CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
84.4%
Package : polarssl
Version : 1.2.9-1~deb6u5
CVE ID : CVE-2015-5291
A flaw was found in PolarSSl and mbed TLS:
When the client creates its ClientHello message, due to insufficient
bounds checking it can overflow the heap-based buffer containing the
message while writing some extensions. Two extensions in particular could
be used by a remote attacker to trigger the overflow: the session ticket
extension and the server name indication (SNI) extension.
Although most of the vulnerable code is not present in the Squeeze
version, this upload contains at least a length check for incoming data.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | i386 | libpolarssl-dev | < 1.2.9-1~deb6u5 | libpolarssl-dev_1.2.9-1~deb6u5_i386.deb |
Debian | 8 | kfreebsd-i386 | libpolarssl-runtime | < 1.3.9-2.1+deb8u1 | libpolarssl-runtime_1.3.9-2.1+deb8u1_kfreebsd-i386.deb |
Debian | 7 | amd64 | libpolarssl-dev | < 1.2.9-1~deb7u6 | libpolarssl-dev_1.2.9-1~deb7u6_amd64.deb |
Debian | 7 | s390 | libpolarssl-dev | < 1.2.9-1~deb7u6 | libpolarssl-dev_1.2.9-1~deb7u6_s390.deb |
Debian | 7 | kfreebsd-i386 | libpolarssl-runtime | < 1.2.9-1~deb7u6 | libpolarssl-runtime_1.2.9-1~deb7u6_kfreebsd-i386.deb |
Debian | 7 | s390x | libpolarssl-runtime | < 1.2.9-1~deb7u6 | libpolarssl-runtime_1.2.9-1~deb7u6_s390x.deb |
Debian | 8 | armhf | libpolarssl-runtime | < 1.3.9-2.1+deb8u1 | libpolarssl-runtime_1.3.9-2.1+deb8u1_armhf.deb |
Debian | 7 | mipsel | libpolarssl-runtime | < 1.2.9-1~deb7u6 | libpolarssl-runtime_1.2.9-1~deb7u6_mipsel.deb |
Debian | 7 | kfreebsd-amd64 | libpolarssl-runtime | < 1.2.9-1~deb7u6 | libpolarssl-runtime_1.2.9-1~deb7u6_kfreebsd-amd64.deb |
Debian | 7 | amd64 | libpolarssl0 | < 1.2.9-1~deb7u6 | libpolarssl0_1.2.9-1~deb7u6_amd64.deb |