JVN/CVE Demo: Cveinfos

CVE

Id: 72436
CVE No.: CVE-2014-5139
Status: Candidate
Description: The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client.
Phase: Assigned (20140730)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
684313	72436	CVE-2014-5139	MLIST:[syslog-ng-announce] 20140910 syslog-ng Premium Edition 5 LTS (5.0.6a) has been released	View
684314	72436	CVE-2014-5139	URL:https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html	View
684315	72436	CVE-2014-5139	CONFIRM:https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=80bd7b41b30af6ee96f519e629463583318de3b0	View
684316	72436	CVE-2014-5139	CONFIRM:https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=83764a989dcc87fbea337da5f8f86806fe767b7e	View
684317	72436	CVE-2014-5139	CONFIRM:https://www.openssl.org/news/secadv_20140806.txt	View
684318	72436	CVE-2014-5139	CONFIRM:http://www.tenable.com/security/tns-2014-06	View
684319	72436	CVE-2014-5139	CONFIRM:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc	View
684320	72436	CVE-2014-5139	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21686997	View
684321	72436	CVE-2014-5139	CONFIRM:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm	View
684322	72436	CVE-2014-5139	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21682293	View
684323	72436	CVE-2014-5139	CONFIRM:http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html	View
684324	72436	CVE-2014-5139	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21683389	View
684325	72436	CVE-2014-5139	CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240	View
684326	72436	CVE-2014-5139	DEBIAN:DSA-2998	View
684327	72436	CVE-2014-5139	URL:http://www.debian.org/security/2014/dsa-2998	View
684328	72436	CVE-2014-5139	FREEBSD:FreeBSD-SA-14:18	View
684329	72436	CVE-2014-5139	URL:https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc	View
684330	72436	CVE-2014-5139	GENTOO:GLSA-201412-39	View
684331	72436	CVE-2014-5139	URL:http://security.gentoo.org/glsa/glsa-201412-39.xml	View
684332	72436	CVE-2014-5139	HP:HPSBMU03260	View
684333	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142495837901899&w=2	View
684334	72436	CVE-2014-5139	HP:SSRT101894	View
684335	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142495837901899&w=2	View
684336	72436	CVE-2014-5139	HP:HPSBMU03216	View
684337	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142350350616251&w=2	View
684338	72436	CVE-2014-5139	HP:SSRT101818	View
684339	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142350350616251&w=2	View
684340	72436	CVE-2014-5139	HP:HPSBMU03259	View
684341	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142624619906067&w=2	View
684342	72436	CVE-2014-5139	HP:HPSBMU03262	View
684343	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142624719706349&w=2	View
684344	72436	CVE-2014-5139	HP:HPSBMU03267	View
684345	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142624590206005&w=2	View
684346	72436	CVE-2014-5139	HP:HPSBMU03283	View
684347	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142624679706236&w=2	View
684348	72436	CVE-2014-5139	HP:SSRT101916	View
684349	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142624679706236&w=2	View
684350	72436	CVE-2014-5139	HP:SSRT101921	View
684351	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142624719706349&w=2	View
684352	72436	CVE-2014-5139	HP:SSRT101922	View
684353	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142624619906067	View
684354	72436	CVE-2014-5139	HP:HPSBHF03293	View
684355	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142660345230545&w=2	View
684356	72436	CVE-2014-5139	HP:SSRT101846	View
684357	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142660345230545&w=2	View
684358	72436	CVE-2014-5139	HP:HPSBMU03304	View
684359	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=142791032306609&w=2	View
684360	72436	CVE-2014-5139	HP:HPSBMU03261	View
684361	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=143290522027658&w=2	View
684362	72436	CVE-2014-5139	HP:HPSBMU03263	View
684363	72436	CVE-2014-5139	URL:http://marc.info/?l=bugtraq&m=143290437727362&w=2	View
684364	72436	CVE-2014-5139	NETBSD:NetBSD-SA2014-008	View
684365	72436	CVE-2014-5139	URL:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc	View
684366	72436	CVE-2014-5139	SUSE:openSUSE-SU-2014:1052	View
684367	72436	CVE-2014-5139	URL:http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html	View
684368	72436	CVE-2014-5139	BID:69077	View
684369	72436	CVE-2014-5139	URL:http://www.securityfocus.com/bid/69077	View
684370	72436	CVE-2014-5139	SECTRACK:1030693	View
684371	72436	CVE-2014-5139	URL:http://www.securitytracker.com/id/1030693	View
684372	72436	CVE-2014-5139	SECUNIA:60810	View
684373	72436	CVE-2014-5139	URL:http://secunia.com/advisories/60810	View
684374	72436	CVE-2014-5139	SECUNIA:60917	View
684375	72436	CVE-2014-5139	URL:http://secunia.com/advisories/60917	View
684376	72436	CVE-2014-5139	SECUNIA:60921	View
684377	72436	CVE-2014-5139	URL:http://secunia.com/advisories/60921	View
684378	72436	CVE-2014-5139	SECUNIA:61775	View
684379	72436	CVE-2014-5139	URL:http://secunia.com/advisories/61775	View
684380	72436	CVE-2014-5139	SECUNIA:61959	View
684381	72436	CVE-2014-5139	URL:http://secunia.com/advisories/61959	View
684382	72436	CVE-2014-5139	SECUNIA:59756	View
684383	72436	CVE-2014-5139	URL:http://secunia.com/advisories/59756	View
684384	72436	CVE-2014-5139	SECUNIA:60803	View
684385	72436	CVE-2014-5139	URL:http://secunia.com/advisories/60803	View
684386	72436	CVE-2014-5139	SECUNIA:61017	View
684387	72436	CVE-2014-5139	URL:http://secunia.com/advisories/61017	View
684388	72436	CVE-2014-5139	SECUNIA:61100	View
684389	72436	CVE-2014-5139	URL:http://secunia.com/advisories/61100	View
684390	72436	CVE-2014-5139	SECUNIA:61171	View
684391	72436	CVE-2014-5139	URL:http://secunia.com/advisories/61171	View
684392	72436	CVE-2014-5139	SECUNIA:61392	View
684393	72436	CVE-2014-5139	URL:http://secunia.com/advisories/61392	View
684394	72436	CVE-2014-5139	SECUNIA:61184	View
684395	72436	CVE-2014-5139	URL:http://secunia.com/advisories/61184	View
684396	72436	CVE-2014-5139	SECUNIA:59700	View
684397	72436	CVE-2014-5139	URL:http://secunia.com/advisories/59700	View
684398	72436	CVE-2014-5139	SECUNIA:59710	View
684399	72436	CVE-2014-5139	URL:http://secunia.com/advisories/59710	View
684400	72436	CVE-2014-5139	SECUNIA:60022	View
684401	72436	CVE-2014-5139	URL:http://secunia.com/advisories/60022	View
684402	72436	CVE-2014-5139	SECUNIA:60221	View
684403	72436	CVE-2014-5139	URL:http://secunia.com/advisories/60221	View
684404	72436	CVE-2014-5139	SECUNIA:60493	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
15134	JVNDB-2014-004009	Xen におけるサービス運用妨害 (DoS) の脆弱性	Xen は、ARM システム上で 64-bit カーネルを稼働する場合、異なるアドレス幅 (address width) を使用するゲストドメインからのトラップを適切に処理しないため、サービス運用妨害 (ホストクラッシュ) 状態にされる脆弱性が存在します。	CVE-2014-5147	72436	4.3		http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004009.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.39 MB
View render complete	2.95 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.69
Event: Controller.initialize	0.02
Event: Controller.startup	0.08
Controller action	570.27
Event: Controller.beforeRender	4.94
» Processing toolbar data	4.84
Rendering View	29.94
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	28.38
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.95
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.13
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/72436
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/72436
Remote Port	1201
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.154
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.14.45
Http Via	1.1 squid-proxy-5b5d847c96-mw4wx (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.154
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.154
Unique Id	aJGREbBTCb8m-3duLm6ocQAAAOI
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.154
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.154
Redirect Unique Id	aJGREbBTCb8m-3duLm6ocQAAAOI
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.154
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.154
Redirect Redirect Unique Id	aJGREbBTCb8m-3duLm6ocQAAAOI
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1754370321.3017
Request Time	1754370321

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files