CVE-2011-3207

MEDIUM

Description

crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.

References

http://cvs.openssl.org/chngview?cn=21349

http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065744.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html

http://marc.info/?l=bugtraq&m=133226187115472&w=2

http://openssl.org/news/secadv_20110906.txt

http://secunia.com/advisories/45956

http://secunia.com/advisories/57353

http://support.apple.com/kb/HT5784

http://www.mandriva.com/security/advisories?name=MDVSA-2011:137

http://www.redhat.com/support/errata/RHSA-2011-1409.html

http://www.securitytracker.com/id?1026012

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564

https://bugzilla.redhat.com/show_bug.cgi?id=736087

Details

Source: MITRE

Published: 2011-09-22

Updated: 2014-03-26

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*

Tenable Plugins

View all (22 total)

IDNameProductFamilySeverity
127201NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0033)NessusNewStart CGSL Local Security Checks
critical
78265Amazon Linux AMI : openssl (ALAS-2011-4)NessusAmazon Linux Local Security Checks
medium
75907openSUSE Security Update : libopenssl-devel (openSUSE-SU-2011:1144-1)NessusSuSE Local Security Checks
medium
75597openSUSE Security Update : libopenssl-devel (openSUSE-SU-2011:1144-1)NessusSuSE Local Security Checks
medium
69563Amazon Linux AMI : openssl (ALAS-2011-04)NessusAmazon Linux Local Security Checks
medium
68380Oracle Linux 6 : openssl (ELSA-2011-1409)NessusOracle Linux Local Security Checks
medium
801016Mac OS X 10.8 < 10.8.4 Multiple Vulnerabilities (Security Update 2013-002)Log Correlation EngineOperating System Detection
high
6857Mac OS X 10.8 < 10.8.4 Multiple Vulnerabilities (Security Update 2013-002)Nessus Network MonitorWeb Clients
critical
66809Mac OS X Multiple Vulnerabilities (Security Update 2013-002)NessusMacOS X Local Security Checks
critical
66808Mac OS X 10.8.x < 10.8.4 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
63031Fedora 18 : mingw-openssl-1.0.1c-1.fc18 (2012-18035)NessusFedora Local Security Checks
high
61165Scientific Linux Security Update : openssl on SL6.x i386/x86_64NessusScientific Linux Local Security Checks
medium
58811HP System Management Homepage < 7.0 Multiple VulnerabilitiesNessusWeb Servers
critical
56661RHEL 6 : openssl (RHSA-2011:1409)NessusRed Hat Local Security Checks
medium
56425GLSA-201110-01 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
56325Mandriva Linux Security Advisory : openssl (MDVSA-2011:137)NessusMandriva Local Security Checks
medium
56162OpenSSL 1.x < 1.0.0e Multiple VulnerabilitiesNessusWeb Servers
medium
56156Fedora 14 : openssl-1.0.0e-1.fc14 (2011-12281)NessusFedora Local Security Checks
medium
56152Fedora 16 : openssl-1.0.0e-1.fc16 (2011-12233)NessusFedora Local Security Checks
medium
56117FreeBSD : OpenSSL -- multiple vulnerabilities (2ecb7b20-d97e-11e0-b2e2-00215c6a37bb)NessusFreeBSD Local Security Checks
medium
801065OpenSSL 1.x < 1.0.0e Multiple VulnerabilitiesLog Correlation EngineWeb Servers
medium
6022OpenSSL 1.x < 1.0.0e Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium