Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2017-3735

Published: 28/08/2017 Updated: 13/12/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 446
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Openssl

Vulnerability Summary

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL prior to 1.0.2m and 1.1.0g.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl 1.1.0e

openssl openssl 0.9.8ze

openssl openssl 1.0.2a

openssl openssl 0.9.8b

openssl openssl 1.0.1j

openssl openssl 0.9.7l

openssl openssl 0.9.8m

openssl openssl 1.1.0f

openssl openssl 1.0.0n

openssl openssl 1.0.1

openssl openssl 0.9.8c

openssl openssl 1.0.0c

openssl openssl 1.0.0i

openssl openssl 1.0.0

openssl openssl 1.0.1h

openssl openssl 0.9.8n

openssl openssl 0.9.8p

openssl openssl 1.0.2e

openssl openssl 1.0.2j

openssl openssl 1.0.0m

openssl openssl 1.0.2b

openssl openssl 1.0.1c

openssl openssl 0.9.7j

openssl openssl 0.9.8e

openssl openssl 0.9.8u

openssl openssl 0.9.8za

openssl openssl 1.0.1g

openssl openssl 0.9.8g

openssl openssl 1.0.0h

openssl openssl 0.9.8k

openssl openssl 0.9.8d

openssl openssl 1.0.0e

openssl openssl 1.0.0f

openssl openssl 0.9.8j

openssl openssl 1.1.0c

openssl openssl 1.0.0d

openssl openssl 0.9.7k

openssl openssl 1.0.0j

openssl openssl 0.9.8s

openssl openssl 1.0.0p

openssl openssl 1.0.1a

openssl openssl 1.0.0s

openssl openssl 1.0.2h

openssl openssl 1.0.0o

openssl openssl 0.9.8l

openssl openssl 0.9.8zc

openssl openssl 1.0.1d

openssl openssl 1.0.0k

openssl openssl 0.9.8r

openssl openssl 1.0.2c

openssl openssl 0.9.8t

openssl openssl 0.9.8z

openssl openssl 1.1.0b

openssl openssl 1.1.0d

openssl openssl 0.9.8a

openssl openssl 1.1.0

openssl openssl 1.0.2

openssl openssl 0.9.7m

openssl openssl 1.0.1k

openssl openssl 1.0.1b

openssl openssl 1.1.0a

openssl openssl 0.9.8zb

openssl openssl 0.9.8o

openssl openssl 0.9.8q

openssl openssl 0.9.8w

openssl openssl 1.0.1e

openssl openssl 1.0.1l

openssl openssl 0.9.8

openssl openssl 1.0.1f

openssl openssl 1.0.0l

openssl openssl 0.9.8v

openssl openssl 1.0.0r

openssl openssl 0.9.8i

openssl openssl 0.9.8f

openssl openssl 0.9.8y

openssl openssl 1.0.0a

openssl openssl 1.0.0q

openssl openssl 0.9.8h

openssl openssl 0.9.8zg

openssl openssl 1.0.2f

openssl openssl 0.9.8x

openssl openssl 1.0.1i

openssl openssl 1.0.0b

openssl openssl 1.0.2i

openssl openssl 1.0.0g

openssl openssl 1.0.2d

openssl openssl 1.0.2k

openssl openssl 1.0.2l

debian debian linux 8.0

debian debian linux 9.0

Vendor Advisories

Red Hat: Critical: Red Hat Ansible Tower 3.3.1-2 Release - Container Image
Synopsis Critical: Red Hat Ansible Tower 331-2 Release - Container Image Type/Severity Security Advisory: Critical Topic Security Advisory Description Red Hat Ansible Tower 331 is now available and contains the following bug fixes: Fixed event callback error when in-line vaulted variabl ...
Red Hat: Moderate: openssl security, bug fix, and enhancement update
Synopsis Moderate: openssl security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for openssl is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...
Ubuntu Security Notice: openssl vulnerabilities
Several security issues were fixed in OpenSSL ...
Ubuntu Security Notice: openssl vulnerabilities
Several security issues were fixed in OpenSSL ...
Debian Security Advisories: DSA-4018-1 openssl -- security update
Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3735 It was discovered that OpenSSL is prone to a one-byte buffer overread while parsing a malformed IPAddressFamily extension in an X509 certificate ...
Debian Security Advisories: DSA-4017-1 openssl1.0 -- security update
Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3735 It was discovered that OpenSSL is prone to a one-byte buffer overread while parsing a malformed IPAddressFamily extension in an X509 certificate ...
Amazon Linux AMI: ALAS-2018-1102
Libgcrypt allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsac, aka the Return Of the Hidden Number Problem or ROHNP To discover an ECDSA key, the attacker needs access to either the local machine or a d ...
Amazon Linux 2: ALAS2-2018-1102
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished This could be exploited in a Denial Of Service attack( ...
Red Hat: CVE-2017-3735
While parsing an IPAddressFamily extension in an X509 certificate, it is possible to do a one-byte overread This would result in an incorrect text display of the certificate This bug has been present since 2006 and is present in all versions of OpenSSL before 102m and 110g ...
Arch Linux Issues:
A security issue has been found in OpenSSL < 110g If an X509 certificate has a malformed IPAddressFamily extension, OpenSSL could do a one-byte buffer overread The most likely result would be an erroneous display of the certificate in text format ...
Tenable Security Advisories: [R1] Nessus 6.11.3 Fixes Multiple Third-party Vulnerabilities
Nessus leverages third-party software to help provide underlying functionality One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bundled OpenSSL library to address the potentia ...
Tenable Security Advisories: [R1] SecurityCenter 5.6.0.1 Fixes Multiple Third-party Vulnerabilities
SecurityCenter leverages third-party software to help provide underlying functionality Two of the third-party components (PHP and OpenSSL) were found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bundled PHP and OpenSSL to add ...

ICS Advisories

Siemens SCALANCE X-200RNA Switch Devices

Recent Articles

Network kit biz Phoenix takes heat as flaws may leave industrial control system security in ashes
The Register • Shaun Nichols in San Francisco • 11 Feb 2019

Oil, gas, maritime systems affected by latest bug findings Yes, you can remotely hack factory, building site cranes. Wait, what?

Companies running a popular brand of industrial Ethernet switch are being advised to update their firmware ASAP following a series of bug disclosures. Security house Positive Technologies took credit today for the discovery of six CVE-listed security vulnerabilities in the Phoenix Contact FL Switch 3xxx, 4xxx, and 48xx industrial control switches. The flaws are addressed in firmware versions 1.35 or newer. Among the now-patched flaws were several Positive described as "critical" security risks t...

Read more...

References

CWE-119https://www.openssl.org/news/secadv/20170828.txthttp://www.securityfocus.com/bid/100515https://www.openssl.org/news/secadv/20171102.txthttps://www.debian.org/security/2017/dsa-4018https://www.debian.org/security/2017/dsa-4017https://security.netapp.com/advisory/ntap-20171107-0002/https://security.netapp.com/advisory/ntap-20170927-0001/http://www.securitytracker.com/id/1039726https://www.tenable.com/security/tns-2017-14https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.aschttps://www.tenable.com/security/tns-2017-15https://security.gentoo.org/glsa/201712-03https://support.apple.com/HT208331http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttps://lists.debian.org/debian-lts-announce/2017/11/msg00011.htmlhttps://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822https://usn.ubuntu.com/3611-2/http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlhttp://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlhttps://access.redhat.com/errata/RHSA-2018:3221https://access.redhat.com/errata/RHSA-2018:3505https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlhttps://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttps://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlhttps://www.oracle.com//security-alerts/cpujul2021.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfhttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2018:3505https://usn.ubuntu.com/3611-2/https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook