CVE-2010-4180
UnknownEPSS 9.50%
Last modified
CVE-2010-4180 is a vulnerability of currently unknown severity. OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.. EPSS estimates a 9.50% chance of exploitation in the next 30 days.
Description
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Openssl | Openssl | < 0.9.8q | — |
| Openssl | Openssl | >= 1.0.0, < 1.0.0c | — |
| Fedoraproject | Fedora | 13 | — |
| Fedoraproject | Fedora | 14 | — |
| Debian | Debian Linux | 5.0 | — |
| Canonical | Ubuntu Linux | 6.06 | — |
| Canonical | Ubuntu Linux | 8.04 | — |
| Canonical | Ubuntu Linux | 9.04 | — |
| Canonical | Ubuntu Linux | 10.04 | — |
| Canonical | Ubuntu Linux | 10.10 | — |
| Opensuse | Opensuse | 11.1 | — |
| Opensuse | Opensuse | 11.2 | — |
| Opensuse | Opensuse | 11.3 | — |
| Opensuse | Opensuse | 11.4 | — |
| Suse | Linux Enterprise | 11.0 | Sp1 |
| Suse | Linux Enterprise Desktop | 10 | Sp3 |
| Suse | Linux Enterprise Desktop | 11 | Sp1 |
| Suse | Linux Enterprise Server | 9 | — |
| Suse | Linux Enterprise Server | 10 | Sp3 |
| F5 | Nginx | < 0.9.2 | — |
References
- http://cvs.openssl.org/chngview?cn=20131Broken Link, Patch
- http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.htmlBroken Link, Mailing List, Third Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.htmlMailing List, Third Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.htmlMailing List, Third Party Advisory
- http://marc.info/?l=bugtraq&m=129916880600544&w=2Issue Tracking, Third Party Advisory
- http://marc.info/?l=bugtraq&m=130497251507577&w=2Issue Tracking, Third Party Advisory
- http://marc.info/?l=bugtraq&m=132077688910227&w=2Issue Tracking, Third Party Advisory
- http://openssl.org/news/secadv_20101202.txtPatch, Third Party Advisory
- http://osvdb.org/69565Broken Link
- http://secunia.com/advisories/42469Not Applicable
- http://secunia.com/advisories/42473Not Applicable
- http://secunia.com/advisories/42493Not Applicable
- http://secunia.com/advisories/42571Not Applicable
- http://secunia.com/advisories/42620Not Applicable
- http://secunia.com/advisories/42811Not Applicable
- http://secunia.com/advisories/42877Not Applicable
- http://secunia.com/advisories/43169Not Applicable
- http://secunia.com/advisories/43170Not Applicable
- http://secunia.com/advisories/43171Not Applicable
- http://secunia.com/advisories/43172Not Applicable
- http://secunia.com/advisories/43173Not Applicable
- http://secunia.com/advisories/44269Not Applicable
- http://support.apple.com/kb/HT4723Third Party Advisory
- http://ubuntu.com/usn/usn-1029-1Third Party Advisory
- http://www.debian.org/security/2011/dsa-2141Third Party Advisory
- http://www.kb.cert.org/vuls/id/737740Third Party Advisory, US Government Resource
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:248Permissions Required
- http://www.redhat.com/support/errata/RHSA-2010-0977.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2010-0978.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2010-0979.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2011-0896.htmlVendor Advisory
- http://www.securityfocus.com/archive/1/522176Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/45164Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id?1024822Broken Link, Third Party Advisory, VDB Entry
- http://www.vupen.com/english/advisories/2010/3120Permissions Required
- http://www.vupen.com/english/advisories/2010/3122Permissions Required
- http://www.vupen.com/english/advisories/2010/3134Permissions Required
- http://www.vupen.com/english/advisories/2010/3188Permissions Required
- http://www.vupen.com/english/advisories/2011/0032Permissions Required
- http://www.vupen.com/english/advisories/2011/0076Permissions Required
- http://www.vupen.com/english/advisories/2011/0268Permissions Required
- https://bugzilla.redhat.com/show_bug.cgi?id=659462Issue Tracking, Patch, Third Party Advisory
- http://cvs.openssl.org/chngview?cn=20131Broken Link, Patch
- http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.htmlBroken Link, Mailing List, Third Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.htmlMailing List, Third Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.htmlMailing List, Third Party Advisory
- http://marc.info/?l=bugtraq&m=129916880600544&w=2Issue Tracking, Third Party Advisory
- http://marc.info/?l=bugtraq&m=130497251507577&w=2Issue Tracking, Third Party Advisory
- http://marc.info/?l=bugtraq&m=132077688910227&w=2Issue Tracking, Third Party Advisory
- http://openssl.org/news/secadv_20101202.txtPatch, Third Party Advisory
- http://osvdb.org/69565Broken Link
- http://secunia.com/advisories/42469Not Applicable
- http://secunia.com/advisories/42473Not Applicable
- http://secunia.com/advisories/42493Not Applicable
- http://secunia.com/advisories/42571Not Applicable
- http://secunia.com/advisories/42620Not Applicable
- http://secunia.com/advisories/42811Not Applicable
- http://secunia.com/advisories/42877Not Applicable
- http://secunia.com/advisories/43169Not Applicable
- http://secunia.com/advisories/43170Not Applicable
- http://secunia.com/advisories/43171Not Applicable
- http://secunia.com/advisories/43172Not Applicable
- http://secunia.com/advisories/43173Not Applicable
- http://secunia.com/advisories/44269Not Applicable
- http://support.apple.com/kb/HT4723Third Party Advisory
- http://ubuntu.com/usn/usn-1029-1Third Party Advisory
- http://www.debian.org/security/2011/dsa-2141Third Party Advisory
- http://www.kb.cert.org/vuls/id/737740Third Party Advisory, US Government Resource
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:248Permissions Required
- http://www.redhat.com/support/errata/RHSA-2010-0977.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2010-0978.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2010-0979.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2011-0896.htmlVendor Advisory
- http://www.securityfocus.com/archive/1/522176Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/45164Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id?1024822Broken Link, Third Party Advisory, VDB Entry
- http://www.vupen.com/english/advisories/2010/3120Permissions Required
- http://www.vupen.com/english/advisories/2010/3122Permissions Required
- http://www.vupen.com/english/advisories/2010/3134Permissions Required
- http://www.vupen.com/english/advisories/2010/3188Permissions Required
- http://www.vupen.com/english/advisories/2011/0032Permissions Required
- http://www.vupen.com/english/advisories/2011/0076Permissions Required
- http://www.vupen.com/english/advisories/2011/0268Permissions Required
- https://bugzilla.redhat.com/show_bug.cgi?id=659462Issue Tracking, Patch, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-4180?
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.
How severe is CVE-2010-4180?
Severity scoring for CVE-2010-4180 is pending analysis. The EPSS model estimates a 9.50% probability of exploitation in the next 30 days.
How do I fix CVE-2010-4180?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2010-4180?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST