Think you have a false positive on this rule?

Sid 1-18766

Message

SERVER-OTHER OpenSSL CMS structure OriginatorInfo memory corruption attempt

Summary

The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.

Impact

CVSS base score 7.5 CVSS impact score 6.4 CVSS exploitability score 10.0 confidentialityImpact PARTIAL integrityImpact PARTIAL availabilityImpact PARTIAL

CVE-2010-0742:

CVSS base score 7.5

CVSS impact score 6.4

CVSS exploitability score 10.0

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Detailed information

CVE-2010-0742: The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.

Affected systems

  • openssl openssl 0.9.1c
  • openssl openssl 0.9.2b
  • openssl openssl 0.9.3
  • openssl openssl 0.9.3a
  • openssl openssl 0.9.4
  • openssl openssl 0.9.5
  • openssl openssl 0.9.5a
  • openssl openssl 0.9.6
  • openssl openssl 0.9.6a
  • openssl openssl 0.9.6b
  • openssl openssl 0.9.6c
  • openssl openssl 0.9.6d
  • openssl openssl 0.9.6e
  • openssl openssl 0.9.6f
  • openssl openssl 0.9.6g
  • openssl openssl 0.9.6h
  • openssl openssl 0.9.6i
  • openssl openssl 0.9.6j
  • openssl openssl 0.9.6k
  • openssl openssl 0.9.6l
  • openssl openssl 0.9.6m
  • openssl openssl 0.9.7
  • openssl openssl 0.9.7a
  • openssl openssl 0.9.7b
  • openssl openssl 0.9.7c
  • openssl openssl 0.9.7d
  • openssl openssl 0.9.7e
  • openssl openssl 0.9.7f
  • openssl openssl 0.9.7g
  • openssl openssl 0.9.7h
  • openssl openssl 0.9.7i
  • openssl openssl 0.9.7j
  • openssl openssl 0.9.7k
  • openssl openssl 0.9.7l
  • openssl openssl 0.9.7m
  • openssl openssl 0.9.8
  • openssl openssl 0.9.8a
  • openssl openssl 0.9.8b
  • openssl openssl 0.9.8c
  • openssl openssl 0.9.8d
  • openssl openssl 0.9.8e
  • openssl openssl 0.9.8f
  • openssl openssl 0.9.8g
  • openssl openssl 0.9.8h
  • openssl openssl 0.9.8i
  • openssl openssl 0.9.8j
  • openssl openssl 0.9.8k
  • openssl openssl 0.9.8l
  • openssl openssl 0.9.8m
  • openssl openssl 0.9.8n
  • openssl openssl 1.0.0

Ease of attack

CVE-2010-0742:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References