From 68dbadc396669e00e9b4c969f43d235a2de7d71a Mon Sep 17 00:00:00 2001 From: feld Date: Thu, 15 Oct 2015 14:48:51 +0000 Subject: Document vulnerability in polarssl, polarssl13, and mbedtls Security: CVE-2015-5291 --- security/vuxml/vuln.xml | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) (limited to 'security/vuxml') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 22b1632fc0ec..bf649492f16d 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,45 @@ Notes: --> + + mbedTLS/PolarSSL -- DoS and possible remote code execution + + + polarssl + 1.2.01.2.17 + + + polarssl13 + 1.3.01.3.14 + + + mbedtls + 2.1.2 + + + + +

ARM Limited reports:

+
When the client creates its ClientHello message, due to + insufficient bounds checking it can overflow the heap-based buffer + containing the message while writing some extensions. Two extensions in + particular could be used by a remote attacker to trigger the overflow: + the session ticket extension and the server name indication (SNI) + extension.
+

+ + + + https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 + CVE-2015-5291 + + + 2015-10-05 + 2015-10-15 + + + magento -- multiple vulnerabilities -- cgit