Vulnerability CVE-2007-5135: Information

Description

Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.

Severity: MEDIUM (6.8)

URL: https://nvd.nist.gov/vuln/detail/CVE-2007-5135
Published: Sept. 28, 2007
Modified: Oct. 16, 2018
Error type identifier: CWE-189

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://bugs.gentoo.org/show_bug.cgi?id=194039
    http://www.openssl.org/news/secadv_20071012.txt
      https://issues.rpath.com/browse/RPL-1769
        http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm
          http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4037
            http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4038
              DSA-1379
                FEDORA-2007-725
                • Vendor Advisory
                FreeBSD-SA-07:08
                  GLSA-200710-06
                    MDKSA-2007:193
                      [4.0] 017: SECURITY FIX: October 10, 2007
                        [4.1] 011: SECURITY FIX: October 10, 2007
                          [4.2] 002: SECURITY FIX: October 10, 2007
                            RHSA-2007:0964
                            • Vendor Advisory
                            RHSA-2007:0813
                            • Vendor Advisory
                            RHSA-2007:1003
                            • Vendor Advisory
                            103130
                              SUSE-SR:2007:020
                                25831
                                  1018755
                                    27021
                                    • Vendor Advisory
                                    22130
                                    • Vendor Advisory
                                    27012
                                    • Vendor Advisory
                                    27051
                                    • Vendor Advisory
                                    27097
                                    • Vendor Advisory
                                    27078
                                    • Vendor Advisory
                                    27186
                                    • Vendor Advisory
                                    27205
                                    • Vendor Advisory
                                    27217
                                    • Vendor Advisory
                                    27330
                                    • Vendor Advisory
                                    27394
                                    • Vendor Advisory
                                    27229
                                    • Vendor Advisory
                                    27031
                                    • Vendor Advisory
                                    27870
                                    • Vendor Advisory
                                    27851
                                    • Vendor Advisory
                                    27961
                                    • Vendor Advisory
                                    3179
                                      [Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
                                        28368
                                        • Vendor Advisory
                                        http://www.vmware.com/security/advisories/VMSA-2008-0001.html
                                          SUSE-SR:2008:005
                                            29242
                                              200858
                                                GLSA-200805-07
                                                  NetBSD-SA2008-007
                                                    30124
                                                      30161
                                                        31489
                                                          31467
                                                            31308
                                                              http://www.vmware.com/security/advisories/VMSA-2008-0013.html
                                                                https://issues.rpath.com/browse/RPL-1770
                                                                  APPLE-SA-2008-07-31
                                                                    31326
                                                                      http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0241
                                                                        ADV-2008-2361
                                                                          ADV-2007-4144
                                                                            ADV-2007-4042
                                                                              ADV-2008-0064
                                                                                ADV-2007-3625
                                                                                  ADV-2008-2268
                                                                                    ADV-2007-3325
                                                                                      ADV-2008-2362
                                                                                        openssl-sslgetshared-bo(36837)
                                                                                          oval:org.mitre.oval:def:5337
                                                                                            oval:org.mitre.oval:def:10904
                                                                                              USN-522-1
                                                                                                20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
                                                                                                  20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
                                                                                                    HPSBUX02292
                                                                                                      20071004 Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow
                                                                                                        20071003 FLEA-2007-0058-1 openssl openssl-scripts
                                                                                                          20071001 Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow
                                                                                                            20070927 OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow

                                                                                                                1. Configuration 1

                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
                                                                                                                  cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
                                                                                                              VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                                                                                                              Version: v24.4.2
                                                                                                              Back to top