Lucene search

K
archlinuxArch LinuxASA-201501-2
HistoryJan 09, 2015 - 12:00 a.m.

openssl: multiple issues

2015-01-0900:00:00
Arch Linux
lists.archlinux.org
32

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.965 High

EPSS

Percentile

99.5%

  • CVE-2014-3571 (denial of service)
    A remote attacker is able to cause a denial of service (NULL pointer
    dereference and application crash) via a crafted DTLS message that is
    processed with a different read operation for the handshake header than
    for the handshake body, related to the dtls1_get_record function in
    d1_pkt.c and the ssl3_read_n function in s3_pkt.c.

  • CVE-2015-0206 (denial of service)
    A memory leak can occur in the dtls1_buffer_record function under
    certain conditions. In particular this could occur if an attacker sent
    repeated DTLS records with the same sequence number but for the next
    epoch. The memory leak could be exploited by an attacker in a denial of
    service attack through memory exhaustion.

  • CVE-2014-3569 (denial of service)
    The ssl23_get_client_hello function in s23_srvr.c does not properly
    handle attempts to use unsupported protocols, which allows remote
    attackers to cause a denial of service (NULL pointer dereference and
    daemon crash) via an unexpected handshake, as demonstrated by an SSLv3
    handshake to a no-ssl3 application with certain error handling.

  • CVE-2014-3572 (cipher downgrade)
    An OpenSSL client will accept a handshake using an ephemeral ECDH
    ciphersuite using an ECDSA certificate if the server key exchange
    message is omitted. This effectively removes forward secrecy from the
    ciphersuite.

  • CVE-2015-0204 (cipher downgrade)
    The ssl3_get_key_exchange function in s3_clnt.c allows remote SSL
    servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate
    brute-force decryption by offering a weak ephemeral RSA key in a
    noncompliant role.

  • CVE-2015-0205 (certificate verification bypass)
    An OpenSSL server will accept a DH certificate for client authentication
    without the certificate verify message. This effectively allows a client
    to authenticate without the use of a private key. This only affects
    servers which trust a client certificate authority which issues
    certificates containing DH keys.

  • CVE-2014-8275 (certificate fingerprint modification)
    OpenSSL accepts several non-DER-variations of certificate signature
    algorithm and signature encodings. OpenSSL also does not enforce a match
    between the signature algorithm between the signed and unsigned portions
    of the certificate. By modifying the contents of the signature algorithm
    or the encoding of the signature, it is possible to change the
    certificateโ€™s fingerprint.
    This does not allow an attacker to forge certificates, and does not
    affect certificate verification or OpenSSL servers/clients in any other
    way. It also does not affect common revocation mechanisms. Only custom
    applications that rely on the uniqueness of the fingerprint (e.g.
    certificate blacklists) may be affected.

  • CVE-2014-3570 (bignum squaring error)
    The BN_sqr implementation does not properly calculate the square of a
    BIGNUM value, which might make it easier for remote attackers to defeat
    cryptographic protection mechanisms via unspecified vectors, related to
    crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.

OSVersionArchitecturePackageVersionFilename
anyanyanyopenssl<ย 1.0.1.k-1UNKNOWN

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.965 High

EPSS

Percentile

99.5%