CVE-2014-3508
published 2014-08-13CVE-2014-3508: The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is…
PriorityP430medium4.3CVSS 2.0
AVNACMAuNCPINAN
EPSS
23.29%
97.5th percentile
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions.
Affected
59 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssl | < openssl 1.0.1i-1 (bookworm) | openssl 1.0.1i-1 (bookworm) |
| libressl | libressl | — | — |
| openbsd | libressl | < 2.3.1 | 2.3.1 |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_ubuntu5.0MEDIUM
vendor_debian4.3MEDIUM
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6q9j-c3rh-x87m: Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2
ghsa_unreviewed·2022-05-24·CVSS 4.3
CVE-2015-5334 [MEDIUM] GHSA-6q9j-c3rh-x87m: Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2
Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. Note: this vulnerability exists because of an incorrect fix for CVE-2014-3508.
GHSA
GHSA-5fxv-32q4-g2fh: The OBJ_obj2txt function in crypto/objects/obj_dat
ghsa_unreviewed·2022-05-17
CVE-2014-3508 [MEDIUM] CWE-200 GHSA-5fxv-32q4-g2fh: The OBJ_obj2txt function in crypto/objects/obj_dat
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions.
OSV
CVE-2014-3508: The OBJ_obj2txt function in crypto/objects/obj_dat
osv·2014-08-13·CVSS 4.3
CVE-2014-3508 [MEDIUM] CVE-2014-3508: The OBJ_obj2txt function in crypto/objects/obj_dat
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions.
OSV
openssl vulnerabilities
osv·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] openssl vulnerabilities
openssl vulnerabilities
Adam Langley and Wan-Teh Chang discovered that OpenSSL incorrectly handled
certain DTLS packets. A remote attacker could use this issue to cause
OpenSSL to crash, resulting in a denial of service. (CVE-2014-3505)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS handshake messages. A remote attacker could use this issue
to cause OpenSSL to consume memory, resulting in a denial of service.
(CVE-2014-3506)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS fragments. A remote attacker could use this issue to cause
OpenSSL to leak memory, resulting in a denial of service. This issue
only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3507)
Ivan Fratric discovered that OpenSSL incorrectl
BSD
FreeBSD-SA-14:18.openssl: OpenSSL multiple vulnerabilities
bsd_advisories·2014-09-09·CVSS 5.0
CVE-2014-3506 [MEDIUM] FreeBSD-SA-14:18.openssl: OpenSSL multiple vulnerabilities
FreeBSD-SA-14:18.openssl Security Advisory
The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib
Module: openssl
Announced: 2014-09-09
Affects: All supported versions of FreeBSD.
Corrected: 2014-08-07 21:04:42 UTC (stable/10, 10.0-STABLE)
2014-09-09 10:09:46 UTC (releng/10.0, 10.0-RELEASE-p8)
2014-08-07 21:06:34 UTC (stable/9, 9.3-STABLE)
2014-09-09 10:13:46 UTC (releng/9.3, 9.3-RELEASE-p1)
2014-09-09 10:13:46 UTC (releng/9.2, 9.2-RELEASE-p11)
2014-09-09 10:13:46 UTC (releng/9.1, 9.1-RELEASE-p18)
2014-08-07 21:06:34 UTC (stable/8, 8.4-STABLE)
2014-09-09 10:13:46 UTC (releng/8.4, 8.4-RELEASE-p15)
CVE Name: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510,
CVE-2014-3509, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139
For general information regarding FreeBSD
Ubuntu
OpenSSL vulnerabilities
vendor_ubuntu·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] OpenSSL vulnerabilities
Title: OpenSSL vulnerabilities
Summary: Several security issues were fixed in OpenSSL.
Adam Langley and Wan-Teh Chang discovered that OpenSSL incorrectly handled
certain DTLS packets. A remote attacker could use this issue to cause
OpenSSL to crash, resulting in a denial of service. (CVE-2014-3505)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS handshake messages. A remote attacker could use this issue
to cause OpenSSL to consume memory, resulting in a denial of service.
(CVE-2014-3506)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS fragments. A remote attacker could use this issue to cause
OpenSSL to leak memory, resulting in a denial of service. This issue
only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
Red Hat
openssl: information leak in pretty printing functions
vendor_redhat·2014-08-06·CVSS 4.3
CVE-2014-3508 [MEDIUM] CWE-200 openssl: information leak in pretty printing functions
openssl: information leak in pretty printing functions
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions.
It was discovered that the OBJ_obj2txt() function could fail to properly NUL-terminate its output. This could possibly cause an application using OpenSSL functions to format fields of X.509 certificates to disclose portions of its memory.
Package: openssl097a (Red Hat Enterprise Linux 5) - Will not fix
Package: openssl098e (Red Hat En
Debian
CVE-2014-3508: openssl - The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9...
vendor_debian·2014·CVSS 4.3
CVE-2014-3508 [MEDIUM] CVE-2014-3508: openssl - The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9...
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions.
Scope: local
bookworm: resolved (fixed in 1.0.1i-1)
bullseye: resolved (fixed in 1.0.1i-1)
forky: resolved (fixed in 1.0.1i-1)
sid: resolved (fixed in 1.0.1i-1)
trixie: resolved (fixed in 1.0.1i-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2014-3505 CVE-2014-3506 CVE-2014-3510 CVE-2014-3508 mingw32-openssl: various flaws [epel-5]
bugzilla·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] CVE-2014-3505 CVE-2014-3506 CVE-2014-3510 CVE-2014-3508 mingw32-openssl: various flaws [epel-5]
CVE-2014-3505 CVE-2014-3506 CVE-2014-3510 CVE-2014-3508 mingw32-openssl: various flaws [epel-5]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-5 tracking bug for mingw32-o
Bugzilla
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 mingw-openssl: various flaws [epel-7]
bugzilla·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 mingw-openssl: various flaws [epel-7]
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 mingw-openssl: various flaws [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-7
Bugzilla
CVE-2014-3508 openssl: information leak in pretty printing functions
bugzilla·2014-08-07·CVSS 4.3
CVE-2014-3508 [MEDIUM] CVE-2014-3508 openssl: information leak in pretty printing functions
CVE-2014-3508 openssl: information leak in pretty printing functions
It was found that OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex, and others, to leak information from the stack. If applications echo pretty printing output, then a remote attacker could exploit this flaw to read information from the stack. OpenSSL clients and servers are not affected by this flaw; only applications that echo pretty printing output are affected.
Discussion:
External References:
https://www.openssl.org/news/secadv_20140806.txt
---
Upstream commit:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0042fb5fd1c9d257d713b15a1f45da05cf5c1c87
---
Created openssl tracking bugs for this issue:
Affects: fedora-all [bug 1127704]
---
Created mingw-
Bugzilla
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 mingw-openssl: various flaws [fedora-all]
bugzilla·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 mingw-openssl: various flaws [fedora-all]
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 mingw-openssl: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit mess
Bugzilla
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 openssl: various flaws [fedora-all]
bugzilla·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 openssl: various flaws [fedora-all]
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 openssl: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Tenable
[R4] Tenable Products Affected by OpenSSL Protocol Downgrade Vulnerability
blogs_tenable·2014-08-21
[R4] Tenable Products Affected by OpenSSL Protocol Downgrade Vulnerability
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.aschttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.aschttp://linux.oracle.com/errata/ELSA-2014-1052.htmlhttp://linux.oracle.com/errata/ELSA-2014-1053.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.htmlhttp://lists.opensuse.org/opensuse-updates/2014-08/msg00036.htmlhttp://marc.info/?l=bugtraq&m=140853041709441&w=2http://marc.info/?l=bugtraq&m=140973896703549&w=2http://marc.info/?l=bugtraq&m=141077370928502&w=2http://marc.info/?l=bugtraq&m=142495837901899&w=2http://marc.info/?l=bugtraq&m=142624590206005&w=2http://marc.info/?l=bugtraq&m=142660345230545&w=2http://marc.info/?l=bugtraq&m=142791032306609&w=2http://marc.info/?l=bugtraq&m=143290437727362&w=2http://marc.info/?l=bugtraq&m=143290522027658&w=2http://rhn.redhat.com/errata/RHSA-2014-1256.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1297.htmlhttp://secunia.com/advisories/58962http://secunia.com/advisories/59221http://secunia.com/advisories/59700http://secunia.com/advisories/59710http://secunia.com/advisories/59743http://secunia.com/advisories/59756http://secunia.com/advisories/60022http://secunia.com/advisories/60221http://secunia.com/advisories/60410http://secunia.com/advisories/60493http://secunia.com/advisories/60684http://secunia.com/advisories/60687http://secunia.com/advisories/60778http://secunia.com/advisories/60803http://secunia.com/advisories/60824http://secunia.com/advisories/60861http://secunia.com/advisories/60917http://secunia.com/advisories/60921http://secunia.com/advisories/60938http://secunia.com/advisories/61017http://secunia.com/advisories/61100http://secunia.com/advisories/61171http://secunia.com/advisories/61184http://secunia.com/advisories/61214http://secunia.com/advisories/61250http://secunia.com/advisories/61392http://secunia.com/advisories/61775http://secunia.com/advisories/61959http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15571.htmlhttp://www-01.ibm.com/support/docview.wss?uid=nas8N1020240http://www-01.ibm.com/support/docview.wss?uid=swg21681752http://www-01.ibm.com/support/docview.wss?uid=swg21682293http://www-01.ibm.com/support/docview.wss?uid=swg21683389http://www-01.ibm.com/support/docview.wss?uid=swg21686997http://www.debian.org/security/2014/dsa-2998http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htmhttp://www.mandriva.com/security/advisories?name=MDVSA-2014:158http://www.securityfocus.com/bid/69075http://www.securitytracker.com/id/1030693http://www.tenable.com/security/tns-2014-06https://blogs.oracle.com/sunsecurity/entry/cve_2014_3508_information_disclosurehttps://bugzilla.redhat.com/show_bug.cgi?id=1127490https://exchange.xforce.ibmcloud.com/vulnerabilities/95165https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=0042fb5fd1c9d257d713b15a1f45da05cf5c1c87https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.htmlhttps://support.citrix.com/article/CTX216642https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.aschttps://www.openssl.org/news/secadv_20140806.txtftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.aschttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.aschttp://linux.oracle.com/errata/ELSA-2014-1052.htmlhttp://linux.oracle.com/errata/ELSA-2014-1053.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.htmlhttp://lists.opensuse.org/opensuse-updates/2014-08/msg00036.htmlhttp://marc.info/?l=bugtraq&m=140853041709441&w=2http://marc.info/?l=bugtraq&m=140973896703549&w=2http://marc.info/?l=bugtraq&m=141077370928502&w=2http://marc.info/?l=bugtraq&m=142495837901899&w=2http://marc.info/?l=bugtraq&m=142624590206005&w=2http://marc.info/?l=bugtraq&m=142660345230545&w=2http://marc.info/?l=bugtraq&m=142791032306609&w=2http://marc.info/?l=bugtraq&m=143290437727362&w=2http://marc.info/?l=bugtraq&m=143290522027658&w=2http://rhn.redhat.com/errata/RHSA-2014-1256.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1297.htmlhttp://secunia.com/advisories/58962http://secunia.com/advisories/59221http://secunia.com/advisories/59700http://secunia.com/advisories/59710http://secunia.com/advisories/59743http://secunia.com/advisories/59756http://secunia.com/advisories/60022http://secunia.com/advisories/60221http://secunia.com/advisories/60410http://secunia.com/advisories/60493
+ 40 more references
2014-08-13
Published