Vulnerabilities > CVE-2015-3196 - Race Condition vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Leveraging Race Conditions This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
- Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. The typical example is the file access. The attacker can leverage a file access race condition by "running the race", meaning that he would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the attacker could do something such as replace the file and cause an escalation of privilege.
Nessus
NASL family Web Servers NASL id OPENSSL_1_0_0T.NASL description According to its banner, the remote host is running a version of OpenSSL 1.0.0 prior to 1.0.0t. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195) - A race condition exists in s3_clnt.c that is triggered when PSK identity hints are incorrectly updated in the parent SSL_CTX structure when they are received by a multi-threaded client. A remote attacker can exploit this, via a crafted ServerKeyExchange message, to cause a double-free memory error, resulting in a denial of service. (CVE-2015-3196) last seen 2020-06-01 modified 2020-06-02 plugin id 87220 published 2015-12-07 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87220 title OpenSSL 1.0.0 < 1.0.0t Multiple DoS code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(87220); script_version("1.15"); script_cvs_date("Date: 2019/11/22"); script_cve_id("CVE-2015-3195", "CVE-2015-3196"); script_bugtraq_id(78622, 78626); script_name(english:"OpenSSL 1.0.0 < 1.0.0t Multiple DoS"); script_summary(english:"Performs a banner check."); script_set_attribute(attribute:"synopsis", value: "The remote host is affected by multiple denial of service vulnerabilities."); script_set_attribute(attribute:"description", value: "According to its banner, the remote host is running a version of OpenSSL 1.0.0 prior to 1.0.0t. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195) - A race condition exists in s3_clnt.c that is triggered when PSK identity hints are incorrectly updated in the parent SSL_CTX structure when they are received by a multi-threaded client. A remote attacker can exploit this, via a crafted ServerKeyExchange message, to cause a double-free memory error, resulting in a denial of service. (CVE-2015-3196)"); script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/secadv/20151203.txt"); script_set_attribute(attribute:"solution", value: "Upgrade to OpenSSL version 1.0.0t or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-3195"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/03"); script_set_attribute(attribute:"patch_publication_date", value:"2015/12/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/07"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:openssl:openssl"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("openssl_version.nasl"); script_require_keys("openssl/port"); exit(0); } include("openssl_version.inc"); openssl_check_version(fixed:'1.0.0t', min:"1.0.0", severity:SECURITY_WARNING);NASL family F5 Networks Local Security Checks NASL id F5_BIGIP_SOL55540723.NASL description ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message. (CVE-2015-3196) last seen 2020-06-01 modified 2020-06-02 plugin id 87434 published 2015-12-17 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87434 title F5 Networks BIG-IP : OpenSSL vulnerability (K55540723) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2016-0001.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-7575 - disallow use of MD5 in TLS1.2 - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509_ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint last seen 2020-06-01 modified 2020-06-02 plugin id 87800 published 2016-01-08 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87800 title OracleVM 3.3 : openssl (OVMSA-2016-0001) (SLOTH) NASL family SuSE Local Security Checks NASL id OPENSUSE-2015-908.NASL description OpenSSL was updated to fix three security issues. The following vulnerabilities were fixed : - CVE-2015-3194: Certificate verify crash with missing PSS parameter (bsc#957815) - CVE-2015-3195: X509_ATTRIBUTE memory leak (bsc#957812) - CVE-2015-3196: Race condition handling PSK identify hint (bsc#957813) last seen 2020-06-05 modified 2015-12-17 plugin id 87447 published 2015-12-17 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/87447 title openSUSE Security Update : OpenSSL (openSUSE-2015-908) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2015-2617.NASL description From Red Hat Security Advisory 2015:2617 : Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer dereference flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196) All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. last seen 2020-06-01 modified 2020-06-02 plugin id 87364 published 2015-12-15 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87364 title Oracle Linux 6 / 7 : openssl (ELSA-2015-2617) NASL family Fedora Local Security Checks NASL id FEDORA_2015-D87D60B9A9.NASL description Moderate security issues fixed in this update. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-03-04 plugin id 89431 published 2016-03-04 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/89431 title Fedora 22 : openssl-1.0.1k-13.fc22 (2015-d87d60b9a9) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2015-2617.NASL description Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer dereference flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196) All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. last seen 2020-06-01 modified 2020-06-02 plugin id 87357 published 2015-12-15 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87357 title CentOS 6 / 7 : openssl (CESA-2015:2617) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2015-0155.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509_ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint last seen 2020-06-01 modified 2020-06-02 plugin id 87366 published 2015-12-15 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87366 title OracleVM 3.3 : openssl (OVMSA-2015-0155) NASL family Web Servers NASL id OPENSSL_1_0_1P.NASL description According to its banner, the remote host is running a version of OpenSSL 1.0.1 prior to 1.0.1p. It is, therefore, affected by the following vulnerabilities : - A certificate validation bypass vulnerability exists due to a flaw in the X509_verify_cert() function in x509_vfy.c that is triggered when locating alternate certificate chains when the first attempt to build such a chain fails. A remote attacker can exploit this, by using a valid leaf certificate as a certificate authority (CA), to issue invalid certificates that will bypass authentication. Note that this issue affects only versions 1.0.1n and 1.0.1o. (CVE-2015-1793) - A race condition exists in s3_clnt.c that is triggered when PSK identity hints are incorrectly updated in the parent SSL_CTX structure when they are received by a multi-threaded client. A remote attacker can exploit this, via a crafted ServerKeyExchange message, to cause a double-free memory error, resulting in a denial of service. (CVE-2015-3196) last seen 2020-06-01 modified 2020-06-02 plugin id 84636 published 2015-07-09 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84636 title OpenSSL 1.0.1 < 1.0.1p Multiple Vulnerabilities NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_4C8D1D729B3811E5AECED050996490D0.NASL description OpenSSL project reports : - BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193) - Certificate verify crash with missing PSS parameter (CVE-2015-3194) - X509_ATTRIBUTE memory leak (CVE-2015-3195) - Race condition handling PSK identify hint (CVE-2015-3196) - Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794) last seen 2020-06-01 modified 2020-06-02 plugin id 87213 published 2015-12-07 reporter This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87213 title FreeBSD : openssl -- multiple vulnerabilities (4c8d1d72-9b38-11e5-aece-d050996490d0) NASL family SuSE Local Security Checks NASL id SUSE_SU-2015-2230-1.NASL description This update for openssl fixes the following issues : Security fixes : - CVE-2015-3194: The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. Since these routines are used to verify certificate signature algorithms this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. (bsc#957815) - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. (bsc#957812) - CVE-2015-3196: If PSK identity hints are received by a multi-threaded client then the values were wrongly updated in the parent SSL_CTX structure. This could result in a race condition potentially leading to a double free of the identify hint data. (bsc#957813) Non security bugs fixed : - Improve S/390 performance on IBM z196 and z13 (bsc#954256) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 87280 published 2015-12-09 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87280 title SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:2230-1) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2015-349-04.NASL description New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 87378 published 2015-12-16 reporter This script is Copyright (C) 2015-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/87378 title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2015-349-04) NASL family Web Servers NASL id OPENSSL_1_0_2D.NASL description According to its banner, the remote host is running a version of OpenSSL 1.0.2 prior to 1.0.2d. It is, therefore, affected by the following vulnerabilities : - A certificate validation bypass vulnerability exists due to a flaw in the X509_verify_cert() function in x509_vfy.c that is triggered when locating alternate certificate chains when the first attempt to build such a chain fails. A remote attacker can exploit this, by using a valid leaf certificate as a certificate authority (CA), to issue invalid certificates that will bypass authentication. (CVE-2015-1793) - A race condition exists in s3_clnt.c that is triggered when PSK identity hints are incorrectly updated in the parent SSL_CTX structure when they are received by a multi-threaded client. A remote attacker can exploit this, via a crafted ServerKeyExchange message, to cause a double-free memory error, resulting in a denial of service. (CVE-2015-3196) last seen 2020-06-01 modified 2020-06-02 plugin id 84637 published 2015-07-09 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84637 title OpenSSL 1.0.2 < 1.0.2d Multiple Vulnerabilities NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201601-05.NASL description The remote host is affected by the vulnerability described in GLSA-201601-05 (OpenSSL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenSSL. Please review the upstream advisory and CVE identifiers referenced below for details. Note that the list includes CVE identifiers for an older OpenSSL Security Advisory (3 Dec 2015) for which we have not issued a GLSA before. Impact : A remote attacker could disclose a server’s private DH exponent, or complete SSLv2 handshakes using ciphers that have been disabled on the server. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 88586 published 2016-02-05 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/88586 title GLSA-201601-05 : OpenSSL: Multiple vulnerabilities NASL family Scientific Linux Local Security Checks NASL id SL_20151214_OPENSSL_ON_SL6_X.NASL description A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. last seen 2020-03-18 modified 2015-12-16 plugin id 87402 published 2015-12-16 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87402 title Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20151214) NASL family SuSE Local Security Checks NASL id OPENSUSE-2015-911.NASL description This update for openssl fixes the following issues : Security fixes : - CVE-2015-3194: The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. Since these routines are used to verify certificate signature algorithms this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. (bsc#957815) - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. (bsc#957812) - CVE-2015-3196: If PSK identity hints are received by a multi-threaded client then the values were wrongly updated in the parent SSL_CTX structure. This could result in a race condition potentially leading to a double free of the identify hint data. (bsc#957813) Non security bugs fixed : - Improve S/390 performance on IBM z196 and z13 (bsc#954256) This update was imported from the SUSE:SLE-12-SP1:Update update project. last seen 2020-06-05 modified 2015-12-18 plugin id 87487 published 2015-12-18 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/87487 title openSUSE Security Update : openssl (openSUSE-2015-911) NASL family SuSE Local Security Checks NASL id SUSE_SU-2015-2237-1.NASL description This update for openssl fixes the following issues : Security fixes : - CVE-2015-3194: The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. Since these routines are used to verify certificate signature algorithms this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. (bsc#957815) - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. (bsc#957812) - CVE-2015-3196: If PSK identity hints are received by a multi-threaded client then the values were wrongly updated in the parent SSL_CTX structure. This could result in a race condition potentially leading to a double free of the identify hint data. (bsc#957813) Non security bugs fixed : - Clear the error after setting non-fips mode (bsc#947104) - Improve S/390 performance on IBM z196 and z13 (bsc#954256) - Add support for last seen 2020-06-01 modified 2020-06-02 plugin id 87318 published 2015-12-11 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87318 title SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:2237-1) NASL family MacOS X Local Security Checks NASL id MACOSX_CISCO_ANYCONNECT_CSCUX41420.NASL description The Cisco AnyConnect Secure Mobility Client installed on the remote Mac OS X host is a version prior to 3.1.13015.0 or 4.2.x prior to 4.2.1035.0. It is, therefore, affected by multiple vulnerabilities in the bundled version of OpenSSL : - A carry propagating flaw exists in the x86_64 Montgomery squaring implementation that may cause the BN_mod_exp() function to produce incorrect results. An attacker can exploit this to obtain sensitive information regarding private keys. (CVE-2015-3193) - A NULL pointer dereference flaw exists in file rsa_ameth.c when handling ASN.1 signatures that use the RSA PSS algorithm but are missing a mask generation function parameter. A remote attacker can exploit this to cause the signature verification routine to crash, leading to a denial of service. (CVE-2015-3194) - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195) - A race condition exists in s3_clnt.c that is triggered when PSK identity hints are incorrectly updated in the parent SSL_CTX structure when they are received by a multi-threaded client. A remote attacker can exploit this, via a crafted ServerKeyExchange message, to cause a double-free memory error, resulting in a denial of service. (CVE-2015-3196) - A flaw exists in the ssl3_get_key_exchange() function in file s3_clnt.c when handling a ServerKeyExchange message for an anonymous DH ciphersuite with the value of last seen 2020-06-01 modified 2020-06-02 plugin id 88101 published 2016-01-22 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/88101 title Mac OS X : Cisco AnyConnect Secure Mobility Client < 3.1.13015.0 / 4.2.x < 4.2.1035.0 Multiple OpenSSL Vulnerabilities NASL family Junos Local Security Checks NASL id JUNIPER_JSA10759.NASL description According to its self-reported version number, the remote Juniper Junos device is affected by the following vulnerabilities related to OpenSSL : - A flaw exists in the ssl3_get_key_exchange() function in file s3_clnt.c when handling a ServerKeyExchange message for an anonymous DH ciphersuite with the value of last seen 2020-03-18 modified 2017-01-05 plugin id 96316 published 2017-01-05 reporter This script is Copyright (C) 2017-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/96316 title Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10759) (SWEET32) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2016-0049.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO - fix CVE-2016-0799 - memory issues in BIO_printf - fix CVE-2016-0702 - side channel attack on modular exponentiation - fix CVE-2016-0705 - double-free in DSA private key parsing - fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generic TLS method - fix 1-byte memory leak in pkcs12 parse (#1229871) - document some options of the speed command (#1197095) - fix high-precision timestamps in timestamping authority - fix CVE-2015-7575 - disallow use of MD5 in TLS1.2 - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509_ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint last seen 2020-06-01 modified 2020-06-02 plugin id 91154 published 2016-05-16 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91154 title OracleVM 3.3 / 3.4 : openssl (OVMSA-2016-0049) (SLOTH) NASL family Firewalls NASL id PFSENSE_SA-15_11.NASL description According to its self-reported version number, the remote pfSense install is prior to 2.2.6. It is, therefore, affected by multiple vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 106498 published 2018-01-31 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106498 title pfSense < 2.2.6 Multiple Vulnerabilities (SA-15_09 / SA-15_10 / SA-15_11) NASL family Misc. NASL id VIRTUALBOX_5_0_18.NASL description The Oracle VM VirtualBox application installed on the remote host is a version prior to 4.3.36 or 5.0.18. It is, therefore, affected by an unspecified flaw in the Core subcomponent that allows a local attacker to gain elevated privileges. Additionally, multiple vulnerabilities exist in the bundled version of OpenSSL : - A flaw exists in the ssl3_get_key_exchange() function in file s3_clnt.c when handling a ServerKeyExchange message for an anonymous DH ciphersuite with the value of last seen 2020-06-01 modified 2020-06-02 plugin id 90680 published 2016-04-22 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90680 title Oracle VM VirtualBox < 4.3.36 / 5.0.18 Multiple Vulnerabilities (April 2016 CPU) NASL family AIX Local Security Checks NASL id AIX_OPENSSL_ADVISORY15.NASL description The version of OpenSSL installed on the remote AIX host is affected by multiple vulnerabilities : - A NULL pointer dereference flaw exists in file rsa_ameth.c when handling ASN.1 signatures that use the RSA PSS algorithm but are missing a mask generation function parameter. A remote attacker can exploit this to cause the signature verification routine to crash, leading to a denial of service. (CVE-2015-3194) - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195) - A race condition exists in s3_clnt.c that is triggered when PSK identity hints are incorrectly updated in the parent SSL_CTX structure when they are received by a multi-threaded client. A remote attacker can exploit this, via a crafted ServerKeyExchange message, to cause a double-free memory error, resulting in a denial of service. (CVE-2015-3196) last seen 2020-06-01 modified 2020-06-02 plugin id 88085 published 2016-01-22 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/88085 title AIX OpenSSL Advisory : openssl_advisory15.asc NASL family Windows NASL id CISCO_ANYCONNECT_CSCUX41420.NASL description The Cisco AnyConnect Secure Mobility Client installed on the remote host is a version prior to 3.1.13015.0 or 4.2.x prior to 4.2.1035.0. It is, therefore, affected by multiple vulnerabilities in the bundled version of OpenSSL : - A carry propagating flaw exists in the x86_64 Montgomery squaring implementation that may cause the BN_mod_exp() function to produce incorrect results. An attacker can exploit this to obtain sensitive information regarding private keys. (CVE-2015-3193) - A NULL pointer dereference flaw exists in file rsa_ameth.c when handling ASN.1 signatures that use the RSA PSS algorithm but are missing a mask generation function parameter. A remote attacker can exploit this to cause the signature verification routine to crash, leading to a denial of service. (CVE-2015-3194) - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195) - A race condition exists in s3_clnt.c that is triggered when PSK identity hints are incorrectly updated in the parent SSL_CTX structure when they are received by a multi-threaded client. A remote attacker can exploit this, via a crafted ServerKeyExchange message, to cause a double-free memory error, resulting in a denial of service. (CVE-2015-3196) - A flaw exists in the ssl3_get_key_exchange() function in file s3_clnt.c when handling a ServerKeyExchange message for an anonymous DH ciphersuite with the value of last seen 2020-06-01 modified 2020-06-02 plugin id 88100 published 2016-01-22 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/88100 title Cisco AnyConnect Secure Mobility Client < 3.1.13015.0 / 4.2.x < 4.2.1035.0 Multiple OpenSSL Vulnerabilities NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3413.NASL description Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2015-3194 Loic Jonas Etienne of Qnective AG discovered that the signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. A remote attacker can exploit this flaw to crash any certificate verification operation and mount a denial of service attack. - CVE-2015-3195 Adam Langley of Google/BoringSSL discovered that OpenSSL will leak memory when presented with a malformed X509_ATTRIBUTE structure. - CVE-2015-3196 A race condition flaw in the handling of PSK identify hints was discovered, potentially leading to a double free of the identify hint data. last seen 2020-06-01 modified 2020-06-02 plugin id 87212 published 2015-12-07 reporter This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87212 title Debian DSA-3413-1 : openssl - security update NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2015-614.NASL description A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196) last seen 2020-06-01 modified 2020-06-02 plugin id 87340 published 2015-12-15 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/87340 title Amazon Linux AMI : openssl (ALAS-2015-614) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2830-1.NASL description Guy Leaver discovered that OpenSSL incorrectly handled a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 15.10. (CVE-2015-1794) Hanno Bock discovered that the OpenSSL Montgomery squaring procedure algorithm may produce incorrect results when being used on x86_64. A remote attacker could possibly use this issue to break encryption. This issue only applied to Ubuntu 15.10. (CVE-2015-3193) Loic Jonas Etienne discovered that OpenSSL incorrectly handled ASN.1 signatures with a missing PSS parameter. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-3194) Adam Langley discovered that OpenSSL incorrectly handled malformed X509_ATTRIBUTE structures. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. (CVE-2015-3195) It was discovered that OpenSSL incorrectly handled PSK identity hints. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3196). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 87236 published 2015-12-08 reporter Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87236 title Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : openssl vulnerabilities (USN-2830-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-2617.NASL description Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer dereference flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196) All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. last seen 2020-06-01 modified 2020-06-02 plugin id 87335 published 2015-12-14 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87335 title RHEL 6 / 7 : openssl (RHSA-2015:2617)
Packetstorm
| data source | https://packetstormsecurity.com/files/download/143369/orionbrowser79-mitm.txt |
| id | PACKETSTORM:143369 |
| last seen | 2017-07-15 |
| published | 2017-07-14 |
| reporter | MaXe |
| source | https://packetstormsecurity.com/files/143369/Orion-Elite-Hidden-IP-Browser-Pro-7.9-OpenSSL-Tor-Man-In-The-Middle.html |
| title | Orion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle |
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://openssl.org/news/secadv/20151203.txt
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://marc.info/?l=bugtraq&m=145382583417444&w=2
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- http://www.securityfocus.com/bid/78622
- http://fortiguard.com/advisory/openssl-advisory-december-2015
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl
- http://rhn.redhat.com/errata/RHSA-2015-2617.html
- http://www.fortiguard.com/advisory/openssl-advisory-december-2015
- http://www.ubuntu.com/usn/USN-2830-1
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583
- http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html
- http://www.debian.org/security/2015/dsa-3413
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322
- http://www.securitytracker.com/id/1034294
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- http://rhn.redhat.com/errata/RHSA-2016-2957.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3c66a669dfc7b3792f7af0758ea26fe8502ce70c