#VU11534 NULL pointer dereference in OpenSSL


Published: 2018-04-04

Vulnerability identifier: #VU11534

Vulnerability risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2014-0198

CWE-ID: CWE-476

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenSSL
Server applications / Encryption software

Vendor: OpenSSL Software Foundation

Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the in the do_ssl3_write() function in OpenSSL. A remote attacker can send a specially crafted request to vulnerable application and trigger denial of service attack.

Successful exploitation of the vulnerability requires that SSL_MODE_RELEASE_BUFFERS is enabled.

Mitigation
Update to version 1.0.0m or 1.0.1h.

Vulnerable software versions

OpenSSL: 1.0.0 - 1.0.0l, 1.0.1 - 1.0.1g

External links
http://www.openssl.org/news/secadv/20140605.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in HP OneView
Multiple vulnerabilities in IBM FlashSystem (and TMS RAMSAN) 710, 720, 810, and 820 systems
Debian update for openssl
Ubuntu update for OpenSSL
Gentoo update for OpenSSL
Multiple vulnerabilities in HP Smart Update Manager (HP SUM)
Multiple vulnerabilities in IBM BladeCenter Advanced Management Module
Red Hat update for openssl
SUSE Linux update for OpenSSL 1.0
Slackware Linux update for openssl