CVE-2014-3506

First published: Thu Aug 07 2014(Updated: )

A vulnerability in the processing of DTLS handshake messages was found that results in large amounts of memory being used. Once the Denial Of Service attack has ceased, the memory will be freed.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/openssl	<1.0.1	1.0.1
redhat/openssl	<0.9.8	0.9.8
OpenSSL OpenSSL	=0.9.8
OpenSSL OpenSSL	=0.9.8a
OpenSSL OpenSSL	=0.9.8b
OpenSSL OpenSSL	=0.9.8c
OpenSSL OpenSSL	=0.9.8d
OpenSSL OpenSSL	=0.9.8e
OpenSSL OpenSSL	=0.9.8f
OpenSSL OpenSSL	=0.9.8g
OpenSSL OpenSSL	=0.9.8h
OpenSSL OpenSSL	=0.9.8i
OpenSSL OpenSSL	=0.9.8j
OpenSSL OpenSSL	=0.9.8k
OpenSSL OpenSSL	=0.9.8l
OpenSSL OpenSSL	=0.9.8m
OpenSSL OpenSSL	=0.9.8m-beta1
OpenSSL OpenSSL	=0.9.8n
OpenSSL OpenSSL	=0.9.8o
OpenSSL OpenSSL	=0.9.8p
OpenSSL OpenSSL	=0.9.8q
OpenSSL OpenSSL	=0.9.8r
OpenSSL OpenSSL	=0.9.8s
OpenSSL OpenSSL	=0.9.8t
OpenSSL OpenSSL	=0.9.8u
OpenSSL OpenSSL	=0.9.8v
OpenSSL OpenSSL	=0.9.8w
OpenSSL OpenSSL	=0.9.8x
OpenSSL OpenSSL	=0.9.8y
OpenSSL OpenSSL	=0.9.8za
OpenSSL OpenSSL	=1.0.0
OpenSSL OpenSSL	=1.0.0-beta1
OpenSSL OpenSSL	=1.0.0-beta2
OpenSSL OpenSSL	=1.0.0-beta3
OpenSSL OpenSSL	=1.0.0-beta4
OpenSSL OpenSSL	=1.0.0-beta5
OpenSSL OpenSSL	=1.0.0a
OpenSSL OpenSSL	=1.0.0b
OpenSSL OpenSSL	=1.0.0c
OpenSSL OpenSSL	=1.0.0d
OpenSSL OpenSSL	=1.0.0e
OpenSSL OpenSSL	=1.0.0f
OpenSSL OpenSSL	=1.0.0g
OpenSSL OpenSSL	=1.0.0h
OpenSSL OpenSSL	=1.0.0i
OpenSSL OpenSSL	=1.0.0j
OpenSSL OpenSSL	=1.0.0k
OpenSSL OpenSSL	=1.0.0l
OpenSSL OpenSSL	=1.0.0m
OpenSSL OpenSSL	=1.0.1
OpenSSL OpenSSL	=1.0.1-beta1
OpenSSL OpenSSL	=1.0.1-beta2
OpenSSL OpenSSL	=1.0.1-beta3
OpenSSL OpenSSL	=1.0.1a
OpenSSL OpenSSL	=1.0.1b
OpenSSL OpenSSL	=1.0.1c
OpenSSL OpenSSL	=1.0.1d
OpenSSL OpenSSL	=1.0.1e
OpenSSL OpenSSL	=1.0.1f
OpenSSL OpenSSL	=1.0.1g
OpenSSL OpenSSL	=1.0.1h

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/type
agent/first-publish-date
agent/softwarecombine
collector/mitre-cve
source/MITRE
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2014-3506
agent/software-canonical-lookup
agent/author
agent/references
agent/weakness
agent/severity
agent/last-modified-date
agent/tags
agent/event
agent/description
vendor/openssl
canonical/openssl openssl
version/openssl openssl/0.9.8
version/openssl openssl/0.9.8a
version/openssl openssl/0.9.8b
version/openssl openssl/0.9.8c
version/openssl openssl/0.9.8d
version/openssl openssl/0.9.8e
version/openssl openssl/0.9.8f
version/openssl openssl/0.9.8g
version/openssl openssl/0.9.8h
version/openssl openssl/0.9.8i
version/openssl openssl/0.9.8j
version/openssl openssl/0.9.8k
version/openssl openssl/0.9.8l
version/openssl openssl/0.9.8m
version/openssl openssl/0.9.8m-beta1
version/openssl openssl/0.9.8n
version/openssl openssl/0.9.8o
version/openssl openssl/0.9.8p
version/openssl openssl/0.9.8q
version/openssl openssl/0.9.8r
version/openssl openssl/0.9.8s
version/openssl openssl/0.9.8t
version/openssl openssl/0.9.8u
version/openssl openssl/0.9.8v
version/openssl openssl/0.9.8w
version/openssl openssl/0.9.8x
version/openssl openssl/0.9.8y
version/openssl openssl/0.9.8za
version/openssl openssl/1.0.0
version/openssl openssl/1.0.0-beta1
version/openssl openssl/1.0.0-beta2
version/openssl openssl/1.0.0-beta3
version/openssl openssl/1.0.0-beta4
version/openssl openssl/1.0.0-beta5
version/openssl openssl/1.0.0a
version/openssl openssl/1.0.0b
version/openssl openssl/1.0.0c
version/openssl openssl/1.0.0d
version/openssl openssl/1.0.0e
version/openssl openssl/1.0.0f
version/openssl openssl/1.0.0g
version/openssl openssl/1.0.0h
version/openssl openssl/1.0.0i
version/openssl openssl/1.0.0j
version/openssl openssl/1.0.0k
version/openssl openssl/1.0.0l
version/openssl openssl/1.0.0m
version/openssl openssl/1.0.1
version/openssl openssl/1.0.1-beta1
version/openssl openssl/1.0.1-beta2
version/openssl openssl/1.0.1-beta3
version/openssl openssl/1.0.1a
version/openssl openssl/1.0.1b
version/openssl openssl/1.0.1c
version/openssl openssl/1.0.1d
version/openssl openssl/1.0.1e
version/openssl openssl/1.0.1f
version/openssl openssl/1.0.1g
version/openssl openssl/1.0.1h
package-manager/redhat

CVE-2014-3506

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact