CVE-2010-3864

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.

References

http://blogs.sun.com/security/entry/cve_2010_3864_race_condition

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777

http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html

http://marc.info/?l=bugtraq&m=129916880600544&w=2

http://marc.info/?l=bugtraq&m=130497251507577&w=2

http://marc.info/?l=bugtraq&m=132828103218869&w=2

http://openssl.org/news/secadv_20101116.txt

http://secunia.com/advisories/42241

http://secunia.com/advisories/42243

http://secunia.com/advisories/42309

http://secunia.com/advisories/42336

http://secunia.com/advisories/42352

http://secunia.com/advisories/42397

http://secunia.com/advisories/42413

http://secunia.com/advisories/43312

http://secunia.com/advisories/44269

http://secunia.com/advisories/57353

http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc

http://securitytracker.com/id?1024743

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793

http://support.apple.com/kb/HT4723

http://www.adobe.com/support/security/bulletins/apsb11-11.html

http://www.debian.org/security/2010/dsa-2125

http://www.kb.cert.org/vuls/id/737740

http://www.securityfocus.com/archive/1/516397/100/0/threaded

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

http://www.vupen.com/english/advisories/2010/3041

http://www.vupen.com/english/advisories/2010/3077

http://www.vupen.com/english/advisories/2010/3097

http://www.vupen.com/english/advisories/2010/3121

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564

https://bugzilla.redhat.com/show_bug.cgi?id=649304

https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html

https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html

https://rhn.redhat.com/errata/RHSA-2010-0888.html

Details

Source: MITRE

Published: 2010-11-17

Updated: 2018-10-10

Type: CWE-362

Risk Information

CVSS v2

Base Score: 7.6

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 4.9

Severity: HIGH

Tenable Plugins

View all (26 total)

IDNameProductFamilySeverity
127201NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0033)NessusNewStart CGSL Local Security Checks
critical
89674VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0003) (remote check)NessusMisc.
critical
75593openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0965-2)NessusSuSE Local Security Checks
high
73560AIX OpenSSL Advisory : openssl_advisory2.ascNessusAIX Local Security Checks
high
60899Scientific Linux Security Update : openssl on SL6.x i386/x86_64NessusScientific Linux Local Security Checks
high
17766OpenSSL < 0.9.8p / 1.0.0b Buffer OverflowNessusWeb Servers
high
56425GLSA-201110-01 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
55416Mac OS X 10.6.x < 10.6.8 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
800790Mac OS X 10.6 < 10.6.8 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high
5968Mac OS X 10.6 < 10.6.8 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
5924Adobe Flash Media server < 3.5.6 / 4.0.2 Multiple Vulnerabilities (APSB11-11)Nessus Network MonitorWeb Servers
medium
53895Adobe Flash Media Server < 3.5.6 / 4.0.2 Multiple Vulnerabilities (APSB11-11)NessusMisc.
critical
53750openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0965-2)NessusSuSE Local Security Checks
high
53675openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0965-1)NessusSuSE Local Security Checks
high
51971VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESXNessusVMware ESX Local Security Checks
high
51619SuSE 11.1 Security Update : libopenssl (SAT Patch Number 3539)NessusSuSE Local Security Checks
high
50939SuSE 11 Security Update : libopenssl (SAT Patch Number 3509)NessusSuSE Local Security Checks
high
50696Debian DSA-2125-1 : openssl - buffer overflowNessusDebian Local Security Checks
high
50675Fedora 13 : openssl-1.0.0b-1.fc13 (2010-17847)NessusFedora Local Security Checks
high
50674Fedora 12 : openssl-1.0.0b-1.fc12 (2010-17826)NessusFedora Local Security Checks
high
50668Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : openssl (SSA:2010-326-01)NessusSlackware Local Security Checks
high
50664Fedora 14 : openssl-1.0.0b-1.fc14 (2010-17827)NessusFedora Local Security Checks
high
50649Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openssl vulnerability (USN-1018-1)NessusUbuntu Local Security Checks
high
50642RHEL 6 : openssl (RHSA-2010:0888)NessusRed Hat Local Security Checks
high
50628Mandriva Linux Security Advisory : openssl (MDVSA-2010:238)NessusMandriva Local Security Checks
high
50627FreeBSD : openssl -- TLS extension parsing race condition (3042c33a-f237-11df-9d02-0018fe623f2b)NessusFreeBSD Local Security Checks
high