Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2014-3511
Description:The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue.
Test IDs: 1.3.6.1.4.1.25623.1.0.123331   1.3.6.1.4.1.25623.1.0.123280  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-3511
BugTraq ID: 69079
http://www.securityfocus.com/bid/69079
Debian Security Information: DSA-2998 (Google Search)
http://www.debian.org/security/2014/dsa-2998
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html
FreeBSD Security Advisory: FreeBSD-SA-14:18
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc
http://security.gentoo.org/glsa/glsa-201412-39.xml
HPdes Security Advisory: HPSBHF03293
http://marc.info/?l=bugtraq&m=142660345230545&w=2
HPdes Security Advisory: HPSBMU03216
http://marc.info/?l=bugtraq&m=142350350616251&w=2
HPdes Security Advisory: HPSBMU03260
http://marc.info/?l=bugtraq&m=142495837901899&w=2
HPdes Security Advisory: HPSBMU03261
http://marc.info/?l=bugtraq&m=143290522027658&w=2
HPdes Security Advisory: HPSBMU03263
http://marc.info/?l=bugtraq&m=143290437727362&w=2
HPdes Security Advisory: HPSBMU03267
http://marc.info/?l=bugtraq&m=142624590206005&w=2
HPdes Security Advisory: HPSBMU03304
http://marc.info/?l=bugtraq&m=142791032306609&w=2
HPdes Security Advisory: SSRT101818
http://marc.info/?l=bugtraq&m=142350350616251&w=2
HPdes Security Advisory: SSRT101846
http://marc.info/?l=bugtraq&m=142660345230545&w=2
HPdes Security Advisory: SSRT101894
http://marc.info/?l=bugtraq&m=142495837901899&w=2
https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html
NETBSD Security Advisory: NetBSD-SA2014-008
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc
RedHat Security Advisories: RHSA-2015:0126
http://rhn.redhat.com/errata/RHSA-2015-0126.html
RedHat Security Advisories: RHSA-2015:0197
http://rhn.redhat.com/errata/RHSA-2015-0197.html
http://www.securitytracker.com/id/1030693
http://secunia.com/advisories/58962
http://secunia.com/advisories/59700
http://secunia.com/advisories/59710
http://secunia.com/advisories/59756
http://secunia.com/advisories/59887
http://secunia.com/advisories/60022
http://secunia.com/advisories/60221
http://secunia.com/advisories/60377
http://secunia.com/advisories/60493
http://secunia.com/advisories/60684
http://secunia.com/advisories/60803
http://secunia.com/advisories/60810
http://secunia.com/advisories/60890
http://secunia.com/advisories/60917
http://secunia.com/advisories/60921
http://secunia.com/advisories/60938
http://secunia.com/advisories/61017
http://secunia.com/advisories/61043
http://secunia.com/advisories/61100
http://secunia.com/advisories/61139
http://secunia.com/advisories/61184
http://secunia.com/advisories/61775
http://secunia.com/advisories/61959
SuSE Security Announcement: openSUSE-SU-2014:1052 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html
XForce ISS Database: openssl-cve20143511-sec-bypass(95162)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95162




© 1998-2021 E-Soft Inc. All rights reserved.