Vulnerability Name:

CVE-2014-0198

Assigned:2013-12-03
Published:2014-04-21
Updated:2017-11-14
Summary:The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.
CVSS v3 Severity:3.7 Low (CCN CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-476
References:Source: CONFIRM
Type: UNKNOWN
http://advisories.mageia.org/MGASA-2014-0204.html

Source: CONFIRM
Type: UNKNOWN
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc

Source: CONFIRM
Type: UNKNOWN
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629

Source: CONFIRM
Type: UNKNOWN
http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195

Source: FEDORA
Type: UNKNOWN
FEDORA-2014-9301

Source: FEDORA
Type: UNKNOWN
FEDORA-2014-9308

Source: SUSE
Type: UNKNOWN
SUSE-SU-2015:0743

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2014:0634

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2014:0635

Source: HP
Type: UNKNOWN
HPSBMU03057

Source: HP
Type: UNKNOWN
HPSBMU03056

Source: HP
Type: UNKNOWN
HPSBMU03055

Source: HP
Type: UNKNOWN
HPSBMU03051

Source: HP
Type: UNKNOWN
HPSBGN03068

Source: HP
Type: UNKNOWN
HPSBMU03074

Source: HP
Type: UNKNOWN
HPSBMU03062

Source: HP
Type: UNKNOWN
HPSBMU03076

Source: HP
Type: UNKNOWN
HPSBHF03052

Source: CONFIRM
Type: UNKNOWN
http://puppetlabs.com/security/cve/cve-2014-0198

Source: FULLDISC
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: SECUNIA
Type: UNKNOWN
58337

Source: SECUNIA
Type: UNKNOWN
58667

Source: SECUNIA
Type: UNKNOWN
58713

Source: SECUNIA
Type: UNKNOWN
58714

Source: SECUNIA
Type: UNKNOWN
58945

Source: SECUNIA
Type: UNKNOWN
58977

Source: SECUNIA
Type: UNKNOWN
59163

Source: SECUNIA
Type: UNKNOWN
59190

Source: SECUNIA
Type: UNKNOWN
59202

Source: SECUNIA
Type: UNKNOWN
59264

Source: SECUNIA
Type: UNKNOWN
59282

Source: SECUNIA
Type: UNKNOWN
59284

Source: SECUNIA
Type: UNKNOWN
59287

Source: SECUNIA
Type: UNKNOWN
59306

Source: SECUNIA
Type: UNKNOWN
59310

Source: SECUNIA
Type: UNKNOWN
59374

Source: SECUNIA
Type: UNKNOWN
59398

Source: SECUNIA
Type: UNKNOWN
59437

Source: SECUNIA
Type: UNKNOWN
59440

Source: SECUNIA
Type: UNKNOWN
59449

Source: SECUNIA
Type: UNKNOWN
59525

Source: SECUNIA
Type: UNKNOWN
59529

Source: SECUNIA
Type: UNKNOWN
61254

Source: GENTOO
Type: UNKNOWN
GLSA-201407-05

Source: CONFIRM
Type: UNKNOWN
http://support.citrix.com/article/CTX140876

Source: CONFIRM
Type: UNKNOWN
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html

Source: CISCO
Type: UNKNOWN
20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21673137

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676035

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676062

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676419

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676529

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676655

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676879

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676889

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677527

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677695

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677828

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677836

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21678167

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21683332

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757

Source: CONFIRM
Type: UNKNOWN
http://www.blackberry.com/btsc/KB36051

Source: DEBIAN
Type: UNKNOWN
DSA-2931

Source: CONFIRM
Type: UNKNOWN
http://www.fortiguard.com/advisory/FG-IR-14-018/

Source: CONFIRM
Type: UNKNOWN
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm

Source: CONFIRM
Type: UNKNOWN
http://www.ibm.com/support/docview.wss?uid=swg21676356

Source: CONFIRM
Type: UNKNOWN
http://www.ibm.com/support/docview.wss?uid=swg24037783

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2014:080

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2015:062

Source: OPENBSD
Type: UNKNOWN
[5.5] 005: RELIABILITY FIX: May 1, 2014

Source: CONFIRM
Type: UNKNOWN
http://www.openssl.org/news/secadv_20140605.txt

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Source: BUGTRAQ
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: BID
Type: UNKNOWN
67193

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2014-0006.html

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=1093837

Source: XF
Type: UNKNOWN
openssl-cve20140198-dos(93000)

Source: CONFIRM
Type: UNKNOWN
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946

Source: CONFIRM
Type: UNKNOWN
https://kb.bluecoat.com/index?page=content&id=SA80

Source: CONFIRM
Type: UNKNOWN
https://kc.mcafee.com/corporate/index?page=content&id=SB10075

Source: CONFIRM
Type: UNKNOWN
https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321

Source: CONFIRM
Type: UNKNOWN
https://www.novell.com/support/kb/doc.php?id=7015271

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20140198
    V
    CVE-2014-0198
    2017-11-24
    oval:org.mitre.oval:def:28333
    P
    SUSE-SU-2015:0743-1 -- Security update for mariadb (important)
    2015-08-17
    oval:org.mitre.oval:def:27123
    P
    ELSA-2014-0679 -- openssl security update (important)
    2015-02-23
    oval:org.mitre.oval:def:25014
    P
    RHSA-2014:0679: openssl security update (Important)
    2014-09-08
    oval:org.mitre.oval:def:25171
    P
    ELSA-2014:0625: openssl security update (Important)
    2014-09-01
    oval:org.mitre.oval:def:25035
    V
    AIX OpenSSL SSL_MODE_RELEASE_BUFFERS NULL pointer dereference
    2014-08-11
    oval:org.mitre.oval:def:25058
    V
    Vulnerability in OpenSSL 1.x through 1.0.1g allows remote attackers to cause a denial of service
    2014-08-04
    oval:org.mitre.oval:def:24892
    P
    RHSA-2014:0625: openssl security update (Important)
    2014-07-21
    oval:org.mitre.oval:def:24737
    P
    USN-2192-1 -- openssl vulnerabilities
    2014-07-07
    oval:com.redhat.rhsa:def:20140679
    P
    RHSA-2014:0679: openssl security update (Important)
    2014-06-10
    oval:com.redhat.rhsa:def:20140625
    P
    RHSA-2014:0625: openssl security update (Important)
    2014-06-05
    oval:com.ubuntu.precise:def:20140198000
    V
    CVE-2014-0198 on Ubuntu 12.04 LTS (precise) - medium.
    2014-05-06
    oval:com.ubuntu.trusty:def:20140198000
    V
    CVE-2014-0198 on Ubuntu 14.04 LTS (trusty) - medium.
    2014-05-06
    BACK
    openssl openssl 1.0.0
    openssl openssl 1.0.0 beta1
    openssl openssl 1.0.0 beta2
    openssl openssl 1.0.0 beta3
    openssl openssl 1.0.0 beta4
    openssl openssl 1.0.0 beta5
    openssl openssl 1.0.0a
    openssl openssl 1.0.0b
    openssl openssl 1.0.0c
    openssl openssl 1.0.0d
    openssl openssl 1.0.0e
    openssl openssl 1.0.0f
    openssl openssl 1.0.0g
    openssl openssl 1.0.0h
    openssl openssl 1.0.0i
    openssl openssl 1.0.0j
    openssl openssl 1.0.0k
    openssl openssl 1.0.0l
    openssl openssl 1.0.1
    openssl openssl 1.0.1 beta1
    openssl openssl 1.0.1 beta2
    openssl openssl 1.0.1 beta3
    openssl openssl 1.0.1a
    openssl openssl 1.0.1b
    openssl openssl 1.0.1c
    openssl openssl 1.0.1d
    openssl openssl 1.0.1e
    openssl openssl 1.0.1f
    openssl openssl 1.0.1g
    redhat enterprise_linux 6
    redhat enterprise_linux 7