CVE - CVE - 2014 - 3508

CVE-ID
cve - 2014 - 3508	了解更多国家漏洞数据库(NVD) •CVSS严重性评级•修复信息•••CPE SCAP映射脆弱的软件版本信息
描述
在加密/对象/ obj_dat OBJ_obj2txt函数。c OpenSSL 0.9.8 0.9.8zb之前,1.0.0 1.0.0n之前,和1.0.1 1.0.1i之前,使用漂亮的印刷时,不能确保的存在' \ 0字符,上下文相关的攻击者可以从进程堆栈内存通过阅读获取敏感信息输出从X509_name_oneline X509_name_print_ex和未指明的其他功能。
引用
注意:引用为方便读者提供帮助区分漏洞。并不是完整列表。
报价:69075 URL: http://www.securityfocus.com/bid/69075 确认:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc 确认:http://linux.oracle.com/errata/elsa - 2014 - 1052. - html 确认:http://linux.oracle.com/errata/elsa - 2014 - 1053. - html 确认:http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15571.html 确认:http://www ibm.com/support/docview.wss?uid=nas8n1020240——01. 确认:http://www ibm.com/support/docview.wss?uid=swg21681752——01. 确认:http://www ibm.com/support/docview.wss?uid=swg21682293——01. 确认:http://www ibm.com/support/docview.wss?uid=swg21683389——01. 确认:http://www ibm.com/support/docview.wss?uid=swg21686997——01. 确认:http://www.huawei.com/en/security/psirt/security - bulletins/security advisories/hw - 372998. - htm 确认:http://www.tenable.com/security/tns - 2014 - 06 确认:https://blogs.oracle.com/sunsecurity/entry/cve_2014_3508_information_disclosure 确认:https://bugzilla.redhat.com/show_bug.cgi?id=1127490 确认:https://git.openssl.org/gitweb/?p=openssl.git; =提交;h = 0042 fb5fd1c9d257d713b15a1f45da05cf5c1c87 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 确认:https://support.citrix.com/article/CTX216642 确认:https://www.openssl.org/news/万博下载包secadv_20140806.txt DEBIAN: dsa - 2998 URL: http://www.debian.org/security/2014/dsa - 2998 FEDORA: FEDORA - 2014 - 9301 URL: http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html FEDORA: FEDORA - 2014 - 9308 URL: http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html FREEBSD: FreeBSD-SA-14:18 URL: https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc 惠普:HPSBGN03099 URL: http://marc.info/?l=bugtraq&m=140973896703549&w=2 惠普:HPSBHF03293 URL: http://marc.info/?l=bugtraq&m=142660345230545&w=2 惠普:HPSBMU03260 URL: http://marc.info/?l=bugtraq&m=142495837901899&w=2 惠普:HPSBMU03261 URL: http://marc.info/?l=bugtraq&m=143290522027658&w=2 惠普:HPSBMU03263 URL: http://marc.info/?l=bugtraq&m=143290437727362&w=2 惠普:HPSBMU03267 URL: http://marc.info/?l=bugtraq&m=142624590206005&w=2 惠普:HPSBMU03304 URL: http://marc.info/?l=bugtraq&m=142791032306609&w=2 惠普:HPSBOV03099 URL: http://marc.info/?l=bugtraq&m=141077370928502&w=2 惠普:HPSBUX03095 URL: http://marc.info/?l=bugtraq&m=140853041709441&w=2 惠普:SSRT101674 URL: http://marc.info/?l=bugtraq&m=140853041709441&w=2 惠普:SSRT101846 URL: http://marc.info/?l=bugtraq&m=142660345230545&w=2 惠普:SSRT101894 URL: http://marc.info/?l=bugtraq&m=142495837901899&w=2 MANDRIVA: MDVSA-2014:158 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2014:158~~(过时的来源) MLIST (syslog-ng-announce): 20140910 syslog-ng溢价版5 LTS (5.0.6a)已经被释放 URL: https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html NETBSD: NETBSD - sa2014 - 008 URL: ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd txt.asc——sa2014 - 008. 红帽:RHSA-2014:1256 URL: http://rhn.redhat.com/errata/rhsa - 2014 - 1256. - html 红帽:RHSA-2014:1297 URL: http://rhn.redhat.com/errata/rhsa - 2014 - 1297. - html SECTRACK: 1030693 URL: http://www.securitytracker.com/id/1030693 SECUNIA: 58962 URL: http://secunia.com/advisories/58962 SECUNIA: 59221 URL: http://secunia.com/advisories/59221 SECUNIA: 59700 URL: http://secunia.com/advisories/59700 SECUNIA: 59710 URL: http://secunia.com/advisories/59710 SECUNIA: 59743 URL: http://secunia.com/advisories/59743 SECUNIA: 59756 URL: http://secunia.com/advisories/59756 SECUNIA: 60022 URL: http://secunia.com/advisories/60022 SECUNIA: 60221 URL: http://secunia.com/advisories/60221 SECUNIA: 60410 URL: http://secunia.com/advisories/60410 SECUNIA: 60493 URL: http://secunia.com/advisories/60493 SECUNIA: 60684 URL: http://secunia.com/advisories/60684 SECUNIA: 60687 URL: http://secunia.com/advisories/60687 SECUNIA: 60778 URL: http://secunia.com/advisories/60778 SECUNIA: 60803 URL: http://secunia.com/advisories/60803 SECUNIA: 60824 URL: http://secunia.com/advisories/60824 SECUNIA: 60861 URL: http://secunia.com/advisories/60861 SECUNIA: 60917 URL: http://secunia.com/advisories/60917 SECUNIA: 60921 URL: http://secunia.com/advisories/60921 SECUNIA: 60938 URL: http://secunia.com/advisories/60938 SECUNIA: 61017 URL: http://secunia.com/advisories/61017 SECUNIA: 61100 URL: http://secunia.com/advisories/61100 SECUNIA: 61171 URL: http://secunia.com/advisories/61171 SECUNIA: 61184 URL: http://secunia.com/advisories/61184 SECUNIA: 61214 URL: http://secunia.com/advisories/61214 SECUNIA: 61250 URL: http://secunia.com/advisories/61250 SECUNIA: 61392 URL: http://secunia.com/advisories/61392 SECUNIA: 61775 URL: http://secunia.com/advisories/61775 SECUNIA: 61959 URL: http://secunia.com/advisories/61959 SUSE: SUSE-SU-2015:0578 URL: http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html SUSE: openSUSE-SU-2014:1052 URL: http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html SUSE: openSUSE-SU-2016:0640 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html XF: openssl-cve20143508-info-disc (95165) URL: https://exchange.xforce.ibmcloud.com/vulnerabilities/95165
分配中央社
红帽公司。
创建日期记录
20140514	免责声明:记录创建日期可能反映了CVE ID分配或保留的时候,,不一定表示当发现了这个漏洞,与受影响的供应商,在CVE公开披露,或更新。
阶段(遗留)
分配(20140514)
票(遗留)

评论(遗留)

提出(遗留)
N /一个
这是一个记录CVE列表,它提供了共同的标识符公开已知的网络安全漏洞。
CVE使用关键字搜索: 你也可以搜索参考使用CVE参考地图。
更多信息:CVE请求Web表单(从下拉框中选择“其他”)

回到顶部

cve - 2014 - 3508