Vulnerabilities > CVE-2014-4911 - Cryptographic Issues vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows remote attackers to cause a denial of service (crash) via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensics toolkit.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2014-8316.NASL description - Update to 1.2.11 - CVE-2014-4911 (rhbz#1118929, rhbz#1118930) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-07-22 plugin id 76629 published 2014-07-22 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/76629 title Fedora 20 : polarssl-1.2.11-1.fc20 (2014-8316) NASL family Fedora Local Security Checks NASL id FEDORA_2014-8310.NASL description - Update to 1.2.11 - CVE-2014-4911 (rhbz#1118929, rhbz#1118930) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-07-22 plugin id 76628 published 2014-07-22 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/76628 title Fedora 19 : polarssl-1.2.11-1.fc19 (2014-8310) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-36.NASL description Denial of Service against GCM enabled servers (and clients). NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2015-03-26 plugin id 82184 published 2015-03-26 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82184 title Debian DLA-36-1 : polarssl security update NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2981.NASL description A flaw was discovered in PolarSSL, a lightweight crypto and SSL/TLS library, which can be exploited by a remote unauthenticated attacker to mount a denial of service against PolarSSL servers that offer GCM ciphersuites. Potentially clients are affected too if a malicious server decides to execute the denial of service attack against its clients. last seen 2020-03-17 modified 2014-07-20 plugin id 76599 published 2014-07-20 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76599 title Debian DSA-2981-1 : polarssl - security update
References
- http://secunia.com/advisories/60215
- http://secunia.com/advisories/60215
- http://www.debian.org/security/2014/dsa-2981
- http://www.debian.org/security/2014/dsa-2981
- https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-02
- https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-02