CVE-2021-3449

Description from NVD

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).

Information Acquisition Date:2021-04-27T11:09Z
CVSS 2.0: 4.3 MEDIUM CVSS 3.x: 5.9 MEDIUM

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

▼ CVSS2 Vec AV:N/AC:M/Au:N/C:N/I:N/A:P

NVD References

 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148
     source:CONFIRM
     tags:Mailing List    Patch    Vendor Advisory    
 https://www.openssl.org/news/secadv/20210325.txt
     source:CONFIRM
     tags:Vendor Advisory    
 20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021
     source:CISCO
     tags:Third Party Advisory    
 DSA-4875
     source:DEBIAN
     tags:Third Party Advisory    
 https://security.netapp.com/advisory/ntap-20210326-0006/
     source:CONFIRM
     tags:Third Party Advisory    
 https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc
     source:MISC
     tags:Third Party Advisory    
 [oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 GLSA-202103-03
     source:GENTOO
     tags:Third Party Advisory    
 https://www.tenable.com/security/tns-2021-06
     source:CONFIRM
     tags:Third Party Advisory    
 https://www.tenable.com/security/tns-2021-05
     source:CONFIRM
     tags:Third Party Advisory    
 FEDORA-2021-cbf14ab8f9
     source:FEDORA
     tags:Mailing List    Third Party Advisory    
 https://kc.mcafee.com/corporate/index?page=content&id=SB10356
     source:CONFIRM
     tags:Third Party Advisory    

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: OpenSSL(1 tweets)

List of frequently cited URLs

URLNum of Times Referred to
https://twitter.com/jpcert/status/13752788861419151367
https://www.jpcert.or.jp/at/2021/at210015.html6
https://www.bleepingcomputer.com/news/security/openssl-fixe...5
http://tenable.sc4
https://git.openssl.org/gitweb/?p=openssl.git4
https://thehackernews.com/2021/03/openssl-releases-patches-...4
https://github.com/terorie/cve-2021-34493
https://mta.openssl.org/pipermail/openssl-announce/2021-Mar...3
https://www.openssl.org/news/secadv/20210325.txt3
https://access.redhat.com/security/cve/CVE-2021-34493
https://cybermaterial.com/openssl-advisory-high-severity-cv...3

Information from Twitter

User URL Info Source Date
Programmatoris https://programmatic.solutions/dm2jyh/how-to-verify-tls-ren... Source Programmatoris   1597389073186004994 2022/11/29

List of frequently cited URLs

URLNum of Times Referred to
twitter.com7
www.jpcert.or.jp6
www.bleepingcomputer.com5
tenable.sc4
git.openssl.org4
thehackernews.com4
github.com3
mta.openssl.org3
www.openssl.org3
access.redhat.com3
cybermaterial.com3

Information from Twitter

User URL Info Source
Programmatoris programmatic.solutions Show Tweet
GitHub Search Results: Up to 10
NameURL
terorie/cve-2021-3449 https://github.com/terorie/cve-2021-3449
GitHub Search Results: Up to 10
NameURL
terorie/cve-2021-3449 github.com
2022/11/29 Score : 0
Added Har-sia Database : 2021/03/24
Last Modified : 2022/11/29
Highest Scored Date : 2021/03/26
Highest Score : 106