CVE-2010-4180

MEDIUM

Description

OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.

References

http://cvs.openssl.org/chngview?cn=20131

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777

http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html

http://marc.info/?l=bugtraq&m=129916880600544&w=2

http://marc.info/?l=bugtraq&m=130497251507577&w=2

http://marc.info/?l=bugtraq&m=132077688910227&w=2

http://openssl.org/news/secadv_20101202.txt

http://osvdb.org/69565

http://secunia.com/advisories/42469

http://secunia.com/advisories/42473

http://secunia.com/advisories/42493

http://secunia.com/advisories/42571

http://secunia.com/advisories/42620

http://secunia.com/advisories/42811

http://secunia.com/advisories/42877

http://secunia.com/advisories/43169

http://secunia.com/advisories/43170

http://secunia.com/advisories/43171

http://secunia.com/advisories/43172

http://secunia.com/advisories/43173

http://secunia.com/advisories/44269

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471

http://support.apple.com/kb/HT4723

http://ubuntu.com/usn/usn-1029-1

http://www.debian.org/security/2011/dsa-2141

http://www.kb.cert.org/vuls/id/737740

http://www.mandriva.com/security/advisories?name=MDVSA-2010:248

http://www.redhat.com/support/errata/RHSA-2010-0977.html

http://www.redhat.com/support/errata/RHSA-2010-0978.html

http://www.redhat.com/support/errata/RHSA-2010-0979.html

http://www.redhat.com/support/errata/RHSA-2011-0896.html

http://www.securityfocus.com/archive/1/522176

http://www.securityfocus.com/bid/45164

http://www.securitytracker.com/id?1024822

http://www.vupen.com/english/advisories/2010/3120

http://www.vupen.com/english/advisories/2010/3122

http://www.vupen.com/english/advisories/2010/3134

http://www.vupen.com/english/advisories/2010/3188

http://www.vupen.com/english/advisories/2011/0032

http://www.vupen.com/english/advisories/2011/0076

http://www.vupen.com/english/advisories/2011/0268

https://bugzilla.redhat.com/show_bug.cgi?id=659462

https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910

Details

Source: MITRE

Published: 2010-12-06

Updated: 2017-09-19

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM