#VU41410 Information disclosure in OpenSSL - CVE-2014-3508


| Updated: 2020-08-10

Vulnerability identifier: #VU41410

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2014-3508

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenSSL
Server applications / Encryption software

Vendor: OpenSSL Software Foundation

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions.

Mitigation
Install update from vendor's website.

Vulnerable software versions

OpenSSL: 0.9.8y - 0.9.8p, 1.0.0g - 1.0.0, 1.0.1c - 1.0.1

External links
https:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc
https://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc
https://linux.oracle.com/errata/ELSA-2014-1052.html
https://linux.oracle.com/errata/ELSA-2014-1053.html
https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html
https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html
https://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
https://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html
https://marc.info/?l=bugtraq&m=140853041709441&w=2
https://marc.info/?l=bugtraq&m=140973896703549&w=2
https://marc.info/?l=bugtraq&m=141077370928502&w=2
https://marc.info/?l=bugtraq&m=142495837901899&w=2
https://marc.info/?l=bugtraq&m=142624590206005&w=2
https://marc.info/?l=bugtraq&m=142660345230545&w=2
https://marc.info/?l=bugtraq&m=142791032306609&w=2
https://marc.info/?l=bugtraq&m=143290437727362&w=2
https://marc.info/?l=bugtraq&m=143290522027658&w=2
https://rhn.redhat.com/errata/RHSA-2014-1256.html
https://rhn.redhat.com/errata/RHSA-2014-1297.html
https://secunia.com/advisories/58962
https://secunia.com/advisories/59221
https://secunia.com/advisories/59700
https://secunia.com/advisories/59710
https://secunia.com/advisories/59743
https://secunia.com/advisories/59756
https://secunia.com/advisories/60022
https://secunia.com/advisories/60221
https://secunia.com/advisories/60410
https://secunia.com/advisories/60493
https://secunia.com/advisories/60684
https://secunia.com/advisories/60687
https://secunia.com/advisories/60778
https://secunia.com/advisories/60803
https://secunia.com/advisories/60824
https://secunia.com/advisories/60861
https://secunia.com/advisories/60917
https://secunia.com/advisories/60921
https://secunia.com/advisories/60938
https://secunia.com/advisories/61017
https://secunia.com/advisories/61100
https://secunia.com/advisories/61171
https://secunia.com/advisories/61184
https://secunia.com/advisories/61214
https://secunia.com/advisories/61250
https://secunia.com/advisories/61392
https://secunia.com/advisories/61775
https://secunia.com/advisories/61959
https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15571.html
https://www.debian.org/security/2014/dsa-2998
https://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm
https://www.mandriva.com/security/advisories?name=MDVSA-2014:158
https://www.securityfocus.com/bid/69075
https://www.securitytracker.com/id/1030693
https://www.tenable.com/security/tns-2014-06
https://www-01.ibm.com/support/docview.wss?uid=nas8N1020240
https://www-01.ibm.com/support/docview.wss?uid=swg21681752
https://www-01.ibm.com/support/docview.wss?uid=swg21682293
https://www-01.ibm.com/support/docview.wss?uid=swg21683389
https://www-01.ibm.com/support/docview.wss?uid=swg21686997
https://blogs.oracle.com/sunsecurity/entry/cve_2014_3508_information_disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1127490
https://exchange.xforce.ibmcloud.com/vulnerabilities/95165
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=0042fb5fd1c9d257d713b15a1f45da05cf5c1c87
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html
https://support.citrix.com/article/CTX216642
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc
https://www.openssl.org/news/secadv_20140806.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM SAN Volume Controller and Storwize Family
Multiple vulnerabilities in Lenovo SAN Volume Controller and Storwize Family
Multiple vulnerabilities in HP Insight Control server deployment on Linux and Windows
Multiple vulnerabilities in HP Systems Insight Manager
Information disclosure in HP IceWall SSO Dfw, SSO Agent and MCRP
Multiple vulnerabilities in IBM FlashSystem (and TMS RAMSAN) 710, 720, 810, and 820 systems
Multiple vulnerabilities in IBM FlashSystem 840 and V840
Multiple vulnerabilities in HP OpenVMS running OpenSSL
Multiple vulnerabilities in OpenSSL
Multiple vulnerabilities in HP-UX running OpenSSL