CVE-2015-3194

HIGH

OpenSSL 1.0.1-1.0.1q and 1.0.2-1.0.2e - Denial of Service via RSA PSS ASN.1 Signature

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-3194. PoCs published by Trinadh465.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2015-3194, targeting OpenSSL 1.0.1g. The exploit appears to focus on MacOS-specific implementations, including socket and string utilities, likely demonstrating the vulnerability in a controlled environment.

Description

crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.

Exploits (1)

nomisec WORKING POC 1 stars
by Trinadh465 · poc
https://github.com/Trinadh465/OpenSSL-1_0_1g_CVE-2015-3194

This repository contains a proof-of-concept exploit for CVE-2015-3194, targeting OpenSSL 1.0.1g. The exploit appears to focus on MacOS-specific implementations, including socket and string utilities, likely demonstrating the vulnerability in a controlled environment.

Classification
Working Poc 80%
Attack Type
Other
Complexity
Moderate
Reliability
Theoretical
Target: OpenSSL 1.0.1g
No auth needed
Prerequisites: OpenSSL 1.0.1g installation · MacOS environment
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (38)

Core 38
Core References
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-2617.html
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=145382583417444&w=2
Third Party Advisory vendor-advisory
http://www.ubuntu.com/usn/USN-2830-1
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securityfocus.com/bid/91787
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2016-2957.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1034294
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html
Third Party Advisory vendor-advisory
http://www.debian.org/security/2015/dsa-3413
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-updates/2015-12/msg00087.html
Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1288320
Third Party Advisory, VDB Entry vdb-entry
http://www.securityfocus.com/bid/78623

Scores

CVSS v3 7.5
EPSS 0.4402
EPSS Percentile 98.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-476
Status published
Products (30)
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 15.04
canonical/ubuntu_linux 15.10
debian/debian_linux 7.0
debian/debian_linux 8.0
nodejs/node.js 0.10.0 - 0.10.41
nodejs/node.js 4.0.0 - 4.2.3
openssl/openssl 1.0.1
openssl/openssl 1.0.1a
... and 20 more
Published Dec 06, 2015
Tracked Since Feb 18, 2026