OpenSSL OCSP Stapling 'ClientHello' Handshake Message Parsing Security Vulnerability

Bugtraq ID: 46264
Class: Unknown
CVE: CVE-2011-0014
Remote: Yes
Local: No
Published: Feb 08 2011 12:00AM
Updated: Apr 13 2015 10:10PM
Credit: Neel Mehta from Google
Vulnerable: VMWare ESXi 5.0
VMWare ESXi 4.1
VMWare ESXi 4.0
VMWare ESXi 3.5
VMWare ESX 4.1
VMWare ESX 4.0
VMWare ESX 3.5
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
Slackware Linux x86_64 -current
Slackware Linux 13.1 x86_64
Slackware Linux 13.1
Slackware Linux 13.0 x86_64
Slackware Linux 13.0
Slackware Linux 12.2
Slackware Linux 12.1
Slackware Linux 12.0
Slackware Linux 11.0
Slackware Linux -current
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
OpenSSL Project OpenSSL 1.0.2
OpenSSL Project OpenSSL 1.0
OpenSSL Project OpenSSL 0.9.8 k
OpenSSL Project OpenSSL 0.9.8 j
OpenSSL Project OpenSSL 0.9.8 i
OpenSSL Project OpenSSL 0.9.8 h
OpenSSL Project OpenSSL 1.0.0c
OpenSSL Project OpenSSL 1.0.0b
OpenSSL Project OpenSSL 1.0.0b
OpenSSL Project OpenSSL 1.0.0A
OpenSSL Project OpenSSL 1.0.0a
OpenSSL Project OpenSSL 0.9.8Q
OpenSSL Project OpenSSL 0.9.8p
OpenSSL Project OpenSSL 0.9.8p
OpenSSL Project OpenSSL 0.9.8O
OpenSSL Project OpenSSL 0.9.8o
OpenSSL Project OpenSSL 0.9.8N
OpenSSL Project OpenSSL 0.9.8n
OpenSSL Project OpenSSL 0.9.8m
OpenSSL Project OpenSSL 0.9.8M
OpenSSL Project OpenSSL 0.9.8l
NetBSD NetBSD 5.0.2
NetBSD NetBSD 5.0.1
NetBSD NetBSD Current
NetBSD NetBSD 5.1
NetBSD NetBSD 5.0 RC3
NetBSD NetBSD 5.0
IBM Tivoli Workload Scheduler for Applications 8.6
IBM Tivoli Workload Scheduler for Applications 8.5 FP01
IBM Tivoli Workload Scheduler for Applications 8.4 FP02
IBM Tivoli Workload Scheduler Distributed 8.5.1 FP04
IBM Tivoli Workload Scheduler Distributed 8.6 FP02
IBM Tivoli Workload Scheduler Distributed 8.5 FP03
IBM Tivoli Workload Scheduler Distributed 8.4 FP07
IBM Tivoli Remote Control 5.1.2
IBM Tivoli Network Manager 3.9 FP3
IBM Tivoli Network Manager 3.8 FP7
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP9
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP8
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP7
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP6
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP5
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP4
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP3
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP2
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP13
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP12
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP11
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP10
IBM Tivoli Netcool/System Service Monitor 4.0.0 FP1
IBM Tivoli Netcool/OMNIbus 7.4
IBM Tivoli Netcool/OMNIbus 7.3.1
IBM Tivoli Netcool/OMNIbus 7.3
IBM Tivoli Netcool/OMNIbus 7.2.1
IBM Tivoli Endpoint Manager for Remote Control 9.0
IBM Tivoli Endpoint Manager for Remote Control 8.2.1
IBM Tivoli Composite Application Manager for Transactions 7.3.0.1
IBM Tivoli Composite Application Manager for Transactions 7.3.0
IBM Tivoli Composite Application Manager for Transactions 7.2.0.2
IBM Tivoli Composite Application Manager for Transactions 7.2.0.1
IBM Tivoli Composite Application Manager for Transactions 7.2.0
IBM Tivoli Composite Application Manager for Transactions 7.1.0.2
IBM Tivoli Composite Application Manager for Transactions 7.1.0.1
IBM Tivoli Composite Application Manager for Transactions 7.1.0
IBM Sterling Connect:Express for UNIX 1.5.0
IBM Sterling Connect:Express for UNIX 1.4.6
IBM Sterling Connect:Enterprise for UNIX 2.5
IBM Sterling Connect:Enterprise for UNIX 2.4 4
IBM Smart Analytics System 7710 0
IBM Smart Analytics System 7700 0
IBM Smart Analytics System 7600 0
IBM Smart Analytics System 5710 0
IBM Smart Analytics System 5600 2
IBM Smart Analytics System 5600 1
IBM Smart Analytics System 2050 0
IBM Smart Analytics System 1050 0
IBM Service Delivery Manager 7.2.4
IBM Service Delivery Manager 7.2.2
IBM Service Delivery Manager 7.2.1
IBM InfoSphere Balanced Warehouse D5100
IBM InfoSphere Balanced Warehouse C4000
IBM InfoSphere Balanced Warehouse C3000
IBM Informix Genero 2.41
IBM Informix Genero 2.40
IBM Informix Genero 2.32
IBM Hardware Management Console (HMC) 7R7.3.0
IBM Hardware Management Console (HMC) 7R7.2.0 SP2
IBM Hardware Management Console (HMC) 7R7.2.0 SP1
IBM Hardware Management Console (HMC) 7R7.2.0
IBM Hardware Management Console (HMC) 7R7.1.0 SP4
IBM Hardware Management Console (HMC) 7R7.1.0 SP3
IBM Hardware Management Console (HMC) 7R7.1.0
IBM DS8870 7.1
IBM DS8870 7.0
IBM Cloudburst 2.1.1
IBM Cloudburst 2.1
IBM Cloudburst 1.2
IBM AIX 6.1.5
IBM AIX 6.1.4
IBM AIX 6.1.3
IBM AIX 6.1.2
IBM AIX 6.1.1
IBM AIX 5.3.10
IBM AIX 5.3.9
IBM AIX 5.3.8
IBM AIX 5.3.7
IBM AIX 5.3 L
IBM AIX 5.2.2
IBM AIX 5.2 L
IBM AIX 5.1 L
IBM AIX 7.1
IBM AIX 6.1
IBM AIX 5300-06
IBM AIX 5200-10
IBM AIX 5.3.12
IBM AIX 5.3.11
IBM AIX 5.3
IBM AIX 5.2
IBM AIX 5.1
HP System Management Homepage 6.2.2 7
HP System Management Homepage 6.0 .96
HP System Management Homepage 3.0.2 .77
HP System Management Homepage 3.0.1 .73
HP System Management Homepage 3.0 .68
HP System Management Homepage 3.0 .64
HP System Management Homepage 6.3
HP System Management Homepage 6.2.0-12
HP System Management Homepage 6.2
HP System Management Homepage 6.2
HP System Management Homepage 6.1.0.103
HP System Management Homepage 6.1.0.102
HP System Management Homepage 6.1.0-103
HP System Management Homepage 6.1
HP System Management Homepage 6.0.0.95
HP System Management Homepage 6.0.0-95
HP System Management Homepage 6.0
HP System Management Homepage 3.0.2.77 B
HP System Management Homepage 3.0.2-77
HP System Management Homepage 3.0.1-73
HP System Management Homepage 3.0.0-68
HP System Management Homepage 0
HP SSL for OpenVMS 1.4
HP SSL for OpenVMS 1.3
HP Insight Control 6.2
HP Insight Control 6.1
HP Insight Control 6.0
HP HP-UX B.11.31
HP HP-UX B.11.11
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Blue Coat Systems Blue Coat Reporter 9.1.3
Blue Coat Systems Blue Coat Reporter 9.1.2
Blue Coat Systems Blue Coat Reporter 8.3.7
Blue Coat Systems Blue Coat Reporter 8.3.5
Blue Coat Systems Blue Coat Reporter 8.3.4
Blue Coat Systems Blue Coat Reporter 8.3.3
Blue Coat Systems Blue Coat Reporter 8.3.2
Blue Coat Systems Blue Coat Reporter 8.3.1
Blue Coat Systems Blue Coat Reporter 9.1.1
Blue Coat Systems Blue Coat Reporter 8
Balabit syslog-ng Premium Edition 4.0.1
Balabit syslog-ng Premium Edition 3.2
Balabit syslog-ng Premium Edition 3.0.7
Balabit syslog-ng Premium Edition 3.0.6
Balabit syslog-ng Premium Edition 3.0.5
Balabit syslog-ng Premium Edition 4.1
Balabit syslog-ng Premium Edition 4.0.1a
Balabit syslog-ng Premium Edition 3.2.1B
Balabit syslog-ng Premium Edition 3.2.1A
Balabit syslog-ng Premium Edition 3.0.7a
Apple Mac OS X Server 10.6.6
Apple Mac OS X Server 10.6.5
Apple Mac OS X Server 10.6.4
Apple Mac OS X Server 10.6.3
Apple Mac OS X Server 10.6.2
Apple Mac OS X Server 10.6.1
Apple Mac OS X Server 10.6.7
Apple Mac OS X Server 10.6
Apple Mac OS X 10.6.6
Apple Mac OS X 10.6.5
Apple Mac OS X 10.6.5
Apple Mac OS X 10.6.4
Apple Mac OS X 10.6.3
Apple Mac OS X 10.6.2
Apple Mac OS X 10.6.1
Apple Mac OS X 10.6.7
Apple Mac OS X 10.6
Not Vulnerable: IBM Hardware Management Console (HMC) 7R7.7.0
IBM DS8870 7.2
HP System Management Homepage 7.0
HP SSL for OpenVMS 1.4-453
HP Insight Control 6.3
Blue Coat Systems Blue Coat Reporter 9.3.2.1
Blue Coat Systems Blue Coat Reporter 9.2.5.1
Balabit syslog-ng Premium Edition 4.1.2a
Balabit syslog-ng Premium Edition 4.0.3b
Balabit syslog-ng Premium Edition 3.0.7b
Apple Mac OS X Server 10.6.8
Apple Mac OS X 10.6.8


 

Privacy Statement
Copyright 2010, SecurityFocus