cpe:/a:openssl:openssl:1.0.0 cpe:/a:openssl:openssl:1.0.0:beta1 cpe:/a:openssl:openssl:1.0.0:beta2 cpe:/a:openssl:openssl:1.0.0:beta3 cpe:/a:openssl:openssl:1.0.0:beta4 cpe:/a:openssl:openssl:1.0.0:beta5 cpe:/a:openssl:openssl:1.0.0a cpe:/a:openssl:openssl:1.0.0b cpe:/a:openssl:openssl:1.0.0c cpe:/a:openssl:openssl:1.0.0d cpe:/a:openssl:openssl:1.0.0e cpe:/a:openssl:openssl:1.0.0f cpe:/a:openssl:openssl:1.0.0g cpe:/a:openssl:openssl:1.0.0h cpe:/a:openssl:openssl:1.0.0i cpe:/a:openssl:openssl:1.0.0j cpe:/a:openssl:openssl:1.0.0k cpe:/a:openssl:openssl:1.0.0l cpe:/a:openssl:openssl:1.0.1 cpe:/a:openssl:openssl:1.0.1:beta1 cpe:/a:openssl:openssl:1.0.1:beta2 cpe:/a:openssl:openssl:1.0.1:beta3 cpe:/a:openssl:openssl:1.0.1a cpe:/a:openssl:openssl:1.0.1b cpe:/a:openssl:openssl:1.0.1c cpe:/a:openssl:openssl:1.0.1d cpe:/a:openssl:openssl:1.0.1e cpe:/a:openssl:openssl:1.0.1f cpe:/a:openssl:openssl:1.0.1g CVE-2014-0198 2014-05-06T06:44:05.470-04:00 2017-11-14T21:29:02.923-05:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2016-07-08T11:52:41.530-04:00 CISCO 20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products BUGTRAQ 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities FULLDISC 20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE SECUNIA 58337 SECUNIA 58667 SECUNIA 58713 SECUNIA 58714 SECUNIA 58939 SECUNIA 58945 SECUNIA 58977 SECUNIA 59126 SECUNIA 59162 SECUNIA 59163 SECUNIA 59190 SECUNIA 59202 SECUNIA 59264 SECUNIA 59282 SECUNIA 59284 SECUNIA 59287 SECUNIA 59300 SECUNIA 59301 SECUNIA 59306 SECUNIA 59310 SECUNIA 59342 SECUNIA 59374 SECUNIA 59398 SECUNIA 59413 SECUNIA 59437 SECUNIA 59438 SECUNIA 59440 SECUNIA 59449 SECUNIA 59450 SECUNIA 59490 SECUNIA 59491 SECUNIA 59514 SECUNIA 59525 SECUNIA 59529 SECUNIA 59655 SECUNIA 59666 SECUNIA 59669 SECUNIA 59721 SECUNIA 59784 SECUNIA 59990 SECUNIA 60049 SECUNIA 60066 SECUNIA 60571 SECUNIA 61254 BID 67193 DEBIAN DSA-2931 FEDORA FEDORA-2014-9301 FEDORA FEDORA-2014-9308 GENTOO GLSA-201407-05 HP HPSBGN03068 HP HPSBHF03052 HP HPSBMU03051 HP HPSBMU03055 HP HPSBMU03056 HP HPSBMU03057 HP HPSBMU03062 HP HPSBMU03074 HP HPSBMU03076 IAVM IAVM:2014-A-0083 IAVM IAVM:2014-A-0087 IAVM IAVM:2014-A-0089 IAVM IAVM:2014-A-0099 IAVM IAVM:2014-A-0100 IAVM IAVM:2014-A-0109 IAVM IAVM:2014-A-0110 IAVM IAVM:2014-A-0111 IAVM IAVM:2014-A-0115 IAVM IAVM:2014-B-0077 IAVM IAVM:2014-B-0078 IAVM IAVM:2014-B-0079 IAVM IAVM:2014-B-0080 IAVM IAVM:2014-B-0085 IAVM IAVM:2014-B-0088 IAVM IAVM:2014-B-0089 IAVM IAVM:2014-B-0091 IAVM IAVM:2014-B-0092 IAVM IAVM:2014-B-0097 IAVM IAVM:2014-B-0101 IAVM IAVM:2014-B-0102 IAVM IAVM:2014-B-0103 MANDRIVA MDVSA-2014:080 MANDRIVA MDVSA-2015:062 SUSE SUSE-SU-2015:0743 OPENBSD [5.5] 005: RELIABILITY FIX: May 1, 2014 CONFIRM http://advisories.mageia.org/MGASA-2014-0204.html CONFIRM http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc CONFIRM http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 CONFIRM http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 MISC http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html CONFIRM http://puppetlabs.com/security/cve/cve-2014-0198 CONFIRM http://support.citrix.com/article/CTX140876 CONFIRM http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html CONFIRM http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21673137 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21676035 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21676062 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21676419 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21676529 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21676655 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21676879 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21676889 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21677527 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21677695 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21677828 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21677836 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21678167 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21683332 CONFIRM http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 CONFIRM http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 CONFIRM http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 CONFIRM http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 CONFIRM http://www.blackberry.com/btsc/KB36051 CONFIRM http://www.fortiguard.com/advisory/FG-IR-14-018/ CONFIRM http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm CONFIRM http://www.ibm.com/support/docview.wss?uid=swg21676356 CONFIRM http://www.ibm.com/support/docview.wss?uid=swg24037783 CONFIRM http://www.openssl.org/news/secadv_20140605.txt CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html CONFIRM http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html CONFIRM http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html CONFIRM http://www.vmware.com/security/advisories/VMSA-2014-0006.html CONFIRM http://www.vmware.com/security/advisories/VMSA-2014-0012.html CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1093837 CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946 CONFIRM https://kb.bluecoat.com/index?page=content&id=SA80 CONFIRM https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 CONFIRM https://kc.mcafee.com/corporate/index?page=content&id=SB10075 CONFIRM https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321 CONFIRM https://www.novell.com/support/kb/doc.php?id=7015271 SUSE openSUSE-SU-2014:0634 SUSE openSUSE-SU-2014:0635 The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.