Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.703125
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 3125-1 (openssl - security update)
Summary:Multiple vulnerabilities have been;discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities;and Exposures project identifies the following issues:;;CVE-2014-3569;Frank Schmirler reported that the ssl23_get_client_hello function in;OpenSSL does not properly handle attempts to use unsupported;protocols. When OpenSSL is built with the no-ssl3 option and a SSL;v3 ClientHello is received, the ssl method would be set to NULL which;could later result in a NULL pointer dereference and daemon crash.;;CVE-2014-3570;Pieter Wuille of Blockstream reported that the bignum squaring;(BN_sqr) may produce incorrect results on some platforms, which;might make it easier for remote attackers to defeat cryptographic;protection mechanisms.;;CVE-2014-3571;Markus Stenberg of Cisco Systems, Inc. reported that a carefully;crafted DTLS message can cause a segmentation fault in OpenSSL due;to a NULL pointer dereference. A remote attacker could use this flaw;to mount a denial of service attack.;;CVE-2014-3572;Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an;OpenSSL client would accept a handshake using an ephemeral ECDH;ciphersuite if the server key exchange message is omitted. This;allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks;and trigger a loss of forward secrecy.;;CVE-2014-8275;Antti Karjalainen and Tuomo Untinen of the Codenomicon CROSS project;and Konrad Kraszewski of Google reported various certificate;fingerprint issues, which allow remote attackers to defeat a;fingerprint-based certificate-blacklist protection mechanism.;;CVE-2015-0204;Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that;an OpenSSL client will accept the use of an ephemeral RSA key in a;non-export RSA key exchange ciphersuite, violating the TLS;standard. This allows remote SSL servers to downgrade the security;of the session.;;CVE-2015-0205;Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an;OpenSSL server will accept a DH certificate for client;authentication without the certificate verify message. This flaw;effectively allows a client to authenticate without the use of a;private key via crafted TLS handshake protocol traffic to a server;that recognizes a certification authority with DH support.;;CVE-2015-0206;Chris Mueller discovered a memory leak in the dtls1_buffer_record;function. A remote attacker could exploit this flaw to mount a;denial of service through memory exhaustion by repeatedly sending;specially crafted DTLS records.
Description:Summary:
Multiple vulnerabilities have been
discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities
and Exposures project identifies the following issues:

CVE-2014-3569
Frank Schmirler reported that the ssl23_get_client_hello function in
OpenSSL does not properly handle attempts to use unsupported
protocols. When OpenSSL is built with the no-ssl3 option and a SSL
v3 ClientHello is received, the ssl method would be set to NULL which
could later result in a NULL pointer dereference and daemon crash.

CVE-2014-3570
Pieter Wuille of Blockstream reported that the bignum squaring
(BN_sqr) may produce incorrect results on some platforms, which
might make it easier for remote attackers to defeat cryptographic
protection mechanisms.

CVE-2014-3571
Markus Stenberg of Cisco Systems, Inc. reported that a carefully
crafted DTLS message can cause a segmentation fault in OpenSSL due
to a NULL pointer dereference. A remote attacker could use this flaw
to mount a denial of service attack.

CVE-2014-3572
Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an
OpenSSL client would accept a handshake using an ephemeral ECDH
ciphersuite if the server key exchange message is omitted. This
allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks
and trigger a loss of forward secrecy.

CVE-2014-8275
Antti Karjalainen and Tuomo Untinen of the Codenomicon CROSS project
and Konrad Kraszewski of Google reported various certificate
fingerprint issues, which allow remote attackers to defeat a
fingerprint-based certificate-blacklist protection mechanism.

CVE-2015-0204
Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that
an OpenSSL client will accept the use of an ephemeral RSA key in a
non-export RSA key exchange ciphersuite, violating the TLS
standard. This allows remote SSL servers to downgrade the security
of the session.

CVE-2015-0205
Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an
OpenSSL server will accept a DH certificate for client
authentication without the certificate verify message. This flaw
effectively allows a client to authenticate without the use of a
private key via crafted TLS handshake protocol traffic to a server
that recognizes a certification authority with DH support.

CVE-2015-0206
Chris Mueller discovered a memory leak in the dtls1_buffer_record
function. A remote attacker could exploit this flaw to mount a
denial of service through memory exhaustion by repeatedly sending
specially crafted DTLS records.

Affected Software/OS:
openssl on Debian Linux

Solution:
For the stable distribution (wheezy),
these problems have been fixed in version 1.0.1e-2+deb7u14.

For the upcoming stable distribution (jessie), these problems will be
fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 1.0.1k-1.

We recommend that you upgrade your openssl packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-3569
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
BugTraq ID: 71934
http://www.securityfocus.com/bid/71934
Cisco Security Advisory: 20150310 Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl
Debian Security Information: DSA-3125 (Google Search)
http://www.debian.org/security/2015/dsa-3125
HPdes Security Advisory: HPSBHF03289
http://marc.info/?l=bugtraq&m=142721102728110&w=2
HPdes Security Advisory: HPSBMU03380
http://marc.info/?l=bugtraq&m=143748090628601&w=2
HPdes Security Advisory: HPSBMU03396
http://marc.info/?l=bugtraq&m=144050205101530&w=2
HPdes Security Advisory: HPSBMU03397
http://marc.info/?l=bugtraq&m=144050297101809&w=2
HPdes Security Advisory: HPSBMU03409
http://marc.info/?l=bugtraq&m=144050155601375&w=2
HPdes Security Advisory: HPSBMU03413
http://marc.info/?l=bugtraq&m=144050254401665&w=2
HPdes Security Advisory: HPSBOV03318
http://marc.info/?l=bugtraq&m=142895206924048&w=2
HPdes Security Advisory: HPSBUX03162
http://marc.info/?l=bugtraq&m=142496179803395&w=2
HPdes Security Advisory: HPSBUX03244
http://marc.info/?l=bugtraq&m=142496289803847&w=2
HPdes Security Advisory: SSRT101885
http://www.mandriva.com/security/advisories?name=MDVSA-2015:019
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
http://www.securitytracker.com/id/1033378
SuSE Security Announcement: SUSE-SU-2015:0946 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html
SuSE Security Announcement: openSUSE-SU-2015:0130 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html
SuSE Security Announcement: openSUSE-SU-2016:0640 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3570
BugTraq ID: 71939
http://www.securityfocus.com/bid/71939
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147938.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148363.html
HPdes Security Advisory: HPSBGN03299
http://marc.info/?l=bugtraq&m=142720981827617&w=2
HPdes Security Advisory: SSRT101987
RedHat Security Advisories: RHSA-2015:0066
http://rhn.redhat.com/errata/RHSA-2015-0066.html
RedHat Security Advisories: RHSA-2015:0849
http://rhn.redhat.com/errata/RHSA-2015-0849.html
RedHat Security Advisories: RHSA-2016:1650
http://rhn.redhat.com/errata/RHSA-2016-1650.html
SuSE Security Announcement: SUSE-SU-2015:0578 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
SuSE Security Announcement: openSUSE-SU-2015:1277 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3571
BugTraq ID: 71937
http://www.securityfocus.com/bid/71937
Common Vulnerability Exposure (CVE) ID: CVE-2014-3572
BugTraq ID: 71942
http://www.securityfocus.com/bid/71942
Common Vulnerability Exposure (CVE) ID: CVE-2014-8275
BugTraq ID: 71935
http://www.securityfocus.com/bid/71935
RedHat Security Advisories: RHSA-2015:0800
http://rhn.redhat.com/errata/RHSA-2015-0800.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-0204
BugTraq ID: 71936
http://www.securityfocus.com/bid/71936
BugTraq ID: 91787
http://www.securityfocus.com/bid/91787
https://security.gentoo.org/glsa/201503-11
HPdes Security Advisory: HPSBMU03345
http://marc.info/?l=bugtraq&m=144043644216842&w=2
HPdes Security Advisory: HPSBUX03334
http://marc.info/?l=bugtraq&m=143213830203296&w=2
HPdes Security Advisory: SSRT102000
http://www.mandriva.com/security/advisories?name=MDVSA-2015:063
https://freakattack.com/
SuSE Security Announcement: SUSE-SU-2015:1085 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html
SuSE Security Announcement: SUSE-SU-2015:1086 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html
SuSE Security Announcement: SUSE-SU-2015:1138 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
SuSE Security Announcement: SUSE-SU-2015:1161 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html
SuSE Security Announcement: SUSE-SU-2015:2166 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html
SuSE Security Announcement: SUSE-SU-2015:2168 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html
SuSE Security Announcement: SUSE-SU-2015:2182 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html
SuSE Security Announcement: SUSE-SU-2015:2192 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html
SuSE Security Announcement: SUSE-SU-2015:2216 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html
SuSE Security Announcement: SUSE-SU-2016:0113 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html
XForce ISS Database: openssl-cve20150204-weak-security(99707)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99707
Common Vulnerability Exposure (CVE) ID: CVE-2015-0205
BugTraq ID: 71941
http://www.securityfocus.com/bid/71941
XForce ISS Database: openssl-cve20150205-sec-bypass(99708)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99708
Common Vulnerability Exposure (CVE) ID: CVE-2015-0206
BugTraq ID: 71940
http://www.securityfocus.com/bid/71940
XForce ISS Database: openssl-cve20150206-dos(99704)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99704
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.