Think you have a false positive on this rule?

Sid 1-33561

Message

SERVER-OTHER OpenSSL fragmented protocol downgrade attempt

Summary

The ssl23getclienthello function in s23srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue.

Impact

CVSS base score 4.3 CVSS impact score 2.9 CVSS exploitability score 8.6 confidentialityImpact NONE integrityImpact PARTIAL availabilityImpact PARTIAL

CVE-2014-3511:

CVSS base score 4.3

CVSS impact score 2.9

CVSS exploitability score 8.6

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Detailed information

CVE-2014-3511: The ssl23getclienthello function in s23srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue.

Affected systems

  • openssl openssl 1.0.0
  • openssl openssl 1.0.0a
  • openssl openssl 1.0.0b
  • openssl openssl 1.0.0c
  • openssl openssl 1.0.0d
  • openssl openssl 1.0.0e
  • openssl openssl 1.0.0f
  • openssl openssl 1.0.0g
  • openssl openssl 1.0.0h
  • openssl openssl 1.0.0i
  • openssl openssl 1.0.0j
  • openssl openssl 1.0.0k
  • openssl openssl 1.0.0l
  • openssl openssl 1.0.0m
  • openssl openssl 1.0.1
  • openssl openssl 1.0.1a
  • openssl openssl 1.0.1b
  • openssl openssl 1.0.1c
  • openssl openssl 1.0.1d
  • openssl openssl 1.0.1e
  • openssl openssl 1.0.1f
  • openssl openssl 1.0.1g
  • openssl openssl 1.0.1h

Ease of attack

CVE-2014-3511:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References

  • openssl.org/news/secadv_20140806.txt