exploit the possibilities
Showing 1 - 25 of 36 RSS Feed

CVE-2014-0195

Status Candidate

Overview

The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.

Related Files

HP Security Bulletin HPSBST03642 3
Posted Jan 25, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03642 3 - Security vulnerabilities in OpenSSL and OpenSSH were addressed in HPE StoreVirtual products using LeftHand OS. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information, additional OpenSSL and OpenSSH vulnerabilities which could be remotely exploited resulting in arbitrary code execution, unauthorized access, disclosure of information, or Denial of Service (DoS). Revision 3 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3566, CVE-2016-0705
MD5 | 2a7fc4c484132a88fb19a3bff6be7eaa
Mandriva Linux Security Advisory 2015-062
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-062 - Multiple vulnerabilities has been discovered and corrected in openssl. The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0160, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206, CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293
MD5 | 9412decee50df63b317420ad5180fc9f
HP Security Bulletin HPSBHF03293
Posted Mar 18, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03293 1 - Potential security vulnerabilities have been identified with HP Virtual Connect 8Gb 24-Port FC Module running OpenSSL and Bash including heartbleed, padding oracle, and shellshock issues. Revision 1 of this advisory.

tags | advisory, vulnerability, bash
advisories | CVE-2009-3555, CVE-2014-0160, CVE-2014-0195, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512, CVE-2014-3566, CVE-2014-5139
MD5 | 2dc875ac3e85c020efbbad0374960f27
Apple Security Advisory 2014-09-17-3
Posted Sep 19, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-09-17-3 - OS X Mavericks 10.9.5 and Security Update 2014-004 are now available and address PHP code execution, Bluetooth API validation, PDF handling, and various other vulnerabilities.

tags | advisory, php, vulnerability, code execution
systems | apple, osx
advisories | CVE-2013-7345, CVE-2014-0076, CVE-2014-0185, CVE-2014-0195, CVE-2014-0207, CVE-2014-0221, CVE-2014-0224, CVE-2014-0237, CVE-2014-0238, CVE-2014-1391, CVE-2014-1943, CVE-2014-2270, CVE-2014-2525, CVE-2014-3470, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3515, CVE-2014-3981, CVE-2014-4049, CVE-2014-4350, CVE-2014-4374, CVE-2014-4376, CVE-2014-4377, CVE-2014-4378, CVE-2014-4379, CVE-2014-4381
MD5 | fc28042ffd26443278d5bacc74e2c78e
HP Security Bulletin HPSBMU03076 2
Posted Aug 26, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03076 2 - Potential security vulnerabilities have been identified with HP Systems Insight Manager running on Linux and Windows which could be exploited remotely resulting in multiple vulnerabilities. Revision 2 of this advisory.

tags | advisory, vulnerability
systems | linux, windows
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | fc0fb1a5c99c50587972068ea54dd519
EMC Documentum Code Execution / DQL Injection
Posted Aug 19, 2014
Site emc.com

EMC Documentum suffers from code execution, DQL injection, information disclosure, and multiple openssl vulnerabilities. Nicolas Gregoire provided the following PoC for the DQL injection: x'+UNION+ALL+SELECT+'z',user_os_name,user_name,default_folder+FROM+dm_user+ENABLE+(RETURN_TOP+10);

tags | advisory, vulnerability, code execution, info disclosure
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-2520, CVE-2014-2521, CVE-2014-3470, CVE-2014-4618
MD5 | 195d54f55c648fad9271c1531c1e58bd
Ubuntu Security Notice USN-2232-4
Posted Aug 18, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2232-4 - USN-2232-1 fixed vulnerabilities in OpenSSL. One of the patch backports for Ubuntu 10.04 LTS caused a regression for certain applications. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 9d238865528a67ca94e99c7fd79ce21e
HP Security Bulletin HPSBMU03062
Posted Aug 8, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03062 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) running on Linux and Windows. These components of HP Insight Control server deployment could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information. HP Insight Control server deployment packages HP System Management Homepage (SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following components. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, windows
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | a5b9594c915060ca771d3ef479ffd948
Gentoo Linux Security Advisory 201407-05
Posted Jul 28, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201407-5 - Multiple vulnerabilities have been found in OpenSSL, possibly allowing remote attackers to execute arbitrary code. Versions less than 1.0.1h-r1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-5298, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | a4bd592dd793d5371924c274f2bf1d18
HP Security Bulletin HPSBMU03076
Posted Jul 24, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03076 - Potential security vulnerabilities have been identified with HP Systems Insight Manager running on Linux and Windows which could be exploited remotely resulting in multiple vulnerabilities. Revision 1 of this advisory.

tags | advisory, vulnerability
systems | linux, windows
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 78abb553bb8284ca617ee022596963bb
HP Security Bulletin HPSBMU03074
Posted Jul 24, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03074 - Potential security vulnerabilities have been identified with HP Insight Control server migration running on Linux and Windows which could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, windows
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 89c6a01d103437d13c08d2549cf36f2a
HP Security Bulletin HPSBMU03069
Posted Jul 11, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03069 - Potential security vulnerabilities have been identified with HP Software Operation Orchestration. The vulnerabilities could be exploited to allow remote code execution, denial of service (DoS) and disclosure of information. This OpenSSL vulnerabilities were detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some HP Software products. This bulletin notifies HP Software customers about products affected by the OpenSSL vulnerabilities. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability, code execution
advisories | CVE-2014-0195, CVE-2014-0221, CVE-2014-3470
MD5 | b47184e2ce447b660468952f7046e151
HP Security Bulletin HPSBMU03065
Posted Jul 9, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03065 - A potential security vulnerability has been identified with HP Operations Analytics. The vulnerability could be exploited to allow remote code execution, denial of service (DoS) and disclosure of information. This OpenSSL vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some HP Software products. This bulletin notifies HP Software customers about products affected by the OpenSSL vulnerabilities Note: OpenSSL vulnerabilities, are vulnerabilities found in the OpenSSL product cryptographic software library product. This weakness potentially allows Man in the Middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. The impacted products appear in the list below are vulnerable due to embedding of OpenSSL standard release software. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability, code execution
advisories | CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 6a1e1d9375278335c81e18c973fdb072
HP Security Bulletin HPSBGN03050
Posted Jul 9, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03050 - Potential security vulnerabilities have been identified with HP IceWall SSO Dfw and HP IceWall MCRP running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2014-0076, CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 1c13d6a9c3efdd37f5a926d6bee2bae5
HP Security Bulletin HPSBMU03051 2
Posted Jul 6, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03051 2 - Potential security vulnerabilities have been identified with HP System Management Homepage running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 2 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux, windows
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | c403a60a2c4f946fe996f5824dc17f78
HP Security Bulletin HPSBMU03055
Posted Jul 2, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03055 - Potential security vulnerabilities have been identified with HP Smart Update Manager (HP SUM) running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2010-5298, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | bda9eec02275b30eeeecfbd867c17dfc
HP Security Bulletin HPSBMU03056
Posted Jun 27, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03056 - Potential security vulnerabilities have been identified with HP Version Control Repository Manager (HP VCRM) running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux, windows
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | c593afb8ed3278760c923d0566ff0faf
HP Security Bulletin HPSBMU03057
Posted Jun 27, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03057 - Potential security vulnerabilities have been identified with HP Version Control Agent (HP VCA) running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux, windows
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | c19a68128ba8889a700b22211e6d6ec2
HP Security Bulletin HPSBMU03051
Posted Jun 25, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03051 - Potential security vulnerabilities have been identified with HP System Management Homepage running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux, windows
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 854a1f36774eefb78b4e48e7864254e8
Ubuntu Security Notice USN-2232-3
Posted Jun 24, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2232-3 - USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use renegotiation, such as PostgreSQL. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | b2922f1efa37dabffe1ada1b3ce75ca3
HP Security Bulletin HPSBOV03047
Posted Jun 19, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03047 - Potential security vulnerabilities have been identified with HP OpenVMS running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2014-0076, CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 12bd5186b3011264435ff20c384bd327
HP Security Bulletin HPSBUX03046 SSRT101590 2
Posted Jun 17, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03046 SSRT101590 2 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, bypass security restrictions, disclose information, or allow unauthorized access. Revision 2 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-0076, CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 0713de23cf2c472ecfc4bd2121483262
Debian Security Advisory 2950-2
Posted Jun 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2950-2 - This update updates the upstream fix for CVE-2014-0224 to address problems with CCS which could result in problems with the Postgres database.

tags | advisory
systems | linux, debian
advisories | CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 298c3fdb2a8d3cba2bb81e4385a01265
HP Security Bulletin HPSBUX03046 SSRT101590
Posted Jun 13, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03046 SSRT101590 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, bypass security restrictions, disclose information, or allow unauthorized access. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-0076, CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 2d88d40709179c983042cfde9223693f
Ubuntu Security Notice USN-2232-2
Posted Jun 13, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2232-2 - USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use tls_session_secret_cb, such as wpa_supplicant. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 1930c3c35eb43e31c6a9743e115aa9bf
Page 1 of 2
Back12Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    2 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    16 Files
  • 13
    Feb 13th
    19 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    20 Files
  • 20
    Feb 20th
    33 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close