7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.974 High
EPSS
Percentile
99.9%
Issue Overview:
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224)
Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL.
A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195)
Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)
A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)
A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
An integer underflow flaw, leading to a heap-based buffer overflow, was found in the way OpenSSL decoded certain base64 strings. A remote attacker could provide a specially crafted base64 string via certain PEM processing routines that, when parsed by the OpenSSL library, would cause the OpenSSL server to crash. (CVE-2015-0292)
Affected Packages:
openssl
Issue Correction:
Run yum update openssl to update your system.
New Packages:
i686:
openssl-devel-1.0.1h-1.72.amzn1.i686
openssl-1.0.1h-1.72.amzn1.i686
openssl-debuginfo-1.0.1h-1.72.amzn1.i686
openssl-perl-1.0.1h-1.72.amzn1.i686
openssl-static-1.0.1h-1.72.amzn1.i686
src:
openssl-1.0.1h-1.72.amzn1.src
x86_64:
openssl-debuginfo-1.0.1h-1.72.amzn1.x86_64
openssl-static-1.0.1h-1.72.amzn1.x86_64
openssl-devel-1.0.1h-1.72.amzn1.x86_64
openssl-perl-1.0.1h-1.72.amzn1.x86_64
openssl-1.0.1h-1.72.amzn1.x86_64
Red Hat: CVE-2010-5298, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2015-0292
Mitre: CVE-2010-5298, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2015-0292
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | openssl-devel | < 1.0.1h-1.72.amzn1 | openssl-devel-1.0.1h-1.72.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | openssl | < 1.0.1h-1.72.amzn1 | openssl-1.0.1h-1.72.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | openssl-debuginfo | < 1.0.1h-1.72.amzn1 | openssl-debuginfo-1.0.1h-1.72.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | openssl-perl | < 1.0.1h-1.72.amzn1 | openssl-perl-1.0.1h-1.72.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | openssl-static | < 1.0.1h-1.72.amzn1 | openssl-static-1.0.1h-1.72.amzn1.i686.rpm |
Amazon Linux | 1 | x86_64 | openssl-debuginfo | < 1.0.1h-1.72.amzn1 | openssl-debuginfo-1.0.1h-1.72.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | openssl-static | < 1.0.1h-1.72.amzn1 | openssl-static-1.0.1h-1.72.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | openssl-devel | < 1.0.1h-1.72.amzn1 | openssl-devel-1.0.1h-1.72.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | openssl-perl | < 1.0.1h-1.72.amzn1 | openssl-perl-1.0.1h-1.72.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | openssl | < 1.0.1h-1.72.amzn1 | openssl-1.0.1h-1.72.amzn1.x86_64.rpm |
7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.974 High
EPSS
Percentile
99.9%