OpenSSL OCSP Stapling 'ClientHello' Handshake Message Parsing Security Vulnerability

Bugtraq ID: 46264
Class: Unknown
CVE: CVE-2011-0014
Remote: Yes
Local: No
Published: Feb 08 2011 12:00AM
Updated: Mar 17 2014 12:05AM
Credit: Neel Mehta from Google
Vulnerable: VMWare ESXi 5.0
VMWare ESXi 4.1
VMWare ESXi 4.0
VMWare ESXi 3.5
VMWare ESX 4.1
VMWare ESX 4.0
VMWare ESX 3.5
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
Slackware Linux x86_64 -current
Slackware Linux 13.1 x86_64
Slackware Linux 13.1
Slackware Linux 13.0 x86_64
Slackware Linux 13.0
Slackware Linux 12.2
Slackware Linux 12.1
Slackware Linux 12.0
Slackware Linux 11.0
Slackware Linux -current
Red Hat Fedora 15
Red Hat Fedora 14
Red Hat Fedora 13
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node Optional 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux Desktop 6
OpenSSL Project OpenSSL 1.0.2
OpenSSL Project OpenSSL 1.0
OpenSSL Project OpenSSL 0.9.8 k
OpenSSL Project OpenSSL 0.9.8 j
OpenSSL Project OpenSSL 0.9.8 i
OpenSSL Project OpenSSL 0.9.8 h
OpenSSL Project OpenSSL 1.0.0c
OpenSSL Project OpenSSL 1.0.0b
OpenSSL Project OpenSSL 1.0.0b
OpenSSL Project OpenSSL 1.0.0b
OpenSSL Project OpenSSL 1.0.0A
OpenSSL Project OpenSSL 1.0.0a
OpenSSL Project OpenSSL 0.9.8Q
OpenSSL Project OpenSSL 0.9.8p
OpenSSL Project OpenSSL 0.9.8p
OpenSSL Project OpenSSL 0.9.8O
OpenSSL Project OpenSSL 0.9.8o
OpenSSL Project OpenSSL 0.9.8N
OpenSSL Project OpenSSL 0.9.8n
OpenSSL Project OpenSSL 0.9.8m
OpenSSL Project OpenSSL 0.9.8M
OpenSSL Project OpenSSL 0.9.8l
NetBSD NetBSD 5.0.2
NetBSD NetBSD 5.0.1
NetBSD NetBSD Current
NetBSD NetBSD 5.1
NetBSD NetBSD 5.0 RC3
NetBSD NetBSD 5.0
IBM Tivoli Netcool/OMNIbus 7.3
IBM AIX 6.1.5
IBM AIX 6.1.4
IBM AIX 6.1.3
IBM AIX 6.1.2
IBM AIX 6.1.1
IBM AIX 5.3.10
IBM AIX 5.3.9
IBM AIX 5.3.8
IBM AIX 5.3.7
IBM AIX 5.3 L
IBM AIX 5.2.2
IBM AIX 5.2 L
IBM AIX 5.1 L
IBM AIX 7.1
IBM AIX 7.1
IBM AIX 6.1
IBM AIX 5300-06
IBM AIX 5200-10
IBM AIX 5.3.12
IBM AIX 5.3.11
IBM AIX 5.3
IBM AIX 5.2
IBM AIX 5.1
HP System Management Homepage 6.2.2 7
HP System Management Homepage 6.0 .96
HP System Management Homepage 3.0.2 .77
HP System Management Homepage 3.0.1 .73
HP System Management Homepage 3.0 .68
HP System Management Homepage 3.0 .64
HP System Management Homepage 6.3
HP System Management Homepage 6.2.0-12
HP System Management Homepage 6.2
HP System Management Homepage 6.2
HP System Management Homepage 6.1.0.103
HP System Management Homepage 6.1.0.102
HP System Management Homepage 6.1.0-103
HP System Management Homepage 6.1
HP System Management Homepage 6.0.0.95
HP System Management Homepage 6.0.0-95
HP System Management Homepage 6.0
HP System Management Homepage 3.0.2.77 B
HP System Management Homepage 3.0.2-77
HP System Management Homepage 3.0.1-73
HP System Management Homepage 3.0.0-68
HP System Management Homepage 0
HP SSL for OpenVMS 1.4
HP SSL for OpenVMS 1.3
HP Insight Control 6.2
HP Insight Control 6.1
HP Insight Control 6.0
HP HP-UX B.11.31
HP HP-UX B.11.11
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Blue Coat Systems Blue Coat Reporter 9.1.3
Blue Coat Systems Blue Coat Reporter 9.1.2
Blue Coat Systems Blue Coat Reporter 8.3.7
Blue Coat Systems Blue Coat Reporter 8.3.5
Blue Coat Systems Blue Coat Reporter 8.3.4
Blue Coat Systems Blue Coat Reporter 8.3.3
Blue Coat Systems Blue Coat Reporter 8.3.2
Blue Coat Systems Blue Coat Reporter 8.3.1
Blue Coat Systems Blue Coat Reporter 9.1.1
Blue Coat Systems Blue Coat Reporter 8
Balabit syslog-ng Premium Edition 4.0.1
Balabit syslog-ng Premium Edition 3.2
Balabit syslog-ng Premium Edition 3.0.7
Balabit syslog-ng Premium Edition 3.0.6
Balabit syslog-ng Premium Edition 3.0.5
Balabit syslog-ng Premium Edition 4.1
Balabit syslog-ng Premium Edition 4.0.1a
Balabit syslog-ng Premium Edition 3.2.1B
Balabit syslog-ng Premium Edition 3.2.1A
Balabit syslog-ng Premium Edition 3.0.7a
Apple Mac OS X Server 10.6.6
Apple Mac OS X Server 10.6.5
Apple Mac OS X Server 10.6.5
Apple Mac OS X Server 10.6.4
Apple Mac OS X Server 10.6.3
Apple Mac OS X Server 10.6.2
Apple Mac OS X Server 10.6.1
Apple Mac Os X Server 10.6.7
Apple Mac OS X Server 10.6
Apple Mac OS X 10.6.5
Apple Mac OS X 10.6.4
Apple Mac OS X 10.6.3
Apple Mac OS X 10.6.2
Apple Mac OS X 10.6.1
Apple Mac OS X 10.6
Not Vulnerable: HP System Management Homepage 7.0
HP SSL for OpenVMS 1.4-453
HP Insight Control 6.3
Blue Coat Systems Blue Coat Reporter 9.3.2.1
Blue Coat Systems Blue Coat Reporter 9.2.5.1
Balabit syslog-ng Premium Edition 4.1.2a
Balabit syslog-ng Premium Edition 4.0.3b
Balabit syslog-ng Premium Edition 3.0.7b
Apple Mac Os X Server 10.6.8


 

Privacy Statement
Copyright 2010, SecurityFocus