#VU41414 Buffer overflow in OpenSSL
Vulnerability identifier: #VU41414
Vulnerability risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
OpenSSL
Server applications /
Encryption software
Vendor: OpenSSL Software Foundation
Description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.
Mitigation
Install update from vendor's website.
Vulnerable software versions
OpenSSL: 1.0.0 - 1.0.0m, 1.0.1 - 1.0.1h
External links
http:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc
http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html
http://marc.info/?l=bugtraq&m=142660345230545&w=2
http://secunia.com/advisories/59700
http://secunia.com/advisories/59710
http://secunia.com/advisories/59756
http://secunia.com/advisories/60022
http://secunia.com/advisories/60221
http://secunia.com/advisories/60493
http://secunia.com/advisories/60803
http://secunia.com/advisories/60810
http://secunia.com/advisories/60917
http://secunia.com/advisories/60921
http://secunia.com/advisories/61017
http://secunia.com/advisories/61100
http://secunia.com/advisories/61171
http://secunia.com/advisories/61184
http://secunia.com/advisories/61775
http://secunia.com/advisories/61959
http://security.gentoo.org/glsa/glsa-201412-39.xml
http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15565.html
http://www.debian.org/security/2014/dsa-2998
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm
http://www.securityfocus.com/bid/69083
http://www.securitytracker.com/id/1030693
http://www.tenable.com/security/tns-2014-06
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240
http://www-01.ibm.com/support/docview.wss?uid=swg21682293
http://www-01.ibm.com/support/docview.wss?uid=swg21683389
http://www-01.ibm.com/support/docview.wss?uid=swg21686997
http://exchange.xforce.ibmcloud.com/vulnerabilities/95158
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4a23b12a031860253b58d503f296377ca076427b
http://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc
http://www.openssl.org/news/secadv_20140806.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
