ByteOS Network

CVE Vulnerability Details :

CVE-2009-1378

PUBLISHED

More Info Official Page

Assigner-redhat

Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749

Published At-19 May, 2009 | 19:00

Updated At-07 Aug, 2024 | 05:13

▼CVE Numbering Authority (CNA)

Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest	x_refsource_CONFIRM
http://secunia.com/advisories/42724	third-party-advisory x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7229	vdb-entry signature x_refsource_OVAL
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049	vendor-advisory x_refsource_SLACKWARE
http://secunia.com/advisories/38794	third-party-advisory x_refsource_SECUNIA
http://lists.vmware.com/pipermail/security-announce/2010/000082.html	mailing-list x_refsource_MLIST
https://www.exploit-db.com/exploits/8720	exploit x_refsource_EXPLOIT-DB
http://www.vupen.com/english/advisories/2009/1377	vdb-entry x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11309	vdb-entry signature x_refsource_OVAL
http://secunia.com/advisories/35729	third-party-advisory x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200912-01.xml	vendor-advisory x_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2009-1335.html	vendor-advisory x_refsource_REDHAT
http://cvs.openssl.org/chngview?cn=18188	x_refsource_CONFIRM
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444	vendor-advisory x_refsource_HP
http://secunia.com/advisories/38761	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/37003	third-party-advisory x_refsource_SECUNIA
http://marc.info/?l=openssl-dev&m=124263491424212&w=2	mailing-list x_refsource_MLIST
http://secunia.com/advisories/36533	third-party-advisory x_refsource_SECUNIA
http://www.securitytracker.com/id?1022241	vdb-entry x_refsource_SECTRACK
http://www.ubuntu.com/usn/USN-792-1	vendor-advisory x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html	vendor-advisory x_refsource_SUSE
http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html	x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2009/05/18/1	mailing-list x_refsource_MLIST
https://launchpad.net/bugs/cve/2009-1378	x_refsource_MISC
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc	vendor-advisory x_refsource_NETBSD
http://www.securityfocus.com/bid/35001	vdb-entry x_refsource_BID
http://secunia.com/advisories/38834	third-party-advisory x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2009:120	vendor-advisory x_refsource_MANDRIVA
http://secunia.com/advisories/35461	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/35128	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/35571	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/35416	third-party-advisory x_refsource_SECUNIA
http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net	x_refsource_CONFIRM
https://kb.bluecoat.com/index?page=content&id=SA50	x_refsource_CONFIRM
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444	vendor-advisory x_refsource_HP
http://marc.info/?l=openssl-dev&m=124247679213944&w=2	mailing-list x_refsource_MLIST
http://secunia.com/advisories/42733	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/0528	vdb-entry x_refsource_VUPEN

Hyperlink: http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/42724

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7229

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049

Resource:

vendor-advisory

x_refsource_SLACKWARE

Hyperlink: http://secunia.com/advisories/38794

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://lists.vmware.com/pipermail/security-announce/2010/000082.html

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://www.exploit-db.com/exploits/8720

Resource:

exploit

x_refsource_EXPLOIT-DB

Hyperlink: http://www.vupen.com/english/advisories/2009/1377

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11309

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://secunia.com/advisories/35729

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://security.gentoo.org/glsa/glsa-200912-01.xml

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://www.redhat.com/support/errata/RHSA-2009-1335.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://cvs.openssl.org/chngview?cn=18188

Resource:

x_refsource_CONFIRM

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://secunia.com/advisories/38761

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/37003

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://marc.info/?l=openssl-dev&m=124263491424212&w=2

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://secunia.com/advisories/36533

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.securitytracker.com/id?1022241

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://www.ubuntu.com/usn/USN-792-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.openwall.com/lists/oss-security/2009/05/18/1

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://launchpad.net/bugs/cve/2009-1378

Resource:

x_refsource_MISC

Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc

Resource:

vendor-advisory

x_refsource_NETBSD

Hyperlink: http://www.securityfocus.com/bid/35001

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://secunia.com/advisories/38834

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2009:120

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://secunia.com/advisories/35461

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/35128

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/35571

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/35416

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net

Resource:

x_refsource_CONFIRM

Hyperlink: https://kb.bluecoat.com/index?page=content&id=SA50

Resource:

x_refsource_CONFIRM

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://marc.info/?l=openssl-dev&m=124247679213944&w=2

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://secunia.com/advisories/42733

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.vupen.com/english/advisories/2010/0528

Resource:

vdb-entry

x_refsource_VUPEN

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/42724	third-party-advisory x_refsource_SECUNIA x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7229	vdb-entry signature x_refsource_OVAL x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049	vendor-advisory x_refsource_SLACKWARE x_transferred
http://secunia.com/advisories/38794	third-party-advisory x_refsource_SECUNIA x_transferred
http://lists.vmware.com/pipermail/security-announce/2010/000082.html	mailing-list x_refsource_MLIST x_transferred
https://www.exploit-db.com/exploits/8720	exploit x_refsource_EXPLOIT-DB x_transferred
http://www.vupen.com/english/advisories/2009/1377	vdb-entry x_refsource_VUPEN x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11309	vdb-entry signature x_refsource_OVAL x_transferred
http://secunia.com/advisories/35729	third-party-advisory x_refsource_SECUNIA x_transferred
http://security.gentoo.org/glsa/glsa-200912-01.xml	vendor-advisory x_refsource_GENTOO x_transferred
http://www.redhat.com/support/errata/RHSA-2009-1335.html	vendor-advisory x_refsource_REDHAT x_transferred
http://cvs.openssl.org/chngview?cn=18188	x_refsource_CONFIRM x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444	vendor-advisory x_refsource_HP x_transferred
http://secunia.com/advisories/38761	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/37003	third-party-advisory x_refsource_SECUNIA x_transferred
http://marc.info/?l=openssl-dev&m=124263491424212&w=2	mailing-list x_refsource_MLIST x_transferred
http://secunia.com/advisories/36533	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.securitytracker.com/id?1022241	vdb-entry x_refsource_SECTRACK x_transferred
http://www.ubuntu.com/usn/USN-792-1	vendor-advisory x_refsource_UBUNTU x_transferred
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html	vendor-advisory x_refsource_SUSE x_transferred
http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html	x_refsource_CONFIRM x_transferred
http://www.openwall.com/lists/oss-security/2009/05/18/1	mailing-list x_refsource_MLIST x_transferred
https://launchpad.net/bugs/cve/2009-1378	x_refsource_MISC x_transferred
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc	vendor-advisory x_refsource_NETBSD x_transferred
http://www.securityfocus.com/bid/35001	vdb-entry x_refsource_BID x_transferred
http://secunia.com/advisories/38834	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2009:120	vendor-advisory x_refsource_MANDRIVA x_transferred
http://secunia.com/advisories/35461	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/35128	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/35571	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/35416	third-party-advisory x_refsource_SECUNIA x_transferred
http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net	x_refsource_CONFIRM x_transferred
https://kb.bluecoat.com/index?page=content&id=SA50	x_refsource_CONFIRM x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444	vendor-advisory x_refsource_HP x_transferred
http://marc.info/?l=openssl-dev&m=124247679213944&w=2	mailing-list x_refsource_MLIST x_transferred
http://secunia.com/advisories/42733	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2010/0528	vdb-entry x_refsource_VUPEN x_transferred

Hyperlink: http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/42724

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7229

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049

Resource:

vendor-advisory

x_refsource_SLACKWARE

x_transferred

Hyperlink: http://secunia.com/advisories/38794

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://lists.vmware.com/pipermail/security-announce/2010/000082.html

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://www.exploit-db.com/exploits/8720

Resource:

exploit

x_refsource_EXPLOIT-DB

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2009/1377

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11309

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://secunia.com/advisories/35729

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://security.gentoo.org/glsa/glsa-200912-01.xml

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2009-1335.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://cvs.openssl.org/chngview?cn=18188

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://secunia.com/advisories/38761

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/37003

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://marc.info/?l=openssl-dev&m=124263491424212&w=2

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://secunia.com/advisories/36533

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.securitytracker.com/id?1022241

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://www.ubuntu.com/usn/USN-792-1

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.openwall.com/lists/oss-security/2009/05/18/1

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://launchpad.net/bugs/cve/2009-1378

Resource:

x_refsource_MISC

x_transferred

Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc

Resource:

vendor-advisory

x_refsource_NETBSD

x_transferred

Hyperlink: http://www.securityfocus.com/bid/35001

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://secunia.com/advisories/38834

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2009:120

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://secunia.com/advisories/35461

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/35128

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/35571

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/35416

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://kb.bluecoat.com/index?page=content&id=SA50

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://marc.info/?l=openssl-dev&m=124247679213944&w=2

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://secunia.com/advisories/42733

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/0528

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References