CVE-2010-4180
First published: Thu Dec 02 2010(Updated: )
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenSSL libcrypto | <0.9.8q | |
| OpenSSL libcrypto | >=1.0.0<1.0.0c | |
| Fedoraproject Fedora | =13 | |
| Fedoraproject Fedora | =14 | |
| Debian GNU/Linux | =5.0 | |
| Ubuntu Linux | =6.06 | |
| Ubuntu Linux | =8.04 | |
| Ubuntu Linux | =9.04 | |
| Ubuntu Linux | =10.04 | |
| Ubuntu Linux | =10.10 | |
| openSUSE | =11.1 | |
| openSUSE | =11.2 | |
| openSUSE | =11.3 | |
| openSUSE | =11.4 | |
| SUSE Linux Enterprise Server | =11.0-sp1 | |
| SUSE Linux Enterprise Desktop with Beagle | =10-sp3 | |
| SUSE Linux Enterprise Desktop with Beagle | =10-sp4 | |
| SUSE Linux Enterprise Desktop with Beagle | =11-sp1 | |
| SUSE Linux Enterprise Server | =9 | |
| SUSE Linux Enterprise Server | =10-sp3 | |
| SUSE Linux Enterprise Server | =10-sp4 | |
| f5 nginx | <0.9.2 | |
| Fedora | =13 | |
| Fedora | =14 | |
| Debian | =5.0 | |
| Ubuntu | =10.10 | |
| Ubuntu | =9.04 | |
| Ubuntu | =8.04 | |
| Ubuntu | =10.04 | |
| Ubuntu | =6.06 | |
| F5 NGINX App Protect | <0.9.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://cvs.openssl.org/chngview?cn=20131
- https://bugzilla.redhat.com/show_bug.cgi?id=659462
- http://openssl.org/news/secadv_20101202.txt
- http://www.vupen.com/english/advisories/2010/3120
- http://www.vupen.com/english/advisories/2010/3122
- http://ubuntu.com/usn/usn-1029-1
- http://secunia.com/advisories/42473
- http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471
- http://www.vupen.com/english/advisories/2010/3134
- http://osvdb.org/69565
- http://www.securitytracker.com/id?1024822
- http://secunia.com/advisories/42493
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:248
- http://www.securityfocus.com/bid/45164
- http://secunia.com/advisories/42469
- http://www.vupen.com/english/advisories/2010/3188
- http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html
- http://www.redhat.com/support/errata/RHSA-2010-0979.html
- http://secunia.com/advisories/42620
- http://secunia.com/advisories/42571
- http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html
- http://www.debian.org/security/2011/dsa-2141
- http://secunia.com/advisories/42811
- http://www.vupen.com/english/advisories/2011/0032
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
- http://www.redhat.com/support/errata/RHSA-2010-0977.html
- http://www.redhat.com/support/errata/RHSA-2010-0978.html
- http://secunia.com/advisories/42877
- http://www.vupen.com/english/advisories/2011/0076
- http://www.vupen.com/english/advisories/2011/0268
- http://secunia.com/advisories/43171
- http://secunia.com/advisories/43172
- http://secunia.com/advisories/43169
- http://secunia.com/advisories/43173
- http://secunia.com/advisories/43170
- https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST
- http://secunia.com/advisories/44269
- http://support.apple.com/kb/HT4723
- http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
- http://www.redhat.com/support/errata/RHSA-2011-0896.html
- http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
- http://marc.info/?l=bugtraq&m=132077688910227&w=2
- http://www.securityfocus.com/archive/1/522176
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777
- http://www.kb.cert.org/vuls/id/737740
- http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
- http://marc.info/?l=bugtraq&m=129916880600544&w=2
- http://marc.info/?l=bugtraq&m=130497251507577&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=175779
- http://cvs.openssl.org/chngview?cn=17489
- https://rhn.redhat.com/errata/RHSA-2010-0977.html
- https://rhn.redhat.com/errata/RHSA-2010-0978.html
- https://rhn.redhat.com/errata/RHSA-2010-0979.html
- https://rhn.redhat.com/errata/RHSA-2011-0896.html
Frequently Asked Questions
What is the severity of CVE-2010-4180?
CVE-2010-4180 is classified as a high-severity vulnerability due to the potential for data interception and manipulation.
How do I fix CVE-2010-4180?
To mitigate CVE-2010-4180, upgrade OpenSSL to a version later than 0.9.8q or 1.0.0c.
What are the affected versions for CVE-2010-4180?
Affected versions include OpenSSL prior to 0.9.8q and 1.0.x before 1.0.0c.
Who can exploit CVE-2010-4180?
CVE-2010-4180 can be exploited by remote attackers who can sniff network traffic.
What does CVE-2010-4180 affect in OpenSSL?
CVE-2010-4180 affects the handling of cipher suites in the session cache allowing for potential downgrades.
- agent/first-publish-date
- agent/last-modified-date
- agent/type
- agent/references
- agent/weakness
- agent/severity
- agent/remedy
- agent/author
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-4180
- agent/trending
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- vendor/openssl
- canonical/openssl libcrypto
- version/openssl libcrypto/1.0.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/13
- version/fedoraproject fedora/14
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/5.0
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/6.06
- version/ubuntu linux/8.04
- version/ubuntu linux/9.04
- version/ubuntu linux/10.04
- version/ubuntu linux/10.10
- vendor/opensuse
- canonical/opensuse
- version/opensuse/11.1
- version/opensuse/11.2
- version/opensuse/11.3
- version/opensuse/11.4
- vendor/suse
- canonical/suse linux enterprise server
- version/suse linux enterprise server/11.0-sp1
- canonical/suse linux enterprise desktop with beagle
- version/suse linux enterprise desktop with beagle/10-sp3
- version/suse linux enterprise desktop with beagle/10-sp4
- version/suse linux enterprise desktop with beagle/11-sp1
- version/suse linux enterprise server/9
- version/suse linux enterprise server/10-sp3
- version/suse linux enterprise server/10-sp4
- vendor/f5
- canonical/f5 nginx
- canonical/fedora
- version/fedora/13
- version/fedora/14
- canonical/debian
- version/debian/5.0
- canonical/ubuntu
- version/ubuntu/10.10
- version/ubuntu/9.04
- version/ubuntu/8.04
- version/ubuntu/10.04
- version/ubuntu/6.06
- canonical/f5 nginx app protect