Lucene search
OpenSSLOPENSSL:CVE-2014-0198HistoryApr 21, 2014 - 12:00 a.m.
Vulnerability in OpenSSL CVE-2014-0198
2014-04-2100:00:00
www.openssl.org
24
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
7.2 High
AI Score
Confidence
High
0.041 Low
EPSS
Percentile
92.2%
A flaw in the do_ssl3_write function can allow remote attackers to cause a denial of service via a NULL pointer dereference. This flaw only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
- Fixed in OpenSSL 1.0.1h (Affected since 1.0.1)
- Fixed in OpenSSL 1.0.0m (Affected since 1.0.0)
Related
nessus
nessus
Debian DSA-2931-1 : openssl - security update
2014-05-19 00:00:00
openSUSE Security Update : openssl (openSUSE-SU-2014:0635-1)
2014-06-13 00:00:00
Mandriva Linux Security Advisory : openssl (MDVSA-2014:080)
2014-05-09 00:00:00
debian
debian
[SECURITY] [DSA 2931-1] openssl security update
2014-05-18 12:55:05
ubuntucve
ubuntucve
CVE-2014-0198
2014-05-02 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenSSL do_ssl3_write Denial of Service (CVE-2014-0198)
2014-05-19 00:00:00
mageia
mageia
Updated openssl packages fix CVE-2014-0198
2014-05-03 20:37:45
openvas
openvas
Juniper Networks Junos OS OpenSSL Denial of Service Vulnerability
2015-01-23 00:00:00
Mageia: Security Advisory (MGASA-2014-0204)
2022-01-28 00:00:00
Debian Security Advisory DSA 2931-1 (openssl - security update)
2014-05-18 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:10.openssl
2014-05-13 00:00:00
f5
f5
K15329 : SSL_MODE_RELEASE_BUFFERS vulnerability CVE-2014-0198
2014-12-02 00:00:00
SOL15329 - SSL_MODE_RELEASE_BUFFERS vulnerability CVE-2014-0198
2014-06-13 00:00:00
debiancve
debiancve
CVE-2014-0198
2014-05-06 10:44:05
osv
osv
openssl - security update
2014-05-18 00:00:00
nvd
nvd
CVE-2014-0198
2014-05-06 10:44:05
mariadbunix
mariadbunix
CVE-2014-0198
2014-05-06 10:44:00
veracode
veracode
Denial Of Service (DoS) Through Null Pointer Dereference
2017-02-07 02:22:26
freebsd
freebsd
OpenSSL -- NULL pointer dereference / DoS
2014-05-02 00:00:00
prion
prion
Null pointer dereference
2014-05-06 10:44:00
cve
cve
CVE-2014-0198
2014-05-06 10:44:05
cvelist
cvelist
CVE-2014-0198
2014-05-06 10:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2014-05-05 00:00:00
securityvulns
securityvulns
[USN-2192-1] OpenSSL vulnerabilities
2014-05-05 00:00:00
OpenSSL race conditions
2014-05-05 00:00:00
OpenSSL multiple security vulnerabilities
2014-06-06 00:00:00
ibm
ibm
Security Bulletin: IBM Real-time Compression Appliance is exposed to the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298.
2018-06-18 00:08:27
vmware
vmware
VMware product updates address OpenSSL security vulnerabilities
2014-06-10 00:00:00
VMware product updates address OpenSSL security vulnerabilities
2014-06-10 00:00:00
ics
ics
Siemens OpenSSL Vulnerabilities (Update G)
2018-08-29 12:00:00
kaspersky
kaspersky
KLA10382 Multiple vulnerabilities in VMware
2014-06-10 00:00:00
aix
aix
AIX OpenSSL Vulnerabilities (Multiple CVEs)
2014-06-11 06:39:27
suse
suse
Security update for OpenSSL 1.0 (critical)
2014-06-06 09:04:15
slackware
slackware
[slackware-security] openssl
2014-06-06 05:27:11
oraclelinux
oraclelinux
openssl security update
2014-06-05 00:00:00
openssl security update
2014-07-23 00:00:00
redhat
redhat
(RHSA-2014:0625) Important: openssl security update
2014-06-05 00:00:00
(RHSA-2014:0628) Important: openssl security update
2014-06-05 00:00:00
(RHSA-2014:0679) Important: openssl security update
2014-06-10 00:00:00
thn
thn
OpenSSL Vulnerable to Man-in-the-Middle Attack and Several Other Bugs
2014-06-05 05:49:00
centos
centos
openssl security update
2014-06-05 13:06:47
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2014-07-27 00:00:00
huawei
huawei
Security Advisory-Multiple OpenSSL vulnerabilities on Huawei products
2014-06-13 00:00:00
fortinet
fortinet
Multiple Vulnerabilities in OpenSSL
2014-06-06 00:00:00
amazon
amazon
Important: openssl
2014-06-04 15:45:00
intel
intel
cisco
cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
2014-06-05 22:40:00
fedora
fedora
[SECURITY] Fedora 20 Update: openssl-1.0.1e-38.fc20
2014-06-05 21:55:11
[SECURITY] Fedora 19 Update: openssl-1.0.1e-38.fc19
2014-06-05 21:54:15
[SECURITY] Fedora 21 Update: mingw-openssl-1.0.1j-1.fc21
2015-01-02 05:06:53
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
7.2 High
AI Score
Confidence
High
0.041 Low
EPSS
Percentile
92.2%
Related for OPENSSL:CVE-2014-0198