JVN/CVE Demo: Cveinfos

CVE

Id: 67607
CVE No.: CVE-2014-0198
Status: Candidate
Description: The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.
Phase: Assigned (20131203)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
652277	67607	CVE-2014-0198	BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities	View
652278	67607	CVE-2014-0198	URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded	View
652279	67607	CVE-2014-0198	FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities	View
652280	67607	CVE-2014-0198	URL:http://seclists.org/fulldisclosure/2014/Dec/23	View
652281	67607	CVE-2014-0198	CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1093837	View
652282	67607	CVE-2014-0198	CONFIRM:https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321	View
652283	67607	CVE-2014-0198	CONFIRM:http://www.openssl.org/news/secadv_20140605.txt	View
652284	67607	CVE-2014-0198	CONFIRM:https://kb.bluecoat.com/index?page=content&id=SA80	View
652285	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21676035	View
652286	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21676062	View
652287	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21676419	View
652288	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21676655	View
652289	67607	CVE-2014-0198	CONFIRM:http://www.blackberry.com/btsc/KB36051	View
652290	67607	CVE-2014-0198	CONFIRM:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm	View
652291	67607	CVE-2014-0198	CONFIRM:https://kc.mcafee.com/corporate/index?page=content&id=SB10075	View
652292	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21673137	View
652293	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21677828	View
652294	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21677527	View
652295	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21677695	View
652296	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21678167	View
652297	67607	CVE-2014-0198	CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	View
652298	67607	CVE-2014-0198	CONFIRM:http://www.fortiguard.com/advisory/FG-IR-14-018/	View
652299	67607	CVE-2014-0198	CONFIRM:http://puppetlabs.com/security/cve/cve-2014-0198	View
652300	67607	CVE-2014-0198	CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html	View
652301	67607	CVE-2014-0198	CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	View
652302	67607	CVE-2014-0198	CONFIRM:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946	View
652303	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21683332	View
652304	67607	CVE-2014-0198	CONFIRM:http://advisories.mageia.org/MGASA-2014-0204.html	View
652305	67607	CVE-2014-0198	CONFIRM:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc	View
652306	67607	CVE-2014-0198	CONFIRM:http://support.citrix.com/article/CTX140876	View
652307	67607	CVE-2014-0198	CONFIRM:http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html	View
652308	67607	CVE-2014-0198	CONFIRM:http://www.ibm.com/support/docview.wss?uid=swg21676356	View
652309	67607	CVE-2014-0198	CONFIRM:http://www.ibm.com/support/docview.wss?uid=swg24037783	View
652310	67607	CVE-2014-0198	CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0006.html	View
652311	67607	CVE-2014-0198	CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629	View
652312	67607	CVE-2014-0198	CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195	View
652313	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163	View
652314	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21676529	View
652315	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21676879	View
652316	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21676889	View
652317	67607	CVE-2014-0198	CONFIRM:https://www.novell.com/support/kb/doc.php?id=7015271	View
652318	67607	CVE-2014-0198	CONFIRM:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754	View
652319	67607	CVE-2014-0198	CONFIRM:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755	View
652320	67607	CVE-2014-0198	CONFIRM:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756	View
652321	67607	CVE-2014-0198	CONFIRM:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757	View
652322	67607	CVE-2014-0198	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21677836	View
652323	67607	CVE-2014-0198	CISCO:20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products	View
652324	67607	CVE-2014-0198	URL:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl	View
652325	67607	CVE-2014-0198	DEBIAN:DSA-2931	View
652326	67607	CVE-2014-0198	URL:http://www.debian.org/security/2014/dsa-2931	View
652327	67607	CVE-2014-0198	FEDORA:FEDORA-2014-9301	View
652328	67607	CVE-2014-0198	URL:http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html	View
652329	67607	CVE-2014-0198	FEDORA:FEDORA-2014-9308	View
652330	67607	CVE-2014-0198	URL:http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html	View
652331	67607	CVE-2014-0198	GENTOO:GLSA-201407-05	View
652332	67607	CVE-2014-0198	URL:http://security.gentoo.org/glsa/glsa-201407-05.xml	View
652333	67607	CVE-2014-0198	HP:HPSBGN03068	View
652334	67607	CVE-2014-0198	URL:http://marc.info/?l=bugtraq&m=140544599631400&w=2	View
652335	67607	CVE-2014-0198	HP:HPSBHF03052	View
652336	67607	CVE-2014-0198	URL:http://marc.info/?l=bugtraq&m=141658880509699&w=2	View
652337	67607	CVE-2014-0198	HP:HPSBMU03051	View
652338	67607	CVE-2014-0198	URL:http://marc.info/?l=bugtraq&m=140448122410568&w=2	View
652339	67607	CVE-2014-0198	HP:HPSBMU03055	View
652340	67607	CVE-2014-0198	URL:http://marc.info/?l=bugtraq&m=140431828824371&w=2	View
652341	67607	CVE-2014-0198	HP:HPSBMU03056	View
652342	67607	CVE-2014-0198	URL:http://marc.info/?l=bugtraq&m=140389355508263&w=2	View
652343	67607	CVE-2014-0198	HP:HPSBMU03057	View
652344	67607	CVE-2014-0198	URL:http://marc.info/?l=bugtraq&m=140389274407904&w=2	View
652345	67607	CVE-2014-0198	HP:HPSBMU03062	View
652346	67607	CVE-2014-0198	URL:http://marc.info/?l=bugtraq&m=140752315422991&w=2	View
652347	67607	CVE-2014-0198	HP:HPSBMU03074	View
652348	67607	CVE-2014-0198	URL:http://marc.info/?l=bugtraq&m=140621259019789&w=2	View
652349	67607	CVE-2014-0198	HP:HPSBMU03076	View
652350	67607	CVE-2014-0198	URL:http://marc.info/?l=bugtraq&m=140904544427729&w=2	View
652351	67607	CVE-2014-0198	MANDRIVA:MDVSA-2015:062	View
652352	67607	CVE-2014-0198	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:062	View
652353	67607	CVE-2014-0198	MANDRIVA:MDVSA-2014:080	View
652354	67607	CVE-2014-0198	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:080	View
652355	67607	CVE-2014-0198	OPENBSD:[5.5] 005: RELIABILITY FIX: May 1, 2014	View
652356	67607	CVE-2014-0198	URL:http://www.openbsd.org/errata55.html#005_openssl	View
652357	67607	CVE-2014-0198	SUSE:openSUSE-SU-2014:0634	View
652358	67607	CVE-2014-0198	URL:http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html	View
652359	67607	CVE-2014-0198	SUSE:openSUSE-SU-2014:0635	View
652360	67607	CVE-2014-0198	URL:http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html	View
652361	67607	CVE-2014-0198	SUSE:SUSE-SU-2015:0743	View
652362	67607	CVE-2014-0198	URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html	View
652363	67607	CVE-2014-0198	BID:67193	View
652364	67607	CVE-2014-0198	URL:http://www.securityfocus.com/bid/67193	View
652365	67607	CVE-2014-0198	SECUNIA:58939	View
652366	67607	CVE-2014-0198	URL:http://secunia.com/advisories/58939	View
652367	67607	CVE-2014-0198	SECUNIA:59126	View
652368	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59126	View
652369	67607	CVE-2014-0198	SECUNIA:59162	View
652370	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59162	View
652371	67607	CVE-2014-0198	SECUNIA:59300	View
652372	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59300	View
652373	67607	CVE-2014-0198	SECUNIA:59438	View
652374	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59438	View
652375	67607	CVE-2014-0198	SECUNIA:59450	View
652376	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59450	View
652377	67607	CVE-2014-0198	SECUNIA:59491	View
652378	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59491	View
652379	67607	CVE-2014-0198	SECUNIA:59514	View
652380	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59514	View
652381	67607	CVE-2014-0198	SECUNIA:59490	View
652382	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59490	View
652383	67607	CVE-2014-0198	SECUNIA:59655	View
652384	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59655	View
652385	67607	CVE-2014-0198	SECUNIA:59721	View
652386	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59721	View
652387	67607	CVE-2014-0198	SECUNIA:59413	View
652388	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59413	View
652389	67607	CVE-2014-0198	SECUNIA:59669	View
652390	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59669	View
652391	67607	CVE-2014-0198	SECUNIA:59301	View
652392	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59301	View
652393	67607	CVE-2014-0198	SECUNIA:59666	View
652394	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59666	View
652395	67607	CVE-2014-0198	SECUNIA:59342	View
652396	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59342	View
652397	67607	CVE-2014-0198	SECUNIA:60049	View
652398	67607	CVE-2014-0198	URL:http://secunia.com/advisories/60049	View
652399	67607	CVE-2014-0198	SECUNIA:60066	View
652400	67607	CVE-2014-0198	URL:http://secunia.com/advisories/60066	View
652401	67607	CVE-2014-0198	SECUNIA:59784	View
652402	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59784	View
652403	67607	CVE-2014-0198	SECUNIA:59990	View
652404	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59990	View
652405	67607	CVE-2014-0198	SECUNIA:60571	View
652406	67607	CVE-2014-0198	URL:http://secunia.com/advisories/60571	View
652407	67607	CVE-2014-0198	SECUNIA:61254	View
652408	67607	CVE-2014-0198	URL:http://secunia.com/advisories/61254	View
652409	67607	CVE-2014-0198	SECUNIA:58667	View
652410	67607	CVE-2014-0198	URL:http://secunia.com/advisories/58667	View
652411	67607	CVE-2014-0198	SECUNIA:58714	View
652412	67607	CVE-2014-0198	URL:http://secunia.com/advisories/58714	View
652413	67607	CVE-2014-0198	SECUNIA:59190	View
652414	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59190	View
652415	67607	CVE-2014-0198	SECUNIA:59202	View
652416	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59202	View
652417	67607	CVE-2014-0198	SECUNIA:59282	View
652418	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59282	View
652419	67607	CVE-2014-0198	SECUNIA:59284	View
652420	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59284	View
652421	67607	CVE-2014-0198	SECUNIA:59398	View
652422	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59398	View
652423	67607	CVE-2014-0198	SECUNIA:59437	View
652424	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59437	View
652425	67607	CVE-2014-0198	SECUNIA:59163	View
652426	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59163	View
652427	67607	CVE-2014-0198	SECUNIA:59264	View
652428	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59264	View
652429	67607	CVE-2014-0198	SECUNIA:59287	View
652430	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59287	View
652431	67607	CVE-2014-0198	SECUNIA:59306	View
652432	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59306	View
652433	67607	CVE-2014-0198	SECUNIA:59310	View
652434	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59310	View
652435	67607	CVE-2014-0198	SECUNIA:59374	View
652436	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59374	View
652437	67607	CVE-2014-0198	SECUNIA:59440	View
652438	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59440	View
652439	67607	CVE-2014-0198	SECUNIA:59449	View
652440	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59449	View
652441	67607	CVE-2014-0198	SECUNIA:58337	View
652442	67607	CVE-2014-0198	URL:http://secunia.com/advisories/58337	View
652443	67607	CVE-2014-0198	SECUNIA:58713	View
652444	67607	CVE-2014-0198	URL:http://secunia.com/advisories/58713	View
652445	67607	CVE-2014-0198	SECUNIA:58945	View
652446	67607	CVE-2014-0198	URL:http://secunia.com/advisories/58945	View
652447	67607	CVE-2014-0198	SECUNIA:58977	View
652448	67607	CVE-2014-0198	URL:http://secunia.com/advisories/58977	View
652449	67607	CVE-2014-0198	SECUNIA:59525	View
652450	67607	CVE-2014-0198	URL:http://secunia.com/advisories/59525	View
652451	67607	CVE-2014-0198	SECUNIA:59529	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
14154	JVNDB-2014-003029	Linux Kernel の fs/aio.c 内の aio_read_events_ring 関数におけるカーネルメモリから重要な情報を取得される脆弱性	Linux Kernel の fs/aio.c 内の aio_read_events_ring 関数には、配列のインデックスエラーにより、カーネルメモリから重要な情報を取得される脆弱性が存在します。	CVE-2014-0206	67607	2.1		http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003029.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.54 MB
View render complete	3.24 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.72
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	423.27
Event: Controller.beforeRender	7.76
» Processing toolbar data	7.65
Rendering View	61.64
» Event: View.beforeRender	0.03
» Rendering APP/View/Cveinfos/view.ctp	59.90
» Event: View.afterRender	0.03
» Event: View.beforeLayout	0.03
» Rendering APP/View/Layouts/default.ctp	1.04
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.25
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/67607
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/67607
Remote Port	55321
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.1
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.145.128
Http Via	1.1 squid-proxy-5b5d847c96-56z77 (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.1
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.1
Unique Id	aOmmgrXJOCzTSn18s0T7_AAAAB0
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.1
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.1
Redirect Unique Id	aOmmgrXJOCzTSn18s0T7_AAAAB0
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.1
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.1
Redirect Redirect Unique Id	aOmmgrXJOCzTSn18s0T7_AAAAB0
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1760142978.2586
Request Time	1760142978

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files