CVE-2014-3512
published 2014-08-13CVE-2014-3512: Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service…
PriorityP350high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
74.08%
99.4th percentile
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssl | < openssl 1.0.1i-1 (bookworm) | openssl 1.0.1i-1 (bookworm) |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | >= 0 < 1.0.1i-1 | 1.0.1i-1 |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability exists in crypto/srp/srp_lib.c within the SRP implementation; focus code review and monitoring on this file path in OpenSSL deployments. ↗
- →Trigger condition is an invalid SRP g, A, or B parameter sent by a remote attacker; monitor for malformed/oversized SRP handshake parameters in TLS traffic as an anomaly indicator. ↗
- →The upstream fix is tracked at a specific git commit; use this to confirm whether a given OpenSSL build includes the patch. ↗
- ·OpenSSL builds compiled without SRP support enabled are NOT affected; Red Hat Enterprise Linux 5, 6, 7, RHEV 3, and Red Hat Storage 2 ship with SRP disabled and are confirmed not vulnerable. ↗
- ·Only OpenSSL versions 1.0.1 up to (but not including) 1.0.1i are affected; SRP support was introduced upstream in version 1.0.1, so older versions are not impacted. ↗
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gp83-w673-qcx5: Multiple buffer overflows in crypto/srp/srp_lib
ghsa_unreviewed·2022-05-17
CVE-2014-3512 [HIGH] CWE-119 GHSA-gp83-w673-qcx5: Multiple buffer overflows in crypto/srp/srp_lib
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.
OSV
CVE-2014-3512: Multiple buffer overflows in crypto/srp/srp_lib
osv·2014-08-13·CVSS 7.5
CVE-2014-3512 [HIGH] CVE-2014-3512: Multiple buffer overflows in crypto/srp/srp_lib
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.
OSV
openssl vulnerabilities
osv·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] openssl vulnerabilities
openssl vulnerabilities
Adam Langley and Wan-Teh Chang discovered that OpenSSL incorrectly handled
certain DTLS packets. A remote attacker could use this issue to cause
OpenSSL to crash, resulting in a denial of service. (CVE-2014-3505)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS handshake messages. A remote attacker could use this issue
to cause OpenSSL to consume memory, resulting in a denial of service.
(CVE-2014-3506)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS fragments. A remote attacker could use this issue to cause
OpenSSL to leak memory, resulting in a denial of service. This issue
only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3507)
Ivan Fratric discovered that OpenSSL incorrectl
Palo Alto
PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
vendor_paloalto·2024-11-07·CVSS 6.8
CVE-2014-0195 [MEDIUM] PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to Cortex XDR Agent. While Cortex XDR Agent may include the
CVEs: CVE-2014-0195, CVE-2014-0224, CVE-2014-3509, CVE-2014-3512, CVE-2014-3513, CVE-2014-3567, CVE-2015-0209, CVE-2015-0292, CVE-2015-1789, CVE-2015-1791, CVE-2015-1793, CVE-2015-3194, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176, CVE-2016-2177, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2019-1551, CVE-2019-1552, CVE-2019-1559, CVE-2019-1563, CVE-2020-196
BSD
FreeBSD-SA-14:18.openssl: OpenSSL multiple vulnerabilities
bsd_advisories·2014-09-09·CVSS 5.0
CVE-2014-3506 [MEDIUM] FreeBSD-SA-14:18.openssl: OpenSSL multiple vulnerabilities
FreeBSD-SA-14:18.openssl Security Advisory
The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib
Module: openssl
Announced: 2014-09-09
Affects: All supported versions of FreeBSD.
Corrected: 2014-08-07 21:04:42 UTC (stable/10, 10.0-STABLE)
2014-09-09 10:09:46 UTC (releng/10.0, 10.0-RELEASE-p8)
2014-08-07 21:06:34 UTC (stable/9, 9.3-STABLE)
2014-09-09 10:13:46 UTC (releng/9.3, 9.3-RELEASE-p1)
2014-09-09 10:13:46 UTC (releng/9.2, 9.2-RELEASE-p11)
2014-09-09 10:13:46 UTC (releng/9.1, 9.1-RELEASE-p18)
2014-08-07 21:06:34 UTC (stable/8, 8.4-STABLE)
2014-09-09 10:13:46 UTC (releng/8.4, 8.4-RELEASE-p15)
CVE Name: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510,
CVE-2014-3509, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139
For general information regarding FreeBSD
Ubuntu
OpenSSL vulnerabilities
vendor_ubuntu·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] OpenSSL vulnerabilities
Title: OpenSSL vulnerabilities
Summary: Several security issues were fixed in OpenSSL.
Adam Langley and Wan-Teh Chang discovered that OpenSSL incorrectly handled
certain DTLS packets. A remote attacker could use this issue to cause
OpenSSL to crash, resulting in a denial of service. (CVE-2014-3505)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS handshake messages. A remote attacker could use this issue
to cause OpenSSL to consume memory, resulting in a denial of service.
(CVE-2014-3506)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS fragments. A remote attacker could use this issue to cause
OpenSSL to leak memory, resulting in a denial of service. This issue
only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
Red Hat
openssl: SRP buffer overrun
vendor_redhat·2014-08-06·CVSS 7.5
CVE-2014-3512 [HIGH] CWE-119 openssl: SRP buffer overrun
openssl: SRP buffer overrun
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.
Statement: Not vulnerable. This issue did not affect the versions of openssl as shipped
with Red Hat Enterprise Linux 5, 6 and 7, Red Hat Enterprise Virtualization 3,
and Red Hat Enterprise Storage 2, as they do not enable Secure Remote Password
(SRP) support. All other supported Red Hat products that include openssl use
older versions that are not affected by this issue.
Package: openssl (Red Hat Enterprise Linux 5) - Not affected
Package: openssl097a (Red Hat Enterprise Linux 5) - Not af
Debian
CVE-2014-3512: openssl - Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in O...
vendor_debian·2014·CVSS 7.5
CVE-2014-3512 [HIGH] CVE-2014-3512: openssl - Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in O...
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.
Scope: local
bookworm: resolved (fixed in 1.0.1i-1)
bullseye: resolved (fixed in 1.0.1i-1)
forky: resolved (fixed in 1.0.1i-1)
sid: resolved (fixed in 1.0.1i-1)
trixie: resolved (fixed in 1.0.1i-1)
No detection rules found.
No public exploits indexed.
arXiv
Finding Security Vulnerabilities in IoT Cryptographic Protocol and Concurrent Implementations
arxiv_fulltext·2021-04-27
Finding Security Vulnerabilities in IoT Cryptographic Protocol and Concurrent Implementations
Finding Security Vulnerabilities in IoT Cryptographic Protocol and Concurrent Implementations Supported by EPSRC grants EP/T026995/1 and EP/V000497/1. The first author acknowledges the scholarship she is receiving from King Faisal University (KFU).
EBF: A Hybrid Verification Tool for IoT Cryptographic Protocols
Fatimah Aljaafari1
Rafael Menezes2
Mustafa Mustafa1
Lucas Cordeiro1
Aljaafari et al.
The University of Manchester, UK
Federal University of Amazonas, Brazil
## Abstract
Internet of Things (IoT) consists of a large number of devices connected through a network, which exchange a high volume of data, thereby posing new security, privacy, and trust issues. One way to address these issues is ensuring data confidentiality using lightweight encryption algorithms for IoT protocols. How
arXiv
Server-side verification of client behavior in cryptographic protocols
arxiv_fulltext·2016-03-13·CVSS 7.5
[HIGH] Server-side verification of client behavior in cryptographic protocols
Server-side Verification of Client Behavior in Cryptographic Protocols
tabularccccc
Andrew Chi & Robert Cochran & Marie Nesfield & Michael K.\ Reiter & Cynthia Sturton\ 10pt]
5cUniversity of North Carolina
5cChapel Hill, NC, USA
tabular
empty
### Abstract
Numerous exploits of client-server protocols and applications involve
modifying clients to behave in ways that untampered clients would not,
such as crafting malicious packets. In this paper, we demonstrate
practical verification of a cryptographic protocol client's messaging
behavior as being consistent with the client program it is believed to
be running. Moreover, we accomplish this without modifying the client
in any way, and without knowing all of the client-side inputs driving
its behavior. Our toolchain for verifying a client'
Tenable
[R4] Tenable Products Affected by OpenSSL Protocol Downgrade Vulnerability
blogs_tenable·2014-08-21
[R4] Tenable Products Affected by OpenSSL Protocol Downgrade Vulnerability
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Bugzilla
CVE-2014-3512 openssl: SRP buffer overrun
bugzilla·2014-08-07·CVSS 7.5
CVE-2014-3512 [HIGH] CVE-2014-3512 openssl: SRP buffer overrun
CVE-2014-3512 openssl: SRP buffer overrun
It was found that OpenSSL applications set up for SRP could have an internal buffer overrun if a malicious server or client sent invalid SRP parameters.
Discussion:
External References:
https://www.openssl.org/news/secadv_20140806.txt
---
The openssl packages shipped in Red Hat Enterprise Linux and Fedora are build with the Secure Remote Password (SRP) support disabled and were therefore not affected by this issue.
Upstream commit:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4a23b12a031860253b58d503f296377ca076427b
---
Note that SRP support was introduced upstream in version 1.0.1.
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=edc032b
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0deea0e
---
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.aschttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.aschttp://lists.opensuse.org/opensuse-updates/2014-08/msg00036.htmlhttp://marc.info/?l=bugtraq&m=142660345230545&w=2http://secunia.com/advisories/59700http://secunia.com/advisories/59710http://secunia.com/advisories/59756http://secunia.com/advisories/60022http://secunia.com/advisories/60221http://secunia.com/advisories/60493http://secunia.com/advisories/60803http://secunia.com/advisories/60810http://secunia.com/advisories/60917http://secunia.com/advisories/60921http://secunia.com/advisories/61017http://secunia.com/advisories/61100http://secunia.com/advisories/61171http://secunia.com/advisories/61184http://secunia.com/advisories/61775http://secunia.com/advisories/61959http://security.gentoo.org/glsa/glsa-201412-39.xmlhttp://support.f5.com/kb/en-us/solutions/public/15000/500/sol15565.htmlhttp://www-01.ibm.com/support/docview.wss?uid=nas8N1020240http://www-01.ibm.com/support/docview.wss?uid=swg21682293http://www-01.ibm.com/support/docview.wss?uid=swg21683389http://www-01.ibm.com/support/docview.wss?uid=swg21686997http://www.debian.org/security/2014/dsa-2998http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htmhttp://www.securityfocus.com/bid/69083http://www.securitytracker.com/id/1030693http://www.tenable.com/security/tns-2014-06https://exchange.xforce.ibmcloud.com/vulnerabilities/95158https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=4a23b12a031860253b58d503f296377ca076427bhttps://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.htmlhttps://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.aschttps://www.openssl.org/news/secadv_20140806.txtftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.aschttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.aschttp://lists.opensuse.org/opensuse-updates/2014-08/msg00036.htmlhttp://marc.info/?l=bugtraq&m=142660345230545&w=2http://secunia.com/advisories/59700http://secunia.com/advisories/59710http://secunia.com/advisories/59756http://secunia.com/advisories/60022http://secunia.com/advisories/60221http://secunia.com/advisories/60493http://secunia.com/advisories/60803http://secunia.com/advisories/60810http://secunia.com/advisories/60917http://secunia.com/advisories/60921http://secunia.com/advisories/61017http://secunia.com/advisories/61100http://secunia.com/advisories/61171http://secunia.com/advisories/61184http://secunia.com/advisories/61775http://secunia.com/advisories/61959http://security.gentoo.org/glsa/glsa-201412-39.xmlhttp://support.f5.com/kb/en-us/solutions/public/15000/500/sol15565.htmlhttp://www-01.ibm.com/support/docview.wss?uid=nas8N1020240http://www-01.ibm.com/support/docview.wss?uid=swg21682293http://www-01.ibm.com/support/docview.wss?uid=swg21683389http://www-01.ibm.com/support/docview.wss?uid=swg21686997http://www.debian.org/security/2014/dsa-2998http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htmhttp://www.securityfocus.com/bid/69083http://www.securitytracker.com/id/1030693http://www.tenable.com/security/tns-2014-06https://exchange.xforce.ibmcloud.com/vulnerabilities/95158https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=4a23b12a031860253b58d503f296377ca076427bhttps://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.htmlhttps://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.aschttps://www.openssl.org/news/secadv_20140806.txt
2014-08-13
Published