CVE-2009-1379
published 2009-05-19CVE-2009-1379: Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a…
PriorityP335medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
18.24%
96.9th percentile
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssl | < openssl 0.9.8k-1 (bookworm) | openssl 0.9.8k-1 (bookworm) |
| openssl | openssl | — | — |
| openssl | openssl | >= 0 < 0.9.8k-1 | 0.9.8k-1 |
| openssl | openssl | >= 0 < 0.9.8k-1 | 0.9.8k-1 |
| openssl | openssl | >= 0 < 0.9.8k-1 | 0.9.8k-1 |
| openssl | openssl | >= 0 < 0.9.8k-1 | 0.9.8k-1 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
vendor_ubuntu5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
OpenSSL vulnerabilities
vendor_ubuntu·2009-06-25·CVSS 5.0
CVE-2009-1377 [MEDIUM] OpenSSL vulnerabilities
Title: OpenSSL vulnerabilities
Summary: OpenSSL vulnerabilities
It was discovered that OpenSSL did not limit the number of DTLS records it
would buffer when they arrived with a future epoch. A remote attacker could
cause a denial of service via memory resource consumption by sending a
large number of crafted requests. (CVE-2009-1377)
It was discovered that OpenSSL did not properly free memory when processing
DTLS fragments. A remote attacker could cause a denial of service via
memory resource consumption by sending a large number of crafted requests.
(CVE-2009-1378)
It was discovered that OpenSSL did not properly handle certain server
certificates when processing DTLS packets. A remote DTLS server could cause
a denial of service by sending a message containing a specially crafted
serve
Red Hat
OpenSSL: DTLS pointer use-after-free flaw (DoS)
vendor_redhat·2009-05-11·CVSS 5.0
CVE-2009-1379 [MEDIUM] CWE-416 OpenSSL: DTLS pointer use-after-free flaw (DoS)
OpenSSL: DTLS pointer use-after-free flaw (DoS)
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
Statement: This issue did not affect versions of openssl as shipped in Red Hat Enterprise Linux 3 and 4.
Note that both the DTLS specification and OpenSSLs implementation is still in development and unlikely to be used in production environments. There is no component shipped in Red Hat Enterprise Linux 5 using OpenSSLs DTLS implementation, except for OpenSSLs testing command line client - openssl.
Debian
CVE-2009-1379: openssl - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in...
vendor_debian·2009·CVSS 5.0
CVE-2009-1379 [MEDIUM] CVE-2009-1379: openssl - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in...
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
Scope: local
bookworm: resolved (fixed in 0.9.8k-1)
bullseye: resolved (fixed in 0.9.8k-1)
forky: resolved (fixed in 0.9.8k-1)
sid: resolved (fixed in 0.9.8k-1)
trixie: resolved (fixed in 0.9.8k-1)
GHSA
GHSA-4pw3-fcxf-f8gx: Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both
ghsa_unreviewed·2022-05-03
CVE-2009-1379 [MEDIUM] GHSA-4pw3-fcxf-f8gx: Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
OSV
CVE-2009-1379: Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both
osv·2009-05-19·CVSS 5.0
CVE-2009-1379 [MEDIUM] CVE-2009-1379: Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
No detection rules found.
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.aschttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlhttp://lists.vmware.com/pipermail/security-announce/2010/000082.htmlhttp://rt.openssl.org/Ticket/Display.html?id=1923&user=guest&pass=guesthttp://secunia.com/advisories/35416http://secunia.com/advisories/35461http://secunia.com/advisories/35571http://secunia.com/advisories/35729http://secunia.com/advisories/36533http://secunia.com/advisories/37003http://secunia.com/advisories/38761http://secunia.com/advisories/38794http://secunia.com/advisories/38834http://secunia.com/advisories/42724http://secunia.com/advisories/42733http://security.gentoo.org/glsa/glsa-200912-01.xmlhttp://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.nethttp://voodoo-circle.sourceforge.net/sa/sa-20091012-01.htmlhttp://www.openwall.com/lists/oss-security/2009/05/18/4http://www.redhat.com/support/errata/RHSA-2009-1335.htmlhttp://www.securityfocus.com/bid/35138http://www.securitytracker.com/id?1022241http://www.ubuntu.com/usn/USN-792-1http://www.vupen.com/english/advisories/2009/1377http://www.vupen.com/english/advisories/2010/0528https://exchange.xforce.ibmcloud.com/vulnerabilities/50661https://kb.bluecoat.com/index?page=content&id=SA50https://launchpad.net/bugs/cve/2009-1379https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6848https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9744ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.aschttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlhttp://lists.vmware.com/pipermail/security-announce/2010/000082.htmlhttp://rt.openssl.org/Ticket/Display.html?id=1923&user=guest&pass=guesthttp://secunia.com/advisories/35416http://secunia.com/advisories/35461http://secunia.com/advisories/35571http://secunia.com/advisories/35729http://secunia.com/advisories/36533http://secunia.com/advisories/37003http://secunia.com/advisories/38761http://secunia.com/advisories/38794http://secunia.com/advisories/38834http://secunia.com/advisories/42724http://secunia.com/advisories/42733http://security.gentoo.org/glsa/glsa-200912-01.xmlhttp://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.nethttp://voodoo-circle.sourceforge.net/sa/sa-20091012-01.htmlhttp://www.openwall.com/lists/oss-security/2009/05/18/4http://www.redhat.com/support/errata/RHSA-2009-1335.htmlhttp://www.securityfocus.com/bid/35138http://www.securitytracker.com/id?1022241http://www.ubuntu.com/usn/USN-792-1http://www.vupen.com/english/advisories/2009/1377http://www.vupen.com/english/advisories/2010/0528https://exchange.xforce.ibmcloud.com/vulnerabilities/50661https://kb.bluecoat.com/index?page=content&id=SA50https://launchpad.net/bugs/cve/2009-1379https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6848https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9744
2009-05-19
Published