Vulnerability CVE-2015-0293: Information

Description

The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.

Severity: MEDIUM (5.0)

URL: https://nvd.nist.gov/vuln/detail/CVE-2015-0293
Published: March 20, 2015
Modified: Nov. 7, 2023
Error type identifier: CWE-20

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
openssl098c70.9.8zh-alt0.M70C.10.9.8zh-alt0.M70C.1ALT-PU-2015-2124-1154984Fixed
openssl10p91.0.1k-alt21.0.2u-alt1.p9.2ALT-PU-2015-1293-1142049Fixed
openssl10c9f21.0.1k-alt21.0.2u-alt1.p9.1ALT-PU-2015-1293-1142049Fixed
openssl10c71.0.1k-alt1.M70P.11.0.1u-alt0.M70C.1ALT-PU-2015-1297-1142113Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1202404
    https://www.openssl.org/news/secadv_20150319.txt
    • Vendor Advisory
    FEDORA-2015-4300
      FEDORA-2015-4303
        FEDORA-2015-4320
          openSUSE-SU-2015:0554
            FreeBSD-SA-15:06
              SUSE-SU-2015:0541
                USN-2537-1
                  1031929
                    SUSE-SU-2015:0578
                      RHSA-2015:0716
                        MDVSA-2015:063
                          MDVSA-2015:062
                            RHSA-2015:0752
                              RHSA-2015:0715
                                RHSA-2015:0800
                                  https://access.redhat.com/articles/1384453
                                    FEDORA-2015-6951
                                      FEDORA-2015-6855
                                        APPLE-SA-2015-06-30-2
                                          http://support.apple.com/kb/HT204942
                                            http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
                                              http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
                                                https://bto.bluecoat.com/security-advisory/sa92
                                                  http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
                                                    HPSBMU03397
                                                      SSRT102000
                                                        HPSBMU03380
                                                          HPSBMU03409
                                                            http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
                                                              http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
                                                                http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
                                                                  SUSE-SU-2016:0621
                                                                    openSUSE-SU-2016:0638
                                                                      SUSE-SU-2016:0631
                                                                        openSUSE-SU-2016:0637
                                                                          SUSE-SU-2016:0617
                                                                            SUSE-SU-2016:0624
                                                                              openSUSE-SU-2016:0720
                                                                                SUSE-SU-2016:0620
                                                                                  openSUSE-SU-2016:0628
                                                                                    openSUSE-SU-2016:0640
                                                                                      SUSE-SU-2016:1057
                                                                                        SUSE-SU-2016:0641
                                                                                          GLSA-201503-11
                                                                                            http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680
                                                                                              https://kc.mcafee.com/corporate/index?page=content&id=SB10110
                                                                                                73232
                                                                                                  http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
                                                                                                    https://support.citrix.com/article/CTX216642
                                                                                                      http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
                                                                                                        https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
                                                                                                          https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=86f8fb0e344d62454f8daf3e15236b2b59210756

                                                                                                              1. Configuration 1

                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
                                                                                                                cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
                                                                                                                End including
                                                                                                                0.9.8ze
                                                                                                            VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                                                                                                            Version: v24.5.3
                                                                                                            Back to top