2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2011-3210" ,
"sourceIdentifier" : "secalert@redhat.com" ,
"published" : "2011-09-22T10:55:03.523" ,
2024-11-22 13:11:49 +00:00
"lastModified" : "2024-11-21T01:29:59.250" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol."
} ,
{
"lang" : "es" ,
"value" : "La ef\u00edmera funcionalidad de cifrado ECDH en OpenSSL versiones v0.9.8 a v0.9.8s y v1.0.x antes de v1.0.0e no garantiza la seguridad de los subprocesos durante el procesamiento de los mensajes de 'handshake', lo que permite provocar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) a atacantes remotos a trav\u00e9s de mensajes 'desordenados' que violan el protocolo TLS."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P" ,
2024-11-22 13:11:49 +00:00
"baseScore" : 5.0 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-22 13:11:49 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-399"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8A4E446D-B9D3-45F2-9722-B41FA14A6C31"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AF4EA988-FC80-4170-8933-7C6663731981"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "64F8F53B-24A1-4877-B16E-F1917C4E4E81"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "75D3ACD5-905F-42BB-BE1A-8382E9D823BF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "766EA6F2-7FA4-4713-9859-9971CCD2FDCB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EFBC30B7-627D-48DC-8EF0-AE8FA0C6EDBA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2BB38AEA-BAF0-4920-9A71-747C24444770"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1F33EA2B-DE15-4695-A383-7A337AC38908"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "261EE631-AB43-44FE-B02A-DFAAB8D35927"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FA0E0BBF-D0BE-41A7-B9BB-C28F01000BC0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1A1365ED-4651-4AB2-A64B-43782EA2F0E8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EC82690C-DCED-47BA-AA93-4D0C9E95B806"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "43B90ED1-DAB4-4239-8AD8-87E8D568D5D2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3C9BF2DD-85EF-49CF-8D83-0DB46449E333"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "86C46AB8-52E5-4385-9C5C-F63FF9DB82AA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "564AA4E7-223E-48D8-B3E0-A461969CF530"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A82CFB41-BEA5-4B5F-BCAA-9BAED22EEAF0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "35C2AE06-B6E8-41C4-BB60-177AC4819CE6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EB15C1F3-0DE8-4A50-B17C-618ECA58AABF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "45491BD3-7C62-4422-B7DA-CB2741890FBA"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*" ,
"matchCriteriaId" : "3A2075BD-6102-4B0F-839A-836E9585F43B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*" ,
"matchCriteriaId" : "2A2FA09E-2BF7-4968-B62D-00DA57F81EA1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*" ,
"matchCriteriaId" : "F02E634E-1E3D-4E44-BADA-76F92483A732"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*" ,
"matchCriteriaId" : "FCC2B07A-49EF-411F-8A4D-89435E22B043"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*" ,
"matchCriteriaId" : "7E9480D6-3B6A-4C41-B8C1-C3F945040772"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "10FF0A06-DA61-4250-B083-67E55E362677"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8A6BA453-C150-4159-B80B-5465EFF83F11"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "638A2E69-8AB6-4FEA-852A-FEF16A500C1A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "56C47D3A-B99D-401D-B6B8-1194B2DB4809"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://cvs.openssl.org/chngview?cn=21337" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Patch"
]
} ,
{
"url" : "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://marc.info/?l=bugtraq&m=132750648501816&w=2" ,
"source" : "secalert@redhat.com"
} ,
2024-11-22 13:11:49 +00:00
{
"url" : "http://marc.info/?l=bugtraq&m=132750648501816&w=2" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://marc.info/?l=bugtraq&m=133226187115472&w=2" ,
"source" : "secalert@redhat.com"
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://marc.info/?l=bugtraq&m=133226187115472&w=2" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://openssl.org/news/secadv_20110906.txt" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
2024-04-04 08:46:00 +00:00
{
"url" : "http://secunia.com/advisories/57353" ,
"source" : "secalert@redhat.com"
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://support.apple.com/kb/HT5784" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:137" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www.securitytracker.com/id?1026012" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=736079" ,
"source" : "secalert@redhat.com"
2024-11-22 13:11:49 +00:00
} ,
{
"url" : "http://cvs.openssl.org/chngview?cn=21337" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
} ,
{
"url" : "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://marc.info/?l=bugtraq&m=132750648501816&w=2" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://marc.info/?l=bugtraq&m=132750648501816&w=2" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://marc.info/?l=bugtraq&m=133226187115472&w=2" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://marc.info/?l=bugtraq&m=133226187115472&w=2" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://openssl.org/news/secadv_20110906.txt" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/57353" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://support.apple.com/kb/HT5784" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:137" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securitytracker.com/id?1026012" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=736079" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2023-04-24 12:24:31 +02:00
}
]
}
