CVE-2009-1378
UnknownEPSS 12.75%
Last modified
CVE-2009-1378 is a vulnerability of currently unknown severity. Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak.". EPSS estimates a 12.75% chance of exploitation in the next 30 days.
Description
Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Openssl | Openssl | > 0.9.8, < 0.9.8m |
| Canonical | Ubuntu Linux | 6.06 |
| Canonical | Ubuntu Linux | 8.04 |
| Canonical | Ubuntu Linux | 8.10 |
| Canonical | Ubuntu Linux | 9.04 |
References
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.ascBroken Link, Third Party Advisory
- http://cvs.openssl.org/chngview?cn=18188Broken Link, Patch, Vendor Advisory
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444Broken Link, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlMailing List, Third Party Advisory
- http://lists.vmware.com/pipermail/security-announce/2010/000082.htmlThird Party Advisory
- http://marc.info/?l=openssl-dev&m=124247679213944&w=2Mailing List, Patch, Third Party Advisory
- http://marc.info/?l=openssl-dev&m=124263491424212&w=2Exploit, Mailing List, Third Party Advisory
- http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guestBroken Link, Third Party Advisory
- http://secunia.com/advisories/35128Not Applicable, Third Party Advisory
- http://secunia.com/advisories/35416Not Applicable, Third Party Advisory
- http://secunia.com/advisories/35461Not Applicable, Third Party Advisory
- http://secunia.com/advisories/35571Not Applicable, Third Party Advisory
- http://secunia.com/advisories/35729Not Applicable, Third Party Advisory
- http://secunia.com/advisories/36533Not Applicable, Third Party Advisory
- http://secunia.com/advisories/37003Not Applicable, Third Party Advisory
- http://secunia.com/advisories/38761Not Applicable, Third Party Advisory
- http://secunia.com/advisories/38794Not Applicable, Third Party Advisory
- http://secunia.com/advisories/38834Not Applicable, Third Party Advisory
- http://secunia.com/advisories/42724Not Applicable, Third Party Advisory
- http://secunia.com/advisories/42733Not Applicable, Third Party Advisory
- http://security.gentoo.org/glsa/glsa-200912-01.xmlThird Party Advisory
- http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049Mailing List, Third Party Advisory
- http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.htmlThird Party Advisory
- http://www.openwall.com/lists/oss-security/2009/05/18/1Mailing List, Third Party Advisory
- http://www.redhat.com/support/errata/RHSA-2009-1335.htmlThird Party Advisory
- http://www.securityfocus.com/bid/35001Broken Link, Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id?1022241Broken Link, Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-792-1Third Party Advisory
- http://www.vupen.com/english/advisories/2009/1377Permissions Required, Third Party Advisory
- http://www.vupen.com/english/advisories/2010/0528Permissions Required, Third Party Advisory
- https://launchpad.net/bugs/cve/2009-1378Third Party Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11309Broken Link, Tool Signature
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7229Broken Link, Tool Signature
- https://www.exploit-db.com/exploits/8720Exploit, Third Party Advisory, VDB Entry
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.ascBroken Link, Third Party Advisory
- http://cvs.openssl.org/chngview?cn=18188Broken Link, Patch, Vendor Advisory
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444Broken Link, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlMailing List, Third Party Advisory
- http://lists.vmware.com/pipermail/security-announce/2010/000082.htmlThird Party Advisory
- http://marc.info/?l=openssl-dev&m=124247679213944&w=2Mailing List, Patch, Third Party Advisory
- http://marc.info/?l=openssl-dev&m=124263491424212&w=2Exploit, Mailing List, Third Party Advisory
- http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guestBroken Link, Third Party Advisory
- http://secunia.com/advisories/35128Not Applicable, Third Party Advisory
- http://secunia.com/advisories/35416Not Applicable, Third Party Advisory
- http://secunia.com/advisories/35461Not Applicable, Third Party Advisory
- http://secunia.com/advisories/35571Not Applicable, Third Party Advisory
- http://secunia.com/advisories/35729Not Applicable, Third Party Advisory
- http://secunia.com/advisories/36533Not Applicable, Third Party Advisory
- http://secunia.com/advisories/37003Not Applicable, Third Party Advisory
- http://secunia.com/advisories/38761Not Applicable, Third Party Advisory
- http://secunia.com/advisories/38794Not Applicable, Third Party Advisory
- http://secunia.com/advisories/38834Not Applicable, Third Party Advisory
- http://secunia.com/advisories/42724Not Applicable, Third Party Advisory
- http://secunia.com/advisories/42733Not Applicable, Third Party Advisory
- http://security.gentoo.org/glsa/glsa-200912-01.xmlThird Party Advisory
- http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049Mailing List, Third Party Advisory
- http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.htmlThird Party Advisory
- http://www.openwall.com/lists/oss-security/2009/05/18/1Mailing List, Third Party Advisory
- http://www.redhat.com/support/errata/RHSA-2009-1335.htmlThird Party Advisory
- http://www.securityfocus.com/bid/35001Broken Link, Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id?1022241Broken Link, Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-792-1Third Party Advisory
- http://www.vupen.com/english/advisories/2009/1377Permissions Required, Third Party Advisory
- http://www.vupen.com/english/advisories/2010/0528Permissions Required, Third Party Advisory
- https://launchpad.net/bugs/cve/2009-1378Third Party Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11309Broken Link, Tool Signature
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7229Broken Link, Tool Signature
- https://www.exploit-db.com/exploits/8720Exploit, Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-1378?
Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."
How severe is CVE-2009-1378?
Severity scoring for CVE-2009-1378 is pending analysis. The EPSS model estimates a 12.75% probability of exploitation in the next 30 days.
How do I fix CVE-2009-1378?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2009-1378?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST