FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenSSL -- multiple vulnerabilities

Affected packages
1.0.1 <= openssl < 1.0.1_14
1.0.1 <= mingw32-openssl < 1.0.1i
8.4 <= FreeBSD < 8.4_15
9.1 <= FreeBSD < 9.1_18
9.2 <= FreeBSD < 9.2_11
9.3 <= FreeBSD < 9.3_1
10.0 <= FreeBSD < 10.0_8

Details

VuXML ID 8aff07eb-1dbd-11e4-b6ba-3c970e169bc2
Discovery 2014-08-06
Entry 2014-08-06
Modified 2016-08-09

The OpenSSL Project reports:

A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. [CVE-2014-3508]

The issue affects OpenSSL clients and allows a malicious server to crash the client with a null pointer dereference (read) by specifying an SRP ciphersuite even though it was not properly negotiated with the client. [CVE-2014-5139]

If a multithreaded client connects to a malicious server using a resumed session and the server sends an ec point format extension it could write up to 255 bytes to freed memory. [CVE-2014-3509]

An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. This can be exploited through a Denial of Service attack. [CVE-2014-3505]

An attacker can force openssl to consume large amounts of memory whilst processing DTLS handshake messages. This can be exploited through a Denial of Service attack. [CVE-2014-3506]

By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. This can be exploited through a Denial of Service attack. [CVE-2014-3507]

OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and sending carefully crafted handshake messages. [CVE-2014-3510]

A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate TLS 1.0 instead of higher protocol versions when the ClientHello message is badly fragmented. This allows a man-in-the-middle attacker to force a downgrade to TLS 1.0 even if both the server and the client support a higher protocol version, by modifying the client's TLS records. [CVE-2014-3511]

A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected. [CVE-2014-3512]

References

CVE Name CVE-2014-3505
CVE Name CVE-2014-3506
CVE Name CVE-2014-3507
CVE Name CVE-2014-3508
CVE Name CVE-2014-3509
CVE Name CVE-2014-3510
CVE Name CVE-2014-3511
CVE Name CVE-2014-3512
CVE Name CVE-2014-5139
FreeBSD Advisory SA-14:18.openssl
URL https://www.openssl.org/news/secadv_20140806.txt