topic Re: CVE-2014-0198 - Anyone have a signature? in General Topics https://live.paloaltonetworks.com/t5/general-topics/cve-2014-0198-anyone-have-a-signature/m-p/30664#M22446 <HTML><HEAD></HEAD><BODY><P>Hello Ericcapuano,</P><P></P><P>So far, <SPAN class="GINGER_SOFTWARE_mark">PAN threat database</SPAN> is not having any signature for the above mentioned CVE. I would request you to open a case with support, so that they will verify the coverage for this CVE.</P><P></P><P>Thanks</P></BODY></HTML> Wed, 14 May 2014 23:12:49 GMT HULK 2014-05-14T23:12:49Z CVE-2014-0198 - Anyone have a signature? https://live.paloaltonetworks.com/t5/general-topics/cve-2014-0198-anyone-have-a-signature/m-p/30663#M22445 <HTML><HEAD></HEAD><BODY><P>Curious if anyone else is working on or looking for a signature for this vuln: <A href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0198" title="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0198">NVD - Detail</A></P><P></P><P>DoS vulnerability brought about by a bug in OpenSSL. Is PAN working on a signature by chance?</P><P></P><P>Details: The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.</P></BODY></HTML> Wed, 14 May 2014 19:42:28 GMT https://live.paloaltonetworks.com/t5/general-topics/cve-2014-0198-anyone-have-a-signature/m-p/30663#M22445 Cap 2014-05-14T19:42:28Z Re: CVE-2014-0198 - Anyone have a signature? https://live.paloaltonetworks.com/t5/general-topics/cve-2014-0198-anyone-have-a-signature/m-p/30664#M22446 <HTML><HEAD></HEAD><BODY><P>Hello Ericcapuano,</P><P></P><P>So far, <SPAN class="GINGER_SOFTWARE_mark">PAN threat database</SPAN> is not having any signature for the above mentioned CVE. I would request you to open a case with support, so that they will verify the coverage for this CVE.</P><P></P><P>Thanks</P></BODY></HTML> Wed, 14 May 2014 23:12:49 GMT https://live.paloaltonetworks.com/t5/general-topics/cve-2014-0198-anyone-have-a-signature/m-p/30664#M22446 HULK 2014-05-14T23:12:49Z