OpenSSL 安全漏洞

admin

0
文章

0
评论

2022-07-13 21:42:01 CNNVD漏洞来源：ZONE.CI 全球网 0 阅读模式

漏洞信息详情

OpenSSL 安全漏洞

CNNVD编号：CNNVD-201406-081
危害等级：中危
CVE编号： CVE-2014-3470
漏洞类型：加密问题
发布时间： 2014-06-09
威胁类型：远程
更新时间： 2022-02-18
厂商： redhat
漏洞来源：

漏洞简介

OpenSSL是OpenSSL团队开发的一个开源的能够实现安全套接层（SSL v2/v3）和安全传输层（TLS v1）协议的通用加密库，它支持多种加密算法，包括对称密码、哈希算法、安全散列算法等。

OpenSSL的s3_clnt.c文件中的‘ssl3_send_client_key_exchange’函数存在安全漏洞。当使用匿名的ECDH密码套件时，远程攻击者可利用该漏洞造成拒绝服务（空指针逆向引用和客户端崩溃）。以下版本受到影响：OpenSSL 0.9.8y及之前的版本，1.0.0m之前的1.0.0版本，1.0.1h之前的1.0.1版本。

漏洞公告

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：

http://www.openssl.org/news/secadv_20140605.txt

参考网址

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21676071

来源:CONFIRM

链接:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946

来源:CONFIRM

链接:http://kb.juniper.net/InfoCenter/index?page=content&id=jsA10629

来源:SECUNIA

链接:http://secunia.com/advisories/59264

来源:SECUNIA

链接:http://secunia.com/advisories/59301

来源:SECUNIA

链接:http://secunia.com/advisories/59300

来源:SECUNIA

链接:http://secunia.com/advisories/59784

来源:SECUNIA

链接:http://secunia.com/advisories/59413

来源:SECUNIA

链接:http://secunia.com/advisories/59655

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21677836

来源:SECUNIA

链接:http://secunia.com/advisories/59659

来源:CONFIRM

链接:http://www.openssl.org/news/secadv_20140605.txt

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21676501

来源:HP

链接:http://marc.info/?l=bugtraq&m=140317760000786&w=2

来源:CONFIRM

链接:http://www.splunk.com/view/SP-CAAAM2D

来源:HP

链接:http://marc.info/?l=bugtraq&m=140491231331543&w=2

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21683332

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21676062

来源:SECUNIA

链接:http://secunia.com/advisories/59310

来源:SECUNIA

链接:http://secunia.com/advisories/59431

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21677828

来源:FULLDISC

链接:http://seclists.org/fulldisclosure/2014/Dec/23

来源:SECUNIA

链接:http://secunia.com/advisories/59666

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21676615

来源:SECUNIA

链接:http://secunia.com/advisories/58337

来源:SECUNIA

链接:http://secunia.com/advisories/58579

来源:HP

链接:http://marc.info/?l=bugtraq&m=140904544427729&w=2

来源:SECUNIA

链接:http://secunia.com/advisories/58977

来源:SECUNIA

链接:http://secunia.com/advisories/59306

来源:SECUNIA

链接:http://secunia.com/advisories/59669

来源:SECUNIA

链接:http://secunia.com/advisories/58615

来源:CONFIRM

链接:http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/kb/HT6443

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=isg400001843

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=isg400001841

来源:HP

链接:http://marc.info/?l=bugtraq&m=140266410314613&w=2

来源:CONFIRM

链接:http://www.vmware.com/security/advisories/VMSA-2014-0006.HTML

来源:CONFIRM

链接:http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E

来源:SECUNIA

链接:http://secunia.com/advisories/59120

来源:SECUNIA

链接:http://secunia.com/advisories/59362

来源:SECUNIA

链接:http://secunia.com/advisories/59483

来源:CONFIRM

链接:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.HTML

来源:SECUNIA

链接:http://secunia.com/advisories/59365

来源:SECUNIA

链接:http://secunia.com/advisories/59364

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.HTML

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21673137

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21676889

来源:SECUNIA

链接:http://secunia.com/advisories/58667

来源:SECUNIA

链接:http://secunia.com/advisories/59514

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21676529

来源:HP

链接:http://marc.info/?l=bugtraq&m=140448122410568&w=2

来源:SECUNIA

链接:http://secunia.com/advisories/59518

来源:SECUNIA

链接:http://secunia.com/advisories/58945

来源:SECUNIA

链接:http://secunia.com/advisories/59916

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21677695

来源:CONFIRM

链接:http://www.blackberry.com/btsc/KB36051

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.HTML

来源:SECUNIA

链接:http://secunia.com/advisories/59491

来源:SECUNIA

链接:http://secunia.com/advisories/59490

来源:CONFIRM

链接:https://kb.bluecoat.com/index?page=content&id=SA80

来源:SECUNIA

链接:http://secunia.com/advisories/59495

来源:CONFIRM

链接:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755

来源:CONFIRM

链接:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756

来源:CONFIRM

链接:http://www.novell.com/support/kb/doc.php?id=7015300

来源:SECUNIA

链接:http://secunia.com/advisories/59895

来源:CONFIRM

链接:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757

来源:CONFIRM

链接:http://www.novell.com/support/kb/doc.php?id=7015264

来源:FEDORA

链接:http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.HTML

来源:SECUNIA

链接:http://secunia.com/advisories/58797

来源:FEDORA

链接:http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.HTML

来源:SECUNIA

链接:http://secunia.com/advisories/59126

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21676879

来源:SECUNIA

链接:http://secunia.com/advisories/59525

来源:CONFIRM

链接:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754

来源:SECUNIA

链接:http://secunia.com/advisories/58713

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163

来源:SECUNIA

链接:http://secunia.com/advisories/58714

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21675821

来源:MANDRIVA

链接:http://www.mandriva.com/security/advisories?name=MDVSA-2014:105

来源:SECUNIA

链接:http://secunia.com/advisories/58716

来源:MANDRIVA

链接:http://www.mandriva.com/security/advisories?name=MDVSA-2014:106

来源:CONFIRM

链接:http://www.ibm.com/support/docview.wss?uid=swg21676793

来源:CONFIRM

链接:https://kc.mcafee.com/corporate/index?page=content&id=SB10075

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.HTML

来源:BUGTRAQ

链接:http://www.securityfocus.com/archive/1/534161/100/0/threaded

来源:SECUNIA

链接:http://secunia.com/advisories/59460

来源:HP

链接:http://marc.info/?l=bugtraq&m=140499827729550&w=2

来源:SECUNIA

链接:http://secunia.com/advisories/59340

来源:SECUNIA

链接:http://secunia.com/advisories/59189

来源:CISCO

链接:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl

来源:SECUNIA

链接:http://secunia.com/advisories/59342

来源:SECUNIA

链接:http://secunia.com/advisories/59223

来源:SECUNIA

链接:http://secunia.com/advisories/59459

来源:CONFIRM

链接:http://www.vmware.com/security/advisories/VMSA-2014-0012.HTML

来源:SECUNIA

链接:http://secunia.com/advisories/61254

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21678289

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21678167

来源:HP

链接:http://marc.info/?l=bugtraq&m=140431828824371&w=2

来源:SECUNIA

链接:http://secunia.com/advisories/59192

来源:SECUNIA

链接:http://secunia.com/advisories/59191

来源:CONFIRM

链接:http://www.f-secure.com/en/web/labs_global/fsc-2014-6

来源:SECUNIA

链接:http://secunia.com/advisories/59990

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21676419

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg24037761

来源:CONFIRM

链接:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.HTML

来源:CONFIRM

链接:http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.HTML

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21676655

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21676496

来源:SECUNIA

链接:http://secunia.com/advisories/58939

来源:CONFIRM

链接:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc

来源:SECUNIA

链接:http://secunia.com/advisories/60571

来源:HP

链接:http://marc.info/?l=bugtraq&m=140752315422991&w=2

来源:SECUNIA

链接:http://secunia.com/advisories/59282

来源:SECUNIA

链接:http://secunia.com/advisories/59284

来源:SECUNIA

链接:http://secunia.com/advisories/59162

来源:SECUNIA

链接:http://secunia.com/advisories/59440

来源:SECUNIA

链接:http://secunia.com/advisories/59167

来源:SECUNIA

链接:http://secunia.com/advisories/59442

来源:CONFIRM

链接:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.HTML

来源:SECUNIA

链接:http://secunia.com/advisories/59287

来源:SECUNIA

链接:http://secunia.com/advisories/59441

来源:SECUNIA

链接:http://secunia.com/advisories/58742

来源:HP

链接:http://marc.info/?l=bugtraq&m=140389355508263&w=2

来源:SECUNIA

链接:http://secunia.com/advisories/59437

来源:SECUNIA

链接:http://secunia.com/advisories/59438

来源:CONFIRM

链接:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.HTML

来源:CONFIRM

链接:http://support.citrix.com/article/CTX140876

来源:HP

链接:http://marc.info/?l=bugtraq&m=140389274407904&w=2

来源:CONFIRM

链接:https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8011cd56e39a433b1837465259a9bd24a38727fb

来源:CONFIRM

链接:https://www.novell.com/support/kb/doc.php?id=7015271

来源:CONFIRM

链接:http://www.ibm.com/support/docview.wss?uid=swg21676356

来源:CONFIRM

链接:http://www.ibm.com/support/docview.wss?uid=swg24037783

来源:SECUNIA

链接:http://secunia.com/advisories/59451

来源:SECUNIA

链接:http://secunia.com/advisories/59175

来源:SECUNIA

链接:http://secunia.com/advisories/59450

来源:SECUNIA

链接:http://secunia.com/advisories/59721

来源:HP

链接:http://marc.info/?l=bugtraq&m=140482916501310&w=2

来源:SECUNIA

链接:http://secunia.com/advisories/59445

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21677527

来源:CONFIRM

链接:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm

来源:MANDRIVA

链接:http://www.mandriva.com/security/advisories?name=MDVSA-2015:062

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21675626

来源:SECUNIA

链接:http://secunia.com/advisories/59449

来源:CONFIRM

链接:http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195

来源:CONFIRM

链接:http://www-01.ibm.com/support/docview.wss?uid=swg21676035

来源:HP

链接:http://marc.info/?l=bugtraq&m=140621259019789&w=2

来源:BID

链接:http://www.securityfocus.com/bid/67898

来源:CONFIRM

链接:http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E

来源:CONFIRM

链接:https://bugzilla.redhat.com/show_bug.cgi?id=1103600

来源:GENTOO

链接:http://security.gentoo.org/glsa/glsa-201407-05.xml

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2022.0696

来源:support.lenovo.com

链接:https://support.lenovo.com/us/en/solutions/LEN-24443

受影响实体

Redhat Enterprise_linux:6
Redhat Enterprise_linux:5

补丁

openssl-1.0.1h
openssl-1.0.0m
openssl-0.9.8za

特别声明

本站(ZONE.CI)所有文章仅供技术研究，若将其信息做其他用途，由用户承担全部法律及连带责任，本站不承担任何法律及连带责任，请遵守中华人民共和国安全法.

ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带

咨询加Q：999999999

ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带

ZONE.CI 全球网安全领域涉猎者-乌云独行地带

ZONE.CI 全球网

Plugins

WordPress

Web前端

设计资源

OpenSSL 安全漏洞

漏洞信息详情

OpenSSL 安全漏洞

漏洞简介

漏洞公告

参考网址

受影响实体

补丁

OpenSSL 安全漏洞

EMC Documentum Digital Asset Manager 输入验证漏洞

MyHeritage SEQueryObject ActiveX控件跨站脚本漏洞

Red Hat sos 信任管理漏洞

CoSoSys Endpoint Protector SQL注入漏洞

Drupal AddressField Tokens模块跨站脚本漏洞

PHP-Nuke Submit_News模块SQL注入漏洞

XOOPS Glossaire模块SQL注入漏洞

多款D-Link产品缓冲区溢出漏洞

BOINC 缓冲区溢出漏洞

ZONE.CI 全球网