CVE

Id
38814  
CVE No.
CVE-2009-1379  
Status
Candidate  
Description
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.  
Phase
Assigned (20090423)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
425993 38814 CVE-2009-1379 MLIST:[oss-security] 20090518 Re: Two OpenSSL DTLS remote DoS  View
425994 38814 CVE-2009-1379 URL:http://www.openwall.com/lists/oss-security/2009/05/18/4  View
425995 38814 CVE-2009-1379 MLIST:[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates  View
425996 38814 CVE-2009-1379 URL:http://lists.vmware.com/pipermail/security-announce/2010/000082.html  View
425997 38814 CVE-2009-1379 MISC:https://launchpad.net/bugs/cve/2009-1379  View
425998 38814 CVE-2009-1379 CONFIRM:http://rt.openssl.org/Ticket/Display.html?id=1923&user=guest&pass=guest  View
425999 38814 CVE-2009-1379 CONFIRM:http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net  View
426000 38814 CVE-2009-1379 CONFIRM:http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html  View
426001 38814 CVE-2009-1379 CONFIRM:https://kb.bluecoat.com/index?page=content&id=SA50  View
426002 38814 CVE-2009-1379 GENTOO:GLSA-200912-01  View
426003 38814 CVE-2009-1379 URL:http://security.gentoo.org/glsa/glsa-200912-01.xml  View
426004 38814 CVE-2009-1379 HP:HPSBMA02492  View
426005 38814 CVE-2009-1379 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444  View
426006 38814 CVE-2009-1379 HP:SSRT100079  View
426007 38814 CVE-2009-1379 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444  View
426008 38814 CVE-2009-1379 NETBSD:NetBSD-SA2009-009  View
426009 38814 CVE-2009-1379 URL:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc  View
426010 38814 CVE-2009-1379 REDHAT:RHSA-2009:1335  View
426011 38814 CVE-2009-1379 URL:http://www.redhat.com/support/errata/RHSA-2009-1335.html  View
426012 38814 CVE-2009-1379 SLACKWARE:SSA:2010-060-02  View
426013 38814 CVE-2009-1379 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049  View
426014 38814 CVE-2009-1379 SUSE:SUSE-SR:2009:011  View
426015 38814 CVE-2009-1379 URL:http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html  View
426016 38814 CVE-2009-1379 UBUNTU:USN-792-1  View
426017 38814 CVE-2009-1379 URL:http://www.ubuntu.com/usn/USN-792-1  View
426018 38814 CVE-2009-1379 BID:35138  View
426019 38814 CVE-2009-1379 URL:http://www.securityfocus.com/bid/35138  View
426020 38814 CVE-2009-1379 OVAL:oval:org.mitre.oval:def:6848  View
426021 38814 CVE-2009-1379 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6848  View
426022 38814 CVE-2009-1379 OVAL:oval:org.mitre.oval:def:9744  View
426023 38814 CVE-2009-1379 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9744  View
426024 38814 CVE-2009-1379 SECTRACK:1022241  View
426025 38814 CVE-2009-1379 URL:http://www.securitytracker.com/id?1022241  View
426026 38814 CVE-2009-1379 SECUNIA:35416  View
426027 38814 CVE-2009-1379 URL:http://secunia.com/advisories/35416  View
426028 38814 CVE-2009-1379 SECUNIA:35461  View
426029 38814 CVE-2009-1379 URL:http://secunia.com/advisories/35461  View
426030 38814 CVE-2009-1379 SECUNIA:35571  View
426031 38814 CVE-2009-1379 URL:http://secunia.com/advisories/35571  View
426032 38814 CVE-2009-1379 SECUNIA:35729  View
426033 38814 CVE-2009-1379 URL:http://secunia.com/advisories/35729  View
426034 38814 CVE-2009-1379 SECUNIA:37003  View
426035 38814 CVE-2009-1379 URL:http://secunia.com/advisories/37003  View
426036 38814 CVE-2009-1379 SECUNIA:38761  View
426037 38814 CVE-2009-1379 URL:http://secunia.com/advisories/38761  View
426038 38814 CVE-2009-1379 SECUNIA:38794  View
426039 38814 CVE-2009-1379 URL:http://secunia.com/advisories/38794  View
426040 38814 CVE-2009-1379 SECUNIA:38834  View
426041 38814 CVE-2009-1379 URL:http://secunia.com/advisories/38834  View
426042 38814 CVE-2009-1379 SECUNIA:42724  View
426043 38814 CVE-2009-1379 URL:http://secunia.com/advisories/42724  View
426044 38814 CVE-2009-1379 SECUNIA:42733  View
426045 38814 CVE-2009-1379 URL:http://secunia.com/advisories/42733  View
426046 38814 CVE-2009-1379 SECUNIA:36533  View
426047 38814 CVE-2009-1379 URL:http://secunia.com/advisories/36533  View
426048 38814 CVE-2009-1379 VUPEN:ADV-2009-1377  View
426049 38814 CVE-2009-1379 URL:http://www.vupen.com/english/advisories/2009/1377  View
426050 38814 CVE-2009-1379 VUPEN:ADV-2010-0528  View
426051 38814 CVE-2009-1379 URL:http://www.vupen.com/english/advisories/2010/0528  View
426052 38814 CVE-2009-1379 XF:openssl-dtls1retrievebufferedfragment-dos(50661)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
44947 JVNDB-2009-005954 mathTex の mathtex.cgi における任意のコマンドを実行される脆弱性 2009-07-13 以前にダウンロードされた mathTex の mathtex.cgi の getdirective 関数には、任意のコマンドを実行される脆弱性が存在します。 CVE-2009-1383 38814 10 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005954.html  View