Vulnerability Name:

CVE-2014-0195

Assigned:2013-12-03
Published:2014-06-05
Updated:2017-11-14
Summary:The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
4.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-119
References:Source: CONFIRM
Type: UNKNOWN
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc

Source: MISC
Type: UNKNOWN
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Once-Bled-Twice-Shy-OpenSSL-CVE-2014-0195/ba-p/6501048

Source: MISC
Type: UNKNOWN
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/ZDI-14-173-CVE-2014-0195-OpenSSL-DTLS-Fragment-Out-of-Bounds/ba-p/6501002

Source: CONFIRM
Type: UNKNOWN
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629

Source: FEDORA
Type: UNKNOWN
FEDORA-2014-9301

Source: FEDORA
Type: UNKNOWN
FEDORA-2014-9308

Source: SUSE
Type: UNKNOWN
SUSE-SU-2015:0743

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:0640

Source: HP
Type: UNKNOWN
SSRT101590

Source: HP
Type: UNKNOWN
HPSBOV03047

Source: HP
Type: UNKNOWN
HPSBMU03057

Source: HP
Type: UNKNOWN
HPSBMU03056

Source: HP
Type: UNKNOWN
HPSBMU03055

Source: HP
Type: UNKNOWN
HPSBMU03051

Source: HP
Type: UNKNOWN
HPSBGN03050

Source: HP
Type: UNKNOWN
HPSBMU03065

Source: HP
Type: UNKNOWN
HPSBMU03069

Source: HP
Type: UNKNOWN
HPSBMU03074

Source: HP
Type: UNKNOWN
HPSBMU03062

Source: HP
Type: UNKNOWN
HPSBMU03076

Source: HP
Type: UNKNOWN
SSRT101846

Source: FULLDISC
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: SECUNIA
Type: UNKNOWN
58337

Source: SECUNIA
Type: UNKNOWN
58615

Source: SECUNIA
Type: UNKNOWN
58660

Source: SECUNIA
Type: UNKNOWN
58713

Source: SECUNIA
Type: UNKNOWN
58714

Source: SECUNIA
Type: UNKNOWN
58945

Source: SECUNIA
Type: UNKNOWN
58977

Source: SECUNIA
Type: UNKNOWN
59040

Source: SECUNIA
Type: UNKNOWN
59175

Source: SECUNIA
Type: UNKNOWN
59188

Source: SECUNIA
Type: UNKNOWN
59189

Source: SECUNIA
Type: UNKNOWN
59192

Source: SECUNIA
Type: UNKNOWN
59223

Source: SECUNIA
Type: UNKNOWN
59287

Source: SECUNIA
Type: UNKNOWN
59305

Source: SECUNIA
Type: UNKNOWN
59306

Source: SECUNIA
Type: UNKNOWN
59310

Source: SECUNIA
Type: UNKNOWN
59364

Source: SECUNIA
Type: UNKNOWN
59365

Source: SECUNIA
Type: UNKNOWN
59429

Source: SECUNIA
Type: UNKNOWN
59437

Source: SECUNIA
Type: UNKNOWN
59441

Source: SECUNIA
Type: UNKNOWN
59449

Source: SECUNIA
Type: UNKNOWN
59454

Source: SECUNIA
Type: UNKNOWN
59518

Source: SECUNIA
Type: UNKNOWN
61254

Source: GENTOO
Type: UNKNOWN
GLSA-201407-05

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT6443

Source: CONFIRM
Type: UNKNOWN
http://support.citrix.com/article/CTX140876

Source: CONFIRM
Type: UNKNOWN
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15356.html

Source: CISCO
Type: UNKNOWN
20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=isg400001841

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=isg400001843

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21673137

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21675821

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676035

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676062

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676071

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676419

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676644

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676879

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676889

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677527

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677695

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677828

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21678167

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21678289

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21683332

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757

Source: CONFIRM
Type: UNKNOWN
http://www.blackberry.com/btsc/KB36051

Source: CONFIRM
Type: UNKNOWN
http://www.f-secure.com/en/web/labs_global/fsc-2014-6

Source: CONFIRM
Type: UNKNOWN
http://www.fortiguard.com/advisory/FG-IR-14-018/

Source: CONFIRM
Type: UNKNOWN
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm

Source: CONFIRM
Type: UNKNOWN
http://www.ibm.com/support/docview.wss?uid=swg21676356

Source: CONFIRM
Type: UNKNOWN
http://www.ibm.com/support/docview.wss?uid=swg21676793

Source: CONFIRM
Type: UNKNOWN
http://www.ibm.com/support/docview.wss?uid=swg24037783

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2014:106

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2015:062

Source: CONFIRM
Type: VENDOR_ADVISORY
http://www.openssl.org/news/secadv_20140605.txt

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Source: BUGTRAQ
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: BID
Type: UNKNOWN
67900

Source: SECTRACK
Type: UNKNOWN
1030337

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2014-0006.html

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=1103598

Source: XF
Type: UNKNOWN
openssl-cve20140195-bo(93588)

Source: CONFIRM
Type: PATCH
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1632ef744872edc2aa2a53d487d3e79c965a4ad3

Source: CONFIRM
Type: UNKNOWN
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946

Source: CONFIRM
Type: UNKNOWN
https://kb.bluecoat.com/index?page=content&id=SA80

Source: CONFIRM
Type: UNKNOWN
https://kc.mcafee.com/corporate/index?page=content&id=SB10075

Source: CONFIRM
Type: UNKNOWN
https://www.novell.com/support/kb/doc.php?id=7015271

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*

  • Configuration 3:
  • cpe:/a:redhat:storage:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

  • Configuration 4:
  • cpe:/a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20140195
    V
    CVE-2014-0195
    2017-11-19
    oval:org.mitre.oval:def:28333
    P
    SUSE-SU-2015:0743-1 -- Security update for mariadb (important)
    2015-08-17
    oval:org.mitre.oval:def:29338
    P
    DSA-2950-2 -- openssl -- security update
    2015-08-17
    oval:org.mitre.oval:def:24593
    V
    Remote Unauthorized Access
    2015-04-20
    oval:org.mitre.oval:def:27123
    P
    ELSA-2014-0679 -- openssl security update (important)
    2015-02-23
    oval:org.mitre.oval:def:25803
    P
    USN-2232-4 -- openssl vulnerabilities
    2014-10-27
    oval:org.mitre.oval:def:25014
    P
    RHSA-2014:0679: openssl security update (Important)
    2014-09-08
    oval:org.mitre.oval:def:25171
    P
    ELSA-2014:0625: openssl security update (Important)
    2014-09-01
    oval:org.mitre.oval:def:24301
    V
    Vulnerability in OpenSSL 0.9.8 - 0.9.8za, 1.0.0 - 1.0.0m and 1.0.1 - 1.0.1h, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash)
    2014-08-18
    oval:org.mitre.oval:def:25082
    P
    USN-2232-2 -- openssl regression
    2014-08-11
    oval:org.mitre.oval:def:24135
    V
    AIX OpenSSL DTLS invalid fragment vulnerability
    2014-08-11
    oval:org.mitre.oval:def:24628
    P
    USN-2232-3 -- openssl regression
    2014-08-11
    oval:org.mitre.oval:def:24448
    P
    USN-2232-1 -- openssl vulnerabilities
    2014-07-21
    oval:org.mitre.oval:def:24711
    P
    DSA-2950-1 openssl - security update
    2014-07-21
    oval:org.mitre.oval:def:24892
    P
    RHSA-2014:0625: openssl security update (Important)
    2014-07-21
    oval:com.redhat.rhsa:def:20140679
    P
    RHSA-2014:0679: openssl security update (Important)
    2014-06-10
    oval:com.redhat.rhsa:def:20140625
    P
    RHSA-2014:0625: openssl security update (Important)
    2014-06-05
    oval:com.ubuntu.precise:def:20140195000
    V
    CVE-2014-0195 on Ubuntu 12.04 LTS (precise) - medium.
    2014-06-05
    oval:com.ubuntu.trusty:def:20140195000
    V
    CVE-2014-0195 on Ubuntu 14.04 LTS (trusty) - medium.
    2014-06-05
    BACK
    openssl openssl 0.9.8
    openssl openssl 0.9.8a
    openssl openssl 0.9.8b
    openssl openssl 0.9.8c
    openssl openssl 0.9.8d
    openssl openssl 0.9.8e
    openssl openssl 0.9.8f
    openssl openssl 0.9.8g
    openssl openssl 0.9.8h
    openssl openssl 0.9.8i
    openssl openssl 0.9.8j
    openssl openssl 0.9.8k
    openssl openssl 0.9.8l
    openssl openssl 0.9.8m
    openssl openssl 0.9.8m beta1
    openssl openssl 0.9.8n
    openssl openssl 0.9.8o
    openssl openssl 0.9.8p
    openssl openssl 0.9.8q
    openssl openssl 0.9.8r
    openssl openssl 0.9.8s
    openssl openssl 0.9.8t
    openssl openssl 0.9.8u
    openssl openssl 0.9.8v
    openssl openssl 0.9.8w
    openssl openssl 0.9.8x
    openssl openssl 0.9.8y
    openssl openssl 1.0.1
    openssl openssl 1.0.1 beta1
    openssl openssl 1.0.1 beta2
    openssl openssl 1.0.1 beta3
    openssl openssl 1.0.1a
    openssl openssl 1.0.1b
    openssl openssl 1.0.1c
    openssl openssl 1.0.1d
    openssl openssl 1.0.1e
    openssl openssl 1.0.1f
    openssl openssl 1.0.1g
    redhat storage 2.1
    fedoraproject fedora *
    redhat enterprise_linux 6
    openssl openssl 1.0.0
    openssl openssl 1.0.0 beta1
    openssl openssl 1.0.0 beta2
    openssl openssl 1.0.0 beta3
    openssl openssl 1.0.0 beta4
    openssl openssl 1.0.0 beta5
    openssl openssl 1.0.0a
    openssl openssl 1.0.0b
    openssl openssl 1.0.0c
    openssl openssl 1.0.0d
    openssl openssl 1.0.0e
    openssl openssl 1.0.0f
    openssl openssl 1.0.0g
    openssl openssl 1.0.0h
    openssl openssl 1.0.0i
    openssl openssl 1.0.0j
    openssl openssl 1.0.0k
    openssl openssl 1.0.0l
    redhat enterprise_linux 6
    redhat enterprise_linux 7