Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2014-3470: SUSE Linux Security Advisory

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

SUSE: CVE-2014-3470: SUSE Linux Security Advisory

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

06/05/2014

Created

07/25/2018

Added

12/18/2015

Modified

02/04/2022

Description

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.

Solution(s)

suse-upgrade-compat-openssl097g
suse-upgrade-compat-openssl097g-32bit
suse-upgrade-libmysqlclient-devel
suse-upgrade-libmysqlclient18
suse-upgrade-libmysqlclient18-32bit
suse-upgrade-libmysqlclient_r18
suse-upgrade-libmysqlclient_r18-32bit
suse-upgrade-libmysqld-devel
suse-upgrade-libmysqld18
suse-upgrade-libopenssl-1_0_0-devel
suse-upgrade-libopenssl-1_1-devel
suse-upgrade-libopenssl-1_1-devel-32bit
suse-upgrade-libopenssl-devel
suse-upgrade-libopenssl0_9_8
suse-upgrade-libopenssl0_9_8-32bit
suse-upgrade-libopenssl0_9_8-hmac
suse-upgrade-libopenssl0_9_8-hmac-32bit
suse-upgrade-libopenssl0_9_8-x86
suse-upgrade-libopenssl1-devel
suse-upgrade-libopenssl1_0_0
suse-upgrade-libopenssl1_0_0-32bit
suse-upgrade-libopenssl1_0_0-hmac
suse-upgrade-libopenssl1_0_0-hmac-32bit
suse-upgrade-libopenssl1_0_0-x86
suse-upgrade-libopenssl1_1
suse-upgrade-libopenssl1_1-32bit
suse-upgrade-libopenssl1_1-hmac
suse-upgrade-libopenssl1_1-hmac-32bit
suse-upgrade-mariadb
suse-upgrade-mariadb-100-errormessages
suse-upgrade-mariadb-client
suse-upgrade-mariadb-errormessages
suse-upgrade-mariadb-tools
suse-upgrade-openssl
suse-upgrade-openssl-1_0_0
suse-upgrade-openssl-1_0_0-doc
suse-upgrade-openssl-1_1
suse-upgrade-openssl-doc
suse-upgrade-openssl1
suse-upgrade-openssl1-doc

References

SUSE-SU-2014:0759-1
SUSE-SU-2014:0759-2
SUSE-SU-2014:0761-1
SUSE-SU-2014:0762-1
SUSE-SU-2014:1208-1
SUSE-SU-2014:1557-1
SUSE-SU-2014:1557-2
SUSE-SU-2015:0578
SUSE-SU-2015:0743
SUSE-SU-2015:0743-1
58337
58615
58667
58713
58714
58716
58742
58945
58977
59167
59175
59189
59192
59223
59264
59282
59284
59287
59306
59310
59340
59362
59364
59365
59431
59437
59440
59441
59445
59449
59460
59483
59518
59525
61254
GLSA-201407-05
MDVSA-2014:105
MDVSA-2014:106
MDVSA-2015:062
67898
CVE-2014-3470
USN-2232-1
USN-2232-2
USN-2232-3
USN-2232-4
DLA-0003-1
DSA-2950

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2014-3470: SUSE Linux Security Advisory

SUSE: CVE-2014-3470: SUSE Linux Security Advisory

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.