2009-06-21	Name : The remote Fedora host is missing a security update. File : fedora_2009-5412.nasl - Type : ACT_GATHER_INFO
2009-06-18	Name : The remote openSUSE host is missing a security update. File : suse_libopenssl-devel-6291.nasl - Type : ACT_GATHER_INFO
2009-06-01	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_82b55df84d5a11de88110030843d3802.nasl - Type : ACT_GATHER_INFO
2009-05-27	Name : The remote openSUSE host is missing a security update. File : suse_libopenssl-devel-6268.nasl - Type : ACT_GATHER_INFO
2009-05-22	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-120.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 12:06:03	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	5
Oval ID(s)	18
CPE ID(s)	218
osvdb(s)	5
ExploitDB Exploit(s)	2
Openvas Exploit(s)	28
Nessus® Exploit(s)	34

	Related
5	CVE-2009-1387
5	CVE-2009-1386
5	CVE-2009-1379
5	CVE-2009-1378
5	CVE-2009-1377
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 5 more Alert(s)

5 - USN-792-1

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

ExploitDB Exploits

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU