Lucene search
F5F5:K15567HistorySep 05, 2014 - 12:00 a.m.
K15567 : OpenSSL vulnerability CVE-2014-5139
2014-09-0500:00:00
my.f5.com
30
Security Advisory Description
The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client. (CVE-2014-5139)
Impact
An attacker may be able to cause a denial-of-service (DoS) attack by specifying a Secure Remote Password (SRP) ciphersuite, even if it was not properly negotiated with the client.
Related
checkpoint_advisories
checkpoint_advisories
OpenSSL TLS Missing SRP Extension Denial of Service (CVE-2014-5139)
2015-01-27 00:00:00
ubuntucve
ubuntucve
CVE-2014-5139
2014-08-07 00:00:00
f5
f5
SOL15567 - OpenSSL vulnerability CVE-2014-5139
2014-09-05 00:00:00
veracode
veracode
Denial Of Service (DoS) Through Null Pointer Dereference
2017-02-06 05:58:10
cve
cve
CVE-2014-5139
2014-08-13 23:55:07
CVE-2014-2970
2014-07-31 05:06:15
prion
prion
Null pointer dereference
2014-08-13 23:55:00
Design/Logic Flaw
2014-07-31 05:06:00
nvd
nvd
CVE-2014-5139
2014-08-13 23:55:07
CVE-2014-2970
2014-07-31 05:06:15
openssl
openssl
Vulnerability in OpenSSL - Crash with SRP ciphersuite in Server Hello message
2014-08-06 00:00:00
debiancve
debiancve
CVE-2014-5139
2014-08-13 23:55:07
cvelist
cvelist
CVE-2014-5139
2014-08-13 23:00:00
ibm
ibm
openvas
openvas
OpenSSL Multiple Vulnerabilities (20140806 - 2) - Linux
2021-07-19 00:00:00
OpenSSL Multiple Vulnerabilities (20140806 - 2) - Windows
2021-07-19 00:00:00
Mageia: Security Advisory (MGASA-2014-0325)
2022-01-28 00:00:00
nessus
nessus
Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10649)
2014-10-14 00:00:00
Oracle Solaris Third-Party Patch Update : openssl (cve_2014_3505_denial_of)
2015-01-19 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:18.openssl
2014-09-09 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2014-08-07 00:00:00
huawei
huawei
Security Advisory-9 OpenSSL vulnerabilities on Huawei products
2014-10-08 00:00:00
kaspersky
kaspersky
KLA10343 Multiple vulnerabilities in Stunnel
2014-08-07 00:00:00
securityvulns
securityvulns
OpenSSL multiple security vulnerabilities
2014-08-07 00:00:00
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
2015-02-02 00:00:00
slackware
slackware
[slackware-security] openssl
2014-08-08 21:22:00
osv
osv
openssl - security update
2014-08-07 00:00:00
libcrypto38-2.5.0-1.1 on GA media
2024-06-15 00:00:00
libopenssl-1_1-devel-1.1.1l-1.2 on GA media
2024-06-15 00:00:00
debian
debian
[SECURITY] [DSA 2998-1] openssl security update
2014-08-06 23:44:13
aix
aix
AIX OpenSSL Denial of Service due to double free and others
2014-09-09 00:50:00
mageia
mageia
Updated openssl packages fix security vulnerabilities
2014-08-12 13:16:46
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2014-08-06 00:00:00
amazon
amazon
Medium: openssl
2014-08-07 12:26:00
altlinux
altlinux
Security fix for the ALT Linux 7 package openssl10 version 1.0.1j-alt1
2014-10-30 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 1.0.1j-alt1
2014-10-30 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2014-12-26 00:00:00