Lucene search
F5F5:K15551553HistoryMar 06, 2017 - 12:00 a.m.
K15551553 : OpenSSL vulnerability CVE-2017-3730
2017-03-0600:00:00
my.f5.com
20
Security Advisory Description
In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack. (CVE-2017-3730)
Impact
There is no impact; F5 products are not affected by this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 | |
| big-ip afm | eq | 12.0.0 |
Related
exploitpack
exploitpack
OpenSSL 1.1.0 - Remote Client Denial of Service
2017-01-26 00:00:00
nvd
nvd
CVE-2017-3730
2017-05-04 19:29:00
ibm
ibm
cve
cve
CVE-2017-3730
2017-05-04 19:29:00
redhatcve
redhatcve
CVE-2017-3730
2017-01-26 15:47:39
openssl
openssl
Vulnerability in OpenSSL CVE-2017-3730
2017-01-26 00:00:00
osv
osv
CVE-2017-3730
2017-05-04 19:29:00
ubuntucve
ubuntucve
CVE-2017-3730
2017-05-04 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenSSL DHE and ECDHE Parameters NULL Pointer Dereference (CVE-2017-3730)
2017-02-28 00:00:00
openvas
openvas
OpenSSL Bad (EC)DHE Parameters DoS Vulnerability - Linux
2017-02-09 00:00:00
OpenSSL Bad (EC)DHE Parameters DoS Vulnerability - Windows
2017-02-09 00:00:00
prion
prion
Null pointer dereference
2017-05-04 19:29:00
debiancve
debiancve
CVE-2017-3730
2017-05-04 19:29:00
hackerone
hackerone
zdt
zdt
OpenSSL 1.1.0 - Remote Client Denial of Service Exploit
2017-01-31 00:00:00
cvelist
cvelist
CVE-2017-3730 Bad (EC)DHE parameters cause a client crash
2017-01-26 00:00:00
packetstorm
packetstorm
OpenSSL 1.1.0 Remote Client Denial Of Service
2017-01-31 00:00:00
exploitdb
exploitdb
OpenSSL 1.1.0 - Remote Client Denial of Service
2017-01-26 00:00:00
nessus
nessus
OpenSSL 1.1.0 < 1.1.0d Multiple Vulnerabilities
2017-02-02 00:00:00
OpenSSL 1.1.0 < 1.1.0d Multiple Vulnerabilities
2017-01-30 00:00:00
GLSA-201702-07 : OpenSSL: Multiple vulnerabilities
2017-02-15 00:00:00
symantec
symantec
SA141 : OpenSSL Vulnerabilities 26-Jan-2017
2017-02-09 08:00:00
huawei
huawei
Security Advisory - Three OpenSSL Vulnerabilities in Huawei Products
2017-05-03 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2017-02-14 00:00:00
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2017-01-26 00:00:00
nodejsblog
nodejsblog
OpenSSL update, 1.0.2k
2017-01-27 00:00:00
fortinet
fortinet
OpenSSL Security Advisory [26 Jan 2017]
2018-07-13 00:00:00
cisco
cisco
mageia
mageia
Updated virtualbox packages fix security vulnerabilities
2017-10-27 10:16:04
oracle
oracle
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00
Oracle Critical Patch Update Advisory - April 2017
2017-04-18 00:00:00
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00