New OpenSSL Vulnerabilities (Aug 29, 2014)
The security industry starts putting more resources reviewing the source code of OpenSSL project when the infamous HeartBleed bug was disclosed. Since then several new vulnerabilities are discovered and OpenSSL has released patches for them. These operations would make the Internet more secure if everyone adopts the latest OpenSSL libraries as soon as they become available. Dell SonicWALL keeps monitoring OpenSSL related news and reacts immediately; following are some incidents:
CVE-2014-3470 The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
Related signature(s):- 4790 OpenSSL Anonymous ECDH DoS 1
- 4822 OpenSSL Anonymous ECDH DoS 2
CVE-2014-3506 d1_both.c in the DTLS implementation in OpenSSL allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.
Related signature(s):- 5210 OpenSSL DTLS handshake DoS
CVE-2014-3507 Memory leak in d1_both.c in the DTLS implementation in OpenSSL allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function.
Related signature(s):- 5127 OpenSSL DTLS Zero-Length Fragments DoS
CVE-2014-3512 Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.
Related signature(s):- 5211 OpenSSL Invalid SRP Parameters Buffer Overflow