CVE-2010-4180

medium

Description

OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.

References

http://cvs.openssl.org/chngview?cn=20131

https://bugzilla.redhat.com/show_bug.cgi?id=659462

http://openssl.org/news/secadv_20101202.txt

http://www.vupen.com/english/advisories/2010/3120

http://www.vupen.com/english/advisories/2010/3122

http://ubuntu.com/usn/usn-1029-1

http://secunia.com/advisories/42473

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471

http://www.vupen.com/english/advisories/2010/3134

http://osvdb.org/69565

http://www.securitytracker.com/id?1024822

http://secunia.com/advisories/42493

http://www.mandriva.com/security/advisories?name=MDVSA-2010:248

http://www.securityfocus.com/bid/45164

http://secunia.com/advisories/42469

http://www.vupen.com/english/advisories/2010/3188

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html

http://www.redhat.com/support/errata/RHSA-2010-0979.html

http://secunia.com/advisories/42620

http://secunia.com/advisories/42571

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html

http://www.debian.org/security/2011/dsa-2141

http://secunia.com/advisories/42811

http://www.vupen.com/english/advisories/2011/0032

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html

http://www.redhat.com/support/errata/RHSA-2010-0977.html

http://www.redhat.com/support/errata/RHSA-2010-0978.html

http://secunia.com/advisories/42877

http://www.vupen.com/english/advisories/2011/0076

http://www.vupen.com/english/advisories/2011/0268

http://secunia.com/advisories/43171

http://secunia.com/advisories/43172

http://secunia.com/advisories/43169

http://secunia.com/advisories/43173

http://secunia.com/advisories/43170

https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST

http://secunia.com/advisories/44269

http://support.apple.com/kb/HT4723

http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html

http://www.redhat.com/support/errata/RHSA-2011-0896.html

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html

http://marc.info/?l=bugtraq&m=132077688910227&w=2

http://www.securityfocus.com/archive/1/522176

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777

http://www.kb.cert.org/vuls/id/737740

http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html

http://marc.info/?l=bugtraq&m=129916880600544&w=2

http://marc.info/?l=bugtraq&m=130497251507577&w=2

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910

Details

Source: MITRE

Published: 2010-12-06

Updated: 2022-08-04

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM