Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SSL:OPENSSL-REC-HANDLING-DOS

Severity

 Medium

Recommended

 No

Recommended Action

 Drop

Category

 SSL

Keywords

 OpenSSL TLS Connection Record Handling Denial of Service

Release Date

 2010/10/14

Update Number

 1792

Supported Platforms

 idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SSL: OpenSSL TLS Connection Record Handling Denial of Service


This signature detects attempts to exploit a known vulnerability in OpenSSL. It is due to an error in the ssl3_get_record() function when handling TLS connections. A remote attacker can exploit this by crafting certain records in TLS packets. A successful attack can result in the termination of the affected service due to a read attempt at NULL, which leads to a denial-of-service condition.

Extended Description

OpenSSL is prone to a denial-of-service vulnerability caused by a NULL-pointer dereference. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. OpenSSL versions 0.9.8f through 0.9.8m are vulnerable.

Affected Products

  • Apple Mac Os X 10.6.5
  • Apple Mac Os X 10.6.6
  • Apple Mac Os X 10.6.7
  • Apple Mac OS X 10.6
  • Apple Mac OS X 10.6.1
  • Apple Mac OS X 10.6.2
  • Apple Mac OS X 10.6.3
  • Apple Mac OS X 10.6.4
  • Apple Mac OS X 10.6.5
  • Apple Mac Os X Server 10.6.7
  • Apple Mac OS X Server 10.6
  • Apple Mac OS X Server 10.6.1
  • Apple Mac OS X Server 10.6.2
  • Apple Mac OS X Server 10.6.3
  • Apple Mac OS X Server 10.6.4
  • Apple Mac OS X Server 10.6.5
  • Apple Mac OS X Server 10.6.5
  • Apple Mac OS X Server 10.6.6
  • Blue Coat Systems Blue Coat Reporter 8.3.3.1
  • Blue Coat Systems Blue Coat Reporter 8.3.7.1
  • Blue Coat Systems Blue Coat Reporter 9.1.5.1
  • Blue Coat Systems Blue Coat Reporter 9.2.3.1
  • F5 ARX 5.1.0
  • F5 ARX 5.1.5
  • F5 BigIP APM 10.1.0
  • F5 BIG-IP Application Security Manager 10.1.0
  • F5 BigIP Application Security Manager (ASM) 10.1.0
  • F5 BigIP Edge 10.1.0
  • F5 BigIP Global Traffic Manager (GTM) 10.1.0
  • F5 BigIP Link Controller 10.1.0
  • F5 BigIP Local Traffic Manager (LTM) 10.1.0
  • F5 BIG-IP Protocol Security Manager 10.1.0
  • F5 BigIP PSM 10.1.0
  • F5 BigIP WAN Optimization Module 10.1.0
  • F5 BigIP WebAccelerator 10.1.0
  • F5 Enterprise Manager 2.0
  • HP HP-UX B.11.11
  • HP HP-UX B.11.23
  • HP HP-UX B.11.31
  • IBM AIX 5.1
  • IBM AIX 5.1.0 L
  • IBM AIX 5.2
  • IBM AIX 5.2.0 L
  • IBM AIX 5.2.2
  • IBM AIX 5.3
  • IBM AIX 5.3.0 L
  • IBM AIX 5.3.10
  • IBM AIX 5.3.7
  • IBM AIX 5.3.8
  • IBM AIX 5.3.9
  • IBM AIX 6.1
  • Intel Active Management Technology SDK 1.0
  • Intel Active Management Technology SDK 2.0
  • Intel Active Management Technology SDK 2.1
  • Intel Active Management Technology SDK 2.2
  • Intel Active Management Technology SDK 2.5
  • Intel Active Management Technology SDK 2.6
  • Intel Active Management Technology SDK 3.0
  • Intel Active Management Technology SDK 3.1
  • Intel Active Management Technology SDK 3.2
  • Intel Active Management Technology SDK 4.0
  • Intel Active Management Technology SDK 4.1
  • Intel Active Management Technology SDK 5.0
  • Intel Setup And Configuration Service 5.0
  • Intel Setup And Configuration Service 6.0
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Enterprise Server 5
  • Mandriva Enterprise Server 5 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2009.0
  • Mandriva Linux Mandrake 2009.0 X86 64
  • Mandriva Linux Mandrake 2009.1
  • Mandriva Linux Mandrake 2009.1 X86 64
  • Mandriva Linux Mandrake 2010.0
  • Mandriva Linux Mandrake 2010.0 X86 64
  • Mandriva Multi Network Firewall 2.0.0
  • OpenBSD 4.5
  • OpenBSD 4.6
  • OpenBSD 4.7
  • OpenSSL Project OpenSSL 0.9.8F
  • OpenSSL Project OpenSSL 0.9.8G
  • OpenSSL Project OpenSSL 0.9.8H
  • OpenSSL Project OpenSSL 0.9.8I
  • OpenSSL Project OpenSSL 0.9.8J
  • OpenSSL Project OpenSSL 0.9.8K
  • OpenSSL Project OpenSSL 0.9.8L
  • OpenSSL Project OpenSSL 0.9.8M
  • Pardus Linux 2009
  • Red Hat Fedora 11
  • Red Hat Fedora 12
  • Red Hat Fedora 13
  • Sun OpenSolaris Build Snv 01
  • Sun OpenSolaris Build Snv 02
  • Sun OpenSolaris Build Snv 100
  • Sun OpenSolaris Build Snv 101
  • Sun OpenSolaris Build Snv 101A
  • Sun OpenSolaris Build Snv 102
  • Sun OpenSolaris Build Snv 103
  • Sun OpenSolaris Build Snv 104
  • Sun OpenSolaris Build Snv 105
  • Sun OpenSolaris Build Snv 106
  • Sun OpenSolaris Build Snv 107
  • Sun OpenSolaris Build Snv 108
  • Sun OpenSolaris Build Snv 109
  • Sun OpenSolaris Build Snv 110
  • Sun OpenSolaris Build Snv 111
  • Sun OpenSolaris Build Snv 111A
  • Sun OpenSolaris Build Snv 112
  • Sun OpenSolaris Build Snv 113
  • Sun OpenSolaris Build Snv 114
  • Sun OpenSolaris Build Snv 115
  • Sun OpenSolaris Build Snv 116
  • Sun OpenSolaris Build Snv 117
  • Sun OpenSolaris Build Snv 118
  • Sun OpenSolaris Build Snv 119
  • Sun OpenSolaris Build Snv 120
  • Sun OpenSolaris Build Snv 121
  • Sun OpenSolaris Build Snv 122
  • Sun OpenSolaris Build Snv 123
  • Sun OpenSolaris Build Snv 124
  • Sun OpenSolaris Build Snv 125
  • Sun OpenSolaris Build Snv 126
  • Sun OpenSolaris Build Snv 127
  • Sun OpenSolaris Build Snv 128
  • Sun OpenSolaris Build Snv 129
  • Sun OpenSolaris Build Snv 13
  • Sun OpenSolaris Build Snv 130
  • Sun OpenSolaris Build Snv 131
  • Sun OpenSolaris Build Snv 132
  • Sun OpenSolaris Build Snv 133
  • Sun OpenSolaris Build Snv 134
  • Sun OpenSolaris Build Snv 135
  • Sun OpenSolaris Build Snv 136
  • Sun OpenSolaris Build Snv 19
  • Sun OpenSolaris Build Snv 22
  • Sun OpenSolaris Build Snv 28
  • Sun OpenSolaris Build Snv 29
  • Sun OpenSolaris Build Snv 35
  • Sun OpenSolaris Build Snv 36
  • Sun OpenSolaris Build Snv 37
  • Sun OpenSolaris Build Snv 38
  • Sun OpenSolaris Build Snv 39
  • Sun OpenSolaris Build Snv 41
  • Sun OpenSolaris Build Snv 45
  • Sun OpenSolaris Build Snv 47
  • Sun OpenSolaris Build Snv 48
  • Sun OpenSolaris Build Snv 49
  • Sun OpenSolaris Build Snv 50
  • Sun OpenSolaris Build Snv 51
  • Sun OpenSolaris Build Snv 54
  • Sun OpenSolaris Build Snv 56
  • Sun OpenSolaris Build Snv 57
  • Sun OpenSolaris Build Snv 58
  • Sun OpenSolaris Build Snv 59
  • Sun OpenSolaris Build Snv 61
  • Sun OpenSolaris Build Snv 64
  • Sun OpenSolaris Build Snv 67
  • Sun OpenSolaris Build Snv 68
  • Sun OpenSolaris Build Snv 71
  • Sun OpenSolaris Build Snv 74
  • Sun OpenSolaris Build Snv 76
  • Sun OpenSolaris Build Snv 77
  • Sun OpenSolaris Build Snv 78
  • Sun OpenSolaris Build Snv 80
  • Sun OpenSolaris Build Snv 81
  • Sun OpenSolaris Build Snv 82
  • Sun OpenSolaris Build Snv 83
  • Sun OpenSolaris Build Snv 84
  • Sun OpenSolaris Build Snv 85
  • Sun OpenSolaris Build Snv 86
  • Sun OpenSolaris Build Snv 87
  • Sun OpenSolaris Build Snv 88
  • Sun OpenSolaris Build Snv 89
  • Sun OpenSolaris Build Snv 90
  • Sun OpenSolaris Build Snv 91
  • Sun OpenSolaris Build Snv 92
  • Sun OpenSolaris Build Snv 93
  • Sun OpenSolaris Build Snv 94
  • Sun OpenSolaris Build Snv 95
  • Sun OpenSolaris Build Snv 96
  • Sun OpenSolaris Build Snv 98
  • Sun OpenSolaris Build Snv 99
  • Sun OpenSolaris
  • VMWare vCenter 4.0
  • VMWare vCenter 4.0 Update 1
  • VMWare vCenter 4.1
  • VMWare VirtualCenter 2.5
  • VMWare VirtualCenter 2.5 Update 1
  • VMWare VirtualCenter 2.5 Update 2
  • VMWare VirtualCenter 2.5.Update 3 Build 11983
  • VMWare VirtualCenter 2.5 Update 4
  • VMWare VirtualCenter 2.5 Update 5
  • VMWare VirtualCenter 2.5 Update 6
  • VooDoo cIRCle cIRCle 1.1.39
  • VooDoo cIRCle cIRCle XTelnet 0.4.5

References

  • BugTraq: 39013
  • CVE: CVE-2010-0740

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out