ID de Prueba:	1.3.6.1.4.1.25623.1.0.150708
Categoría:	Denial of Service
Título:	OpenSSL DoS Vulnerability (20141015) - Linux
Resumen:	OpenSSL is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: OpenSSL is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Affected Software/OS: OpenSSL version 1.0.1 through 1.0.1i. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected. Solution: Update to version 1.0.1j or later. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3513 http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html BugTraq ID: 70584 http://www.securityfocus.com/bid/70584 Debian Security Information: DSA-3053 (Google Search) http://www.debian.org/security/2014/dsa-3053 http://security.gentoo.org/glsa/glsa-201412-39.xml HPdes Security Advisory: HPSBGN03233 http://marc.info/?l=bugtraq&m=142118135300698&w=2 HPdes Security Advisory: HPSBHF03300 http://marc.info/?l=bugtraq&m=142804214608580&w=2 HPdes Security Advisory: HPSBMU03223 http://marc.info/?l=bugtraq&m=143290583027876&w=2 HPdes Security Advisory: HPSBMU03260 http://marc.info/?l=bugtraq&m=142495837901899&w=2 HPdes Security Advisory: HPSBMU03261 http://marc.info/?l=bugtraq&m=143290522027658&w=2 HPdes Security Advisory: HPSBMU03263 http://marc.info/?l=bugtraq&m=143290437727362&w=2 HPdes Security Advisory: HPSBMU03267 http://marc.info/?l=bugtraq&m=142624590206005&w=2 HPdes Security Advisory: HPSBMU03296 http://marc.info/?l=bugtraq&m=142834685803386&w=2 HPdes Security Advisory: HPSBMU03304 http://marc.info/?l=bugtraq&m=142791032306609&w=2 HPdes Security Advisory: SSRT101739 HPdes Security Advisory: SSRT101868 HPdes Security Advisory: SSRT101894 http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 NETBSD Security Advisory: NetBSD-SA2014-015 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc RedHat Security Advisories: RHSA-2014:1652 http://rhn.redhat.com/errata/RHSA-2014-1652.html RedHat Security Advisories: RHSA-2014:1692 http://rhn.redhat.com/errata/RHSA-2014-1692.html http://www.securitytracker.com/id/1031052 http://secunia.com/advisories/59627 http://secunia.com/advisories/61058 http://secunia.com/advisories/61073 http://secunia.com/advisories/61207 http://secunia.com/advisories/61298 http://secunia.com/advisories/61439 http://secunia.com/advisories/61837 http://secunia.com/advisories/61959 http://secunia.com/advisories/61990 http://secunia.com/advisories/62070 SuSE Security Announcement: SUSE-SU-2014:1357 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html SuSE Security Announcement: openSUSE-SU-2014:1331 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html http://www.ubuntu.com/usn/USN-2385-1
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.