|
|
Log in / Subscribe / Register

openssl: multiple vulnerabilities

Package(s):openssl CVE #(s):CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-5139
Created:August 7, 2014 Updated:December 29, 2014
Description: The August 6, 2014 OpenSSL security advisory describes a number of newly fixed vulnerabilities:

  • CVE-2014-3508: various pretty-printing functions can leak information from the stack.

  • CVE-2014-5139: a malicious server can cause clients to crash with a null pointer dereference.

  • CVE-2014-3509: a malicious server can exploit a race condition to overwrite a block of freed memory.

  • CVE-2014-3505: a double-free vulnerability can be exploited to force a crash.

  • CVE-2014-3506: denial of service by forcing the consumption of large amounts of memory.

  • CVE-2014-3507: an exploitable memory leak.

  • CVE-2014-3510: a malicious server can force a client crash.

  • CVE-2014-3511: a man-in-the-middle attacker can force a downgrade to TLS 1.0.

  • CVE-2014-3512: a buffer overrun on either server or client side when SRP is in use.
Alerts:
openSUSE openSUSE-SU-2016:0640-1 libopenssl0_9_8 2016-03-03
SUSE SUSE-SU-2015:0578-1 compat-openssl097g 2015-03-24
Fedora FEDORA-2014-17576 mingw-openssl 2015-01-02
Fedora FEDORA-2014-17587 mingw-openssl 2015-01-02
Gentoo 201412-39 openssl 2014-12-25
Oracle ELSA-2014-1653 openssl 2014-10-16
Oracle ELSA-2014-1652 openssl 2014-10-16
openSUSE openSUSE-SU-2014:1052-1 openssl 2014-08-21
Scientific Linux SLSA-2014:1053-1 openssl 2014-08-14
Scientific Linux SLSA-2014:1052-1 openssl 2014-08-14
Oracle ELSA-2014-1052 openssl 2014-08-13
Oracle ELSA-2014-1052 openssl 2014-08-13
Oracle ELSA-2014-1053 openssl 2014-08-13
CentOS CESA-2014:1052 openssl 2014-08-13
CentOS CESA-2014:1052 openssl 2014-08-13
CentOS CESA-2014:1053 openssl 2014-08-13
Red Hat RHSA-2014:1052-01 openssl 2014-08-13
Red Hat RHSA-2014:1053-01 openssl 2014-08-13
Mageia MGASA-2014-0325 openssl 2014-08-12
Slackware SSA:2014-220-01 openssl 2014-08-08
Fedora FEDORA-2014-9301 openssl 2014-08-09
Fedora FEDORA-2014-9308 openssl 2014-08-09
Mandriva MDVSA-2014:158 openssl 2014-08-08
Ubuntu USN-2308-1 openssl 2014-08-07
Debian DSA-2998-1 openssl 2014-08-07
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds