Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (VPN)  >   OpenSSL Vendors:
(Debian Issues Fix) OpenSSL DTLS Processing Bugs Let Remote Users Deny Service and Execute Arbitrary Code
SecurityTracker Alert ID:  1030355
SecurityTracker URL:
CVE Reference:   CVE-2014-0195, CVE-2014-0221   (Links to External Site)
Date:  Jun 5 2014
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 0.9.8za, 1.0.0m, 1.0.1h
Description:   Two vulnerabilities were reported in OpenSSL. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.

A remote user can send specially crafted DTLS fragments to the target DTLS client or server to trigger a buffer overflow and execute arbitrary code on the target system [CVE-2014-0195]. Only applications using OpenSSL as a DTLS client or server are affected.

The vendor was notified on April 23, 2014.

Juri Aedla reported this vulnerability (via HP's ZDI).

A remote server can send a specially crafted DTLS handshake to the target DTLS client to trigger a recursion flaw and cause the target service to crash [CVE-2014-0221]. Only applications using OpenSSL as a DTLS client are affected.

The vendor was notified on May 9, 2014.

Imre Rad (Search-Lab Ltd.) reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.

A remote user can cause the target service to crash.

Solution:   Debian has issued a fix.

The Debian advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Boundary error, State error
Underlying OS:  Linux (Debian)

Message History:   This archive entry is a follow-up to the message listed below.
Jun 5 2014 OpenSSL DTLS Processing Bugs Let Remote Users Deny Service and Execute Arbitrary Code

 Source Message Contents

Subject:  [SECURITY] [DSA 2950-1] openssl security update

Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2950-1                                 Moritz Muehlenhoff
June 05, 2014                
- -------------------------------------------------------------------------

Package        : openssl
CVE ID         : CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470

Multiple vulnerabilities have been discovered in OpenSSL:


    Jueri Aedla discovered that a buffer overflow in processing DTLS
    fragments could lead to the execution of arbitrary code or denial
    of service.


    Imre Rad discovered the processing of DTLS hello packets is 
    susceptible to denial of service.


    KIKUCHI Masashi discovered that carefully crafted handshakes can
    force the use of weak keys, resulting in potential man-in-the-middle


    Felix Groebert and Ivan Fratric discovered that the implementation of
    anonymous ECDH ciphersuites is suspectible to denial of service.

Additional information can be found at

For the stable distribution (wheezy), these problems have been fixed in
version 1.0.1e-2+deb7u10. All applications linked to openssl need to
be restarted. You can use the tool checkrestart from the package
debian-goodies to detect affected programs or reboot your system. There's
also a forthcoming security update for the Linux kernel later the day
(CVE-2014-3153), so you need to reboot anyway. Perfect timing, isn't it?

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your openssl packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:

Mailing list:
Version: GnuPG v1



Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, LLC