admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2014/CVE-2014-49xx/CVE-2014-4911.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

223 lines
7.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2014-4911",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-07-22T14:55:09.817",
"lastModified": "2015-12-04T16:21:05.270",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows remote attackers to cause a denial of service (crash) via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensics toolkit."
},
{
"lang": "es",
"value": "La funci\u00f3n ssl_decrypt_buf en library/ssl_tls.c en PolarSSL anterior a 1.2.11 y 1.3.x anterior a 1.3.8 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de vectores relacionados con los suites de cifrado GCM, tal y como fue demostrado al utilizar el juego de herramientas Codenomicon Defensics."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-310"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9400165F-7CA8-43B6-9C18-A9B68960C69D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.3.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "9E55CFB7-DD01-49EB-87CC-B7CC76B2B638"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.3.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "AD884F2C-3E94-4815-A035-E1134E55991F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F27E26E-D912-462A-AE70-90AA058B9DDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FEB54854-6DC9-44B9-A94A-671C17C1F0A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "495BE6FC-806F-489E-85EF-5F6CF3E6B068"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E56EC828-5984-4800-B366-3E3A2ED4A397"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0A5B11-E428-4B81-8125-4C26DC42733F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B085B300-6A08-4649-AB6A-167761D3138A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F43435-B2E1-4CF5-A7B7-0FD50C905783"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.10",
"matchCriteriaId": "963DEE80-E81A-4559-BBF9-4A7970F59A6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF482DF-9F5C-45D6-AA5E-D9163A710AAD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5152886-DFBB-415C-99E0-A7E645A5F86B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BD989E-FC1D-44D2-9394-C36AD18325DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE349CDB-AE50-4043-86EF-1CED401AAEFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "48FAB18E-F1C9-46B2-985E-28AC2736DB3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7C453569-3736-4FC3-87FE-8282A1572CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E86CC3C2-C0D0-420A-97FA-1862B9CF2CE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67CE5D3D-FE2C-403E-9A90-43CB04A96CD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "229B9538-A16D-4572-B9CA-5FA2E4B56D8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:polarssl:polarssl:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0E3F98E8-E610-41BC-949A-09382B612D16"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
}
]
}
]
}
],
"references": [
{
"url": "http://www.debian.org/security/2014/dsa-2981",
"source": "cve@mitre.org"
},
{
"url": "https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-02",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink