CVE-2017-3735

MEDIUM

Description

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

ID	Name	Product	Family	Severity
127975	OracleVM 3.4 : openssl (OVMSA-2019-0040)	Nessus	OracleVM Local Security Checks	medium
127262	NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0065)	Nessus	NewStart CGSL Local Security Checks	medium
124999	EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1546)	Nessus	Huawei Local Security Checks	medium
124903	EulerOS Virtualization for ARM 64 3.0.1.0 : openssl (EulerOS-SA-2019-1400)	Nessus	Huawei Local Security Checks	medium
700513	macOS 10.13.x < 10.13.2 Multiple Vulnerabilities (Meltdown)	Nessus Network Monitor	Operating System Detection	critical
123887	EulerOS Virtualization 2.5.4 : openssl (EulerOS-SA-2019-1201)	Nessus	Huawei Local Security Checks	medium
123850	EulerOS Virtualization 2.5.3 : openssl (EulerOS-SA-2019-1164)	Nessus	Huawei Local Security Checks	medium
122706	EulerOS Virtualization 2.5.2 : openssl (EulerOS-SA-2019-1084)	Nessus	Huawei Local Security Checks	medium
121753	Photon OS 1.0: Openssl PHSA-2017-0042	Nessus	PhotonOS Local Security Checks	high
120997	EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1009)	Nessus	Huawei Local Security Checks	medium
120014	SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2018:0293-1)	Nessus	SuSE Local Security Checks	medium
120012	SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2018:0002-1)	Nessus	SuSE Local Security Checks	medium
119909	EulerOS 2.0 SP2 : openssl (EulerOS-SA-2018-1420)	Nessus	Huawei Local Security Checks	medium
119520	EulerOS 2.0 SP3 : openssl (EulerOS-SA-2018-1392)	Nessus	Huawei Local Security Checks	medium
119464	Amazon Linux AMI : openssl (ALAS-2018-1102)	Nessus	Amazon Linux Local Security Checks	medium
119194	Scientific Linux Security Update : openssl on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	medium
118998	CentOS 7 : openssl (CESA-2018:3221)	Nessus	CentOS Local Security Checks	medium
118833	Amazon Linux 2 : openssl (ALAS-2018-1102)	Nessus	Amazon Linux Local Security Checks	medium
118777	Oracle Linux 7 : openssl (ELSA-2018-3221)	Nessus	Oracle Linux Local Security Checks	medium
118534	RHEL 7 : openssl (RHSA-2018:3221)	Nessus	Red Hat Local Security Checks	medium
111891	Photon OS 1.0: Linux / Openssl PHSA-2017-0042 (deprecated)	Nessus	PhotonOS Local Security Checks	high
109406	Juniper NSM < 2012.2R14 OpenSSL Multiple Vulnerabilities (JSA10851)	Nessus	Misc.	medium
109204	Oracle Enterprise Manager Cloud Control Multiple Vulnerabilities (Apr 2018 CPU)	Nessus	Misc.	medium
108517	pfSense < 2.4.2 Multiple Vulnerabilities (SA-17_07)	Nessus	Firewalls	medium
107231	AIX OpenSSL Advisory : openssl_advisory24.asc	Nessus	AIX Local Security Checks	medium
106547	openSUSE Security Update : nodejs6 (openSUSE-2018-116)	Nessus	SuSE Local Security Checks	medium
106199	Oracle Secure Global Desktop Multiple Vulnerabilities (January 2018 CPU)	Nessus	Misc.	high
106105	Oracle E-Business Multiple Vulnerabilities (January 2018 CPU)	Nessus	Misc.	medium
106104	Oracle VM VirtualBox 5.1.x < 5.1.32 / 5.2.x < 5.2.6 (January 2018 CPU)	Nessus	Misc.	medium
106093	SUSE SLES12 Security Update : openssl (SUSE-SU-2018:0112-1)	Nessus	SuSE Local Security Checks	critical
106092	SUSE SLES12 Security Update : CaaS Platform 2.0 images (SUSE-SU-2018:0053-1)	Nessus	SuSE Local Security Checks	high
105877	Fedora 27 : 1:compat-openssl10 (2017-512a6c5aae)	Nessus	Fedora Local Security Checks	medium
105872	Fedora 27 : 1:openssl (2017-4cf72e2c11)	Nessus	Fedora Local Security Checks	medium
105638	openSUSE Security Update : nodejs4 (openSUSE-2018-5)	Nessus	SuSE Local Security Checks	medium
105263	GLSA-201712-03 : OpenSSL: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
105224	openSUSE Security Update : openssl (openSUSE-2017-1324)	Nessus	SuSE Local Security Checks	medium
105081	macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-002 and 2017-005)	Nessus	MacOS X Local Security Checks	high
105080	macOS 10.13.x < 10.13.2 Multiple Vulnerabilities (Meltdown)	Nessus	MacOS X Local Security Checks	high
105067	FreeBSD : FreeBSD -- OpenSSL multiple vulnerabilities (9442a811-dab3-11e7-b5af-a4badb2f4699)	Nessus	FreeBSD Local Security Checks	medium
104967	SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2017:3169-1)	Nessus	SuSE Local Security Checks	medium
104830	Fedora 26 : 1:openssl (2017-dbec196dd8)	Nessus	Fedora Local Security Checks	medium
104826	Fedora 25 : 1:openssl (2017-55a3247cfd)	Nessus	Fedora Local Security Checks	medium
104729	Fedora 26 : 1:compat-openssl10 (2017-7f30914972)	Nessus	Fedora Local Security Checks	medium
104639	Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2m Multiple Vulnerabilities	Nessus	Misc.	medium
104530	SUSE SLES12 Security Update : openssl (SUSE-SU-2017:2981-1)	Nessus	SuSE Local Security Checks	medium
104481	Debian DLA-1157-1 : openssl security update	Nessus	Debian Local Security Checks	medium
104432	Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : openssl vulnerabilities (USN-3475-1)	Nessus	Ubuntu Local Security Checks	medium
104409	OpenSSL 1.1.0 < 1.1.0g RSA/DSA Unspecified Carry Issue	Nessus	Web Servers	medium
104408	OpenSSL 1.0.x < 1.0.2m RSA/DSA Unspecified Carry Issue	Nessus	Web Servers	medium
104402	Debian DSA-4018-1 : openssl - security update	Nessus	Debian Local Security Checks	medium
104401	Debian DSA-4017-1 : openssl1.0 - security update	Nessus	Debian Local Security Checks	medium
104367	FreeBSD : OpenSSL -- Multiple vulnerabilities (f40f07aa-c00f-11e7-ac58-b499baebfeaf)	Nessus	FreeBSD Local Security Checks	medium

CVE-2017-3735

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0