ID SOL16136 Type f5 Reporter f5 Modified 2015-09-17T00:00:00
Description
Recommended Action
If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.
F5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy.
To mitigate this vulnerability, navigate to the respective product:
BIG-IP products
Traffix
LineRate
BIG-IP products
To mitigate this vulnerability, you can discontinue the use of X509::hash and use another mechanism for blacklisting.
Traffix products
To mitigate this vulnerability, you can upgrade with the Traffix package for January 2015 which contains openssl-1.0.1e-30. For more information, refer to the F5 Traffix representative for your region.
LineRate
None
Supplemental Information
SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
SOL4918: Overview of the F5 critical issue hotfix policy
{"reporter": "f5", "published": "2015-02-12T00:00:00", "cvelist": ["CVE-2014-8275"], "title": "SOL16136 - OpenSSL vulnerability CVE-2014-8275", "objectVersion": "1.2", "type": "f5", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/100/sol16136.html", "bulletinFamily": "software", "hashmap": [{"hash": "883b84b22787c411bdb98f51d1aa44b2", "key": "affectedSoftware"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "9a16075f13f7605af55643a1ccc20eb8", "key": "cvelist"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "cdccb38d0bd4d1c2bc2e86f31e711f25", "key": "description"}, {"hash": "28c65a047f7a5029a9098a89551febab", "key": "href"}, {"hash": "b84c0044884bb0e96c08581962599d69", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "836c04d22009adbe729e538a44a9ffba", "key": "published"}, {"hash": "d708145dea38455a229de4cb2bf9c70e", "key": "references"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "reporter"}, {"hash": "4700aa8ab1b626d5f5301cd5997b48db", "key": "title"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "type"}, {"hash": "cfcd208495d565ef66e7dff9f98764da", "key": "viewCount"}], "history": [], "enchantments": {"vulnersScore": 5.0}, "modified": "2015-09-17T00:00:00", "hash": "d42c4a3b8017a61141fb993cad608915eeee60580b568ce441fc2b5e1003d39f", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "viewCount": 2, "lastseen": "2016-09-26T17:23:31", "edition": 1, "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, navigate to the respective product: \n\n\n * BIG-IP products \n\n * Traffix \n\n * LineRate\n\n**BIG-IP products** \n\n\nTo mitigate this vulnerability, you can discontinue the use of **X509::hash** and use another mechanism for blacklisting. \n\n\n**Traffix products \n**\n\nTo mitigate this vulnerability, you can upgrade with the Traffix package for January 2015 which contains **openssl-1.0.1e-30**. For more information, refer to the F5 Traffix representative for your region. \n\n\n**LineRate**\n\nNone \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "id": "SOL16136", "affectedSoftware": [{"operator": "le", "name": "BIG-IP PSM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP Link Controller", "version": "11.6.0"}, {"operator": "le", "name": "LineRate", "version": "2.5.0"}, {"operator": "le", "name": "BIG-IP PEM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP APM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP Edge Clients for Linux\n", "version": "7110.x"}, {"operator": "le", "name": "BIG-IP Edge Clients for Apple iOS", "version": "1.0.6"}, {"operator": "le", "name": "BIG-IP Analytics", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP WebAccelerator", "version": "11.3.0"}, {"operator": "le", "name": "BIG-IP Edge Clients for Windows", "version": "7110.x"}, {"operator": "le", "name": "BIG-IP ASM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP Edge Gateway\n", "version": "11.3.0"}, {"operator": "le", "name": "BIG-IP LTM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP PSM", "version": "11.4.1"}, {"operator": "le", "name": "BIG-IP LTM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP AAM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP ASM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP WebAccelerator", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP Edge Clients for Android\n", "version": "2.0.6"}, {"operator": "le", "name": "BIG-IP Link Controller", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP AFM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP Edge Clients Windows Phone 8.1", "version": "1.0.0.x"}, {"operator": "le", "name": "BIG-IP APM", "version": "11.6.0"}, {"operator": "le", "name": "BIG-IP Edge Clients for MAC OS X", "version": "7110.x"}, {"operator": "le", "name": "BIG-IP WOM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP WOM", "version": "11.3.0"}, {"operator": "le", "name": "BIG-IP Edge Gateway\n", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP Edge Clients for Apple iOS", "version": "2.0.4"}, {"operator": "le", "name": "Traffix", "version": "4.1.0"}]}
{"result": {"cve": [{"id": "CVE-2014-8275", "type": "cve", "title": "CVE-2014-8275", "description": "OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c.", "published": "2015-01-08T21:59:09", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8275", "cvelist": ["CVE-2014-8275"], "lastseen": "2017-11-15T11:55:35"}], "f5": [{"id": "F5:K16136", "type": "f5", "title": "OpenSSL vulnerability CVE-2014-8275", "description": "\nF5 Product Development has assigned ID 500093 (BIG-IP), ID 500088 (BIG-IP Edge clients) and ID LRS-37957 (LineRate) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. In addition, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) lists Heuristic H505539 on the **Diagnostics** > **Identified** > **High** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| 12.0.0 \n \n| Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \n \nBIG-IP AAM | 11.4.0 - 11.6.0 \n| 12.0.0 | Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \nBIG-IP AFM | 11.3.0 - 11.6.0 \n| 12.0.0 | Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \nBIG-IP Analytics | 11.0.0 - 11.6.0 \n| 12.0.0 | Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \nBIG-IP APM | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| 12.0.0 | Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \nBIG-IP ASM | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| 12.0.0 | Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \nBIG-IP DNS | None | 12.0.0 | None \nBIG-IP Edge Gateway \n| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| None | Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \n \n \nBIG-IP GTM | None \n| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | None \nBIG-IP Link Controller | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| 12.0.0 | Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \nBIG-IP PEM | 11.3.0 - 11.6.0 \n| 12.0.0 | Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \nBIG-IP PSM | 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 \n| None | Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| None | Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \nBIG-IP WOM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| None | Virtual servers utilizing an iRule that implement X509::hash for custom blacklisting. \nARX | None | 6.0.0 - 6.4.0 \n| None \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 \n| None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 \n| None \n \nBIG-IQ ADC | None | 4.5.0 | None \nBIG-IQ Cloud | None \n| 4.0.0 - 4.5.0 \n| None \n \nBIG-IQ Device | None \n| 4.2.0 - 4.5.0 \n| None \nLineRate | 2.4.0 - 2.5.0 \n| None | OpenSSL \nTraffix | 3.3.2 - 4.1.0 | None | OpenSSL \nBIG-IP Edge Clients for Android \n| 2.0.0 - 2.0.6 | 2.0.7 \n| VPN \nBIG-IP Edge Clients for Apple iOS | 2.0.0 - 2.0.4 \n1.0.5 - 1.0.6 | 2.0.5 \n| VPN \nBIG-IP Edge Clients for Linux \n| 6035.x - 7110.x | 7120.x \n| VPN \n \nBIG-IP Edge Clients for MAC OS X | 6035.x - 7110.x | 7120.x | VPN \nBIG-IP Edge Clients for Windows | 6035.x - 7110.x | 7120.x | VPN \nBIG-IP Edge Clients Windows Phone 8.1 | 1.0.0.x | None \n| VPN \nBIG-IP Edge Portal for Android | None | 1.0.0 - 1.0.2 | Not vulnerable \nBIG-IP Edge Portal for Apple iOS | None | 1.0.0 - 1.0.3 | Not vulnerable\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability, navigate to the respective product: \n\n\n * [BIG-IP products \n](<https://support.f5.com/csp/article/K16136#bigip>)\n * [Traffix \n](<https://support.f5.com/csp/article/K16136#traffix>)\n * [LineRate](<https://support.f5.com/csp/article/K16136#linerate>)\n\n**BIG-IP products** \n\n\nTo mitigate this vulnerability, you can discontinue the use of **X509::hash** and use another mechanism for blacklisting. \n\n\n**Traffix products \n**\n\nTo mitigate this vulnerability, you can upgrade with the Traffix package for January 2015 which contains **openssl-1.0.1e-30**. For more information, refer to the F5 Traffix representative for your region. \n\n\n**LineRate**\n\nNone \n\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "published": "2015-02-13T00:20:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://support.f5.com/csp/article/K16136", "cvelist": ["CVE-2014-8275"], "lastseen": "2017-06-08T00:16:26"}], "openssl": [{"id": "OPENSSL:CVE-2014-8275", "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2014-8275)", "description": "OpenSSL accepts several non-DER-variations of certificate signature algorithm and signature encodings. OpenSSL also does not enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. By modifying the contents of the signature algorithm or the encoding of the signature, it is possible to change the certificate's fingerprint. This does not allow an attacker to forge certificates, and does not affect certificate verification or OpenSSL servers/clients in any other way. It also does not affect common revocation mechanisms. Only custom applications that rely on the uniqueness of the fingerprint (e.g. certificate blacklists) may be affected. Reported by Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program/Konrad Kraszewski from Google.", "published": "2015-01-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.openssl.org/news/vulnerabilities.html", "cvelist": ["CVE-2014-8275"], "lastseen": "2016-09-26T17:22:34"}], "nessus": [{"id": "SUSE_11_COMPAT-OPENSSL097G-150122.NASL", "type": "nessus", "title": "SuSE 11.3 Security Update : compat-openssl097g (SAT Patch Number 10208)", "description": "OpenSSL (compat-openssl097g) has been updated to fix various security issues.\n\nMore information can be found in the openssl advisory:\nhttp://openssl.org/news/secadv_20150108.txt .\n\nThe following issues have been fixed :\n\n - Bignum squaring (BN_sqr) may have produced incorrect results on some platforms, including x86_64.\n (bsc#912296). (CVE-2014-3570)\n\n - Don't accept a handshake using an ephemeral ECDH ciphersuites with the server key exchange message omitted. (bsc#912015). (CVE-2014-3572)\n\n - Fixed various certificate fingerprint issues.\n (bsc#912018). (CVE-2014-8275)\n\n - Only allow ephemeral RSA keys in export ciphersuites.\n (bsc#912014). (CVE-2015-0204)\n\n - A fix was added to prevent use of DH client certificates without sending certificate verify message. Note that compat-openssl097g is not affected by this problem, a fix was however applied to the sources. (bsc#912293).\n (CVE-2015-0205)", "published": "2015-02-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=81120", "cvelist": ["CVE-2014-3572", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205"], "lastseen": "2017-10-29T13:45:32"}, {"id": "ORACLEVM_OVMSA-2015-0030.NASL", "type": "nessus", "title": "OracleVM 2.2 : openssl (OVMSA-2015-0030) (FREAK)", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - Backport openssl 08-Jan-2015 security fixes (John Haxby) [orabug 20409893]\n\n - fix CVE-2014-3570 - Bignum squaring may produce incorrect results\n\n - fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record\n\n - fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]\n\n - fix CVE-2014-8275 - Certificate fingerprints can be modified\n\n - fix CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA [Client]\n\n - properly lock X509_STORE accesses (#1168938)", "published": "2015-03-18T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=81903", "cvelist": ["CVE-2014-3572", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204"], "lastseen": "2017-10-29T13:39:58"}, {"id": "MACOSX_CISCO_ANYCONNECT_3_1_7021.NASL", "type": "nessus", "title": "Mac OS X : Cisco AnyConnect Secure Mobility Client < 3.1(7021) <= 4.0(48) Multiple Vulnerabilities (FREAK)", "description": "The remote Mac OS X host has a version of Cisco AnyConnect Secure Mobility Client installed that is prior to 3.1.7021.0, or else it is a version equal or prior to 4.0.0048.0. It is, therefore, affected by multiple vulnerabilities in the OpenSSL library :\n\n - The BIGNUM squaring (BN_sqr) implementation does not properly calculate the square of a BIGNUM value. This allows remote attackers to defeat cryptographic protection mechanisms. (CVE-2014-3570)\n\n - A NULL pointer dereference flaw exists with dtls1_get_record when handling DTLS messages. A remote attacker, using a specially crafted DTLS message, can cause a denial of service. (CVE-2014-3571)\n\n - A flaw exists when accepting non-DER variations of certificate signature algorithms and signature encodings due to a lack of enforcement of matches between signed and unsigned portions. A remote attacker, by including crafted data within a certificate's unsigned portion, can bypass fingerprint-based certificate-blacklist protection mechanisms. (CVE-2014-8275)\n\n - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204)\n\n - A memory leak occurs in dtls1_buffer_record when handling a saturation of DTLS records containing the same number sequence but for the next epoch. This allows a remote attacker to cause a denial of service.\n (CVE-2015-0206)", "published": "2015-03-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82271", "cvelist": ["CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204"], "lastseen": "2018-07-15T03:44:47"}, {"id": "FEDORA_2015-0601.NASL", "type": "nessus", "title": "Fedora 20 : openssl-1.0.1e-41.fc20 (2015-0601)", "description": "Multiple low and moderate impact security issues fixed.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-01-21T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80874", "cvelist": ["CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0205"], "lastseen": "2017-10-29T13:36:43"}, {"id": "DEBIAN_DLA-132.NASL", "type": "nessus", "title": "Debian DLA-132-1 : openssl security update (FREAK)", "description": "Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues :\n\nCVE-2014-3570\n\nPieter Wuille of Blockstream reported that the bignum squaring (BN_sqr) may produce incorrect results on some platforms, which might make it easier for remote attackers to defeat cryptographic protection mechanisms.\n\nCVE-2014-3571\n\nMarkus Stenberg of Cisco Systems, Inc. reported that a carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. A remote attacker could use this flaw to mount a denial of service attack.\n\nCVE-2014-3572\n\nKarthikeyan Bhargavan of the PROSECCO team at INRIA reported that an OpenSSL client would accept a handshake using an ephemeral ECDH ciphersuite if the server key exchange message is omitted. This allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy.\n\nCVE-2014-8275\n\nAntti Karjalainen and Tuomo Untinen of the Codenomicon CROSS project and Konrad Kraszewski of Google reported various certificate fingerprint issues, which allow remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism.\n\nCVE-2015-0204\n\nKarthikeyan Bhargavan of the PROSECCO team at INRIA reported that an OpenSSL client will accept the use of an ephemeral RSA key in a non-export RSA key exchange ciphersuite, violating the TLS standard.\nThis allows remote SSL servers to downgrade the security of the session.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-03-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82115", "cvelist": ["CVE-2014-3572", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204"], "lastseen": "2018-07-07T01:38:14"}, {"id": "ORACLEVM_OVMSA-2015-0029.NASL", "type": "nessus", "title": "OracleVM 3.2 : openssl (OVMSA-2015-0029) (FREAK)", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - Backport openssl 08-Jan-2015 security fixes (John Haxby) [orabug 20409893]\n\n - fix CVE-2014-3570 - Bignum squaring may produce incorrect results\n\n - fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record\n\n - fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]\n\n - fix CVE-2014-8275 - Certificate fingerprints can be modified\n\n - fix CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA [Client]\n\n - properly lock X509_STORE accesses (#1168938)", "published": "2015-03-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=81726", "cvelist": ["CVE-2014-3572", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204"], "lastseen": "2017-10-29T13:37:37"}, {"id": "CISCO_ANYCONNECT_3_1_7021.NASL", "type": "nessus", "title": "Cisco AnyConnect Secure Mobility Client < 3.1(7021) / <= 4.0(48) Multiple Vulnerabilities (FREAK)", "description": "The remote host has a version of Cisco AnyConnect Secure Mobility Client installed that is prior to 3.1.7021.0, or else it is a version equal or prior to 4.0.0048.0. It is, therefore, affected by multiple vulnerabilities in the OpenSSL library :\n\n - The BIGNUM squaring (BN_sqr) implementation does not properly calculate the square of a BIGNUM value. This allows remote attackers to defeat cryptographic protection mechanisms. (CVE-2014-3570)\n\n - A NULL pointer dereference flaw exists with dtls1_get_record when handling DTLS messages. A remote attacker, using a specially crafted DTLS message, can cause a denial of service. (CVE-2014-3571)\n\n - A flaw exists when accepting non-DER variations of certificate signature algorithms and signature encodings due to a lack of enforcement of matches between signed and unsigned portions. A remote attacker, by including crafted data within a certificate's unsigned portion, can bypass fingerprint-based certificate-blacklist protection mechanisms. (CVE-2014-8275)\n\n - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204)\n\n - A memory leak occurs in dtls1_buffer_record when handling a saturation of DTLS records containing the same number sequence but for the next epoch. This allows a remote attacker to cause a denial of service.\n (CVE-2015-0206)", "published": "2015-03-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82270", "cvelist": ["CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204"], "lastseen": "2018-07-07T02:10:32"}, {"id": "JUNIPER_NSM_JSA10679.NASL", "type": "nessus", "title": "Juniper NSM < 2012.2R11 Multiple OpenSSL Vulnerabilities (JSA10679) (FREAK)", "description": "The remote host is running a version of NSM (Network and Security Manager) Server that is prior to 2012.2R11. It is, therefore, affected by multiple vulnerabilities related to OpenSSL :\n\n - A NULL pointer dereference flaw exists when the SSLv3 option isn't enabled and an SSLv3 ClientHello is received. This allows a remote attacker, using an unexpected handshake, to crash the daemon, resulting in a denial of service. (CVE-2014-3569)\n\n - The BIGNUM squaring (BN_sqr) implementation does not properly calculate the square of a BIGNUM value. This allows remote attackers to defeat cryptographic protection mechanisms. (CVE-2014-3570)\n\n - A flaw exists with ECDH handshakes when using an ECDSA certificate without a ServerKeyExchange message. This allows a remote attacker to trigger a loss of forward secrecy from the ciphersuite. (CVE-2014-3572)\n\n - A flaw exists when accepting non-DER variations of certificate signature algorithms and signature encodings due to a lack of enforcement of matches between signed and unsigned portions. A remote attacker, by including crafted data within a certificate's unsigned portion, can bypass fingerprint-based certificate-blacklist protection mechanisms. (CVE-2014-8275)\n\n - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204)\n\n - A flaw exists when accepting DH certificates for client authentication without the CertificateVerify message.\n This allows a remote attacker to authenticate to the service without a private key. (CVE-2015-0205)", "published": "2015-04-21T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82913", "cvelist": ["CVE-2014-3572", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2018-07-13T09:46:37"}, {"id": "OPENSSL_0_9_8ZD.NASL", "type": "nessus", "title": "OpenSSL 0.9.8 < 0.9.8zd Multiple Vulnerabilities (FREAK)", "description": "According to its banner, the remote web server uses a version of OpenSSL 0.9.8 prior to 0.9.8zd. The OpenSSL library is, therefore, affected by the following vulnerabilities :\n\n - A NULL pointer dereference flaw exists when the SSLv3 option isn't enabled and an SSLv3 ClientHello is received. This allows a remote attacker, using an unexpected handshake, to crash the daemon, resulting in a denial of service. (CVE-2014-3569)\n\n - The BIGNUM squaring (BN_sqr) implementation does not properly calculate the square of a BIGNUM value. This allows remote attackers to defeat cryptographic protection mechanisms. (CVE-2014-3570)\n\n - A NULL pointer dereference flaw exists with dtls1_get_record() when handling DTLS messages. A remote attacker, using a specially crafted DTLS message, can cause a denial of service. (CVE-2014-3571)\n\n - A flaw exists with ECDH handshakes when using an ECDSA certificate without a ServerKeyExchange message. This allows a remote attacker to trigger a loss of forward secrecy from the ciphersuite. (CVE-2014-3572)\n\n - A flaw exists when accepting non-DER variations of certificate signature algorithms and signature encodings due to a lack of enforcement of matches between signed and unsigned portions. A remote attacker, by including crafted data within a certificate's unsigned portion, can bypass fingerprint-based certificate-blacklist protection mechanisms. (CVE-2014-8275)\n\n - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204)", "published": "2015-01-16T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80566", "cvelist": ["CVE-2014-3572", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2014-3569"], "lastseen": "2018-07-18T14:23:00"}, {"id": "SUSE_11_LIBOPENSSL-DEVEL-150112.NASL", "type": "nessus", "title": "SuSE 11.3 Security Update : OpenSSL (SAT Patch Number 10150)", "description": "OpenSSL has been updated to fix various security issues.\n\nMore information can be found in the OpenSSL advisory:\nhttp://openssl.org/news/secadv_20150108.txt .\n\nThe following issues have been fixed :\n\n - Bignum squaring (BN_sqr) may produce incorrect results on some platforms, including x86_64. (bsc#912296).\n (CVE-2014-3570)\n\n - Fix crash in dtls1_get_record whilst in the listen state where you get two separate reads performed - one for the header and one for the body of the handshake record.\n (bsc#912294). (CVE-2014-3571)\n\n - Don't accept a handshake using an ephemeral ECDH ciphersuites with the server key exchange message omitted. (bsc#912015). (CVE-2014-3572)\n\n - Fix various certificate fingerprint issues.\n (bsc#912018). (CVE-2014-8275)\n\n - Only allow ephemeral RSA keys in export ciphersuites.\n (bsc#912014). (CVE-2015-0204)\n\n - OpenSSL 0.9.8j is NOT vulnerable to CVE-2015-0205 as it doesn't support DH certificates and this typo prohibits skipping of certificate verify message for sign only certificates anyway. (bsc#912293). (CVE-2015-0205)", "published": "2015-02-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=81124", "cvelist": ["CVE-2014-3572", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205"], "lastseen": "2017-10-29T13:34:22"}], "debian": [{"id": "DLA-132", "type": "debian", "title": "openssl -- LTS security update", "description": "Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues:\n\n * [CVE-2014-3570](<https://security-tracker.debian.org/tracker/CVE-2014-3570>)\n\nPieter Wuille of Blockstream reported that the bignum squaring (BN_sqr) may produce incorrect results on some platforms, which might make it easier for remote attackers to defeat cryptographic protection mechanisms.\n\n * [CVE-2014-3571](<https://security-tracker.debian.org/tracker/CVE-2014-3571>)\n\nMarkus Stenberg of Cisco Systems, Inc. reported that a carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. A remote attacker could use this flaw to mount a denial of service attack.\n\n * [CVE-2014-3572](<https://security-tracker.debian.org/tracker/CVE-2014-3572>)\n\nKarthikeyan Bhargavan of the PROSECCO team at INRIA reported that an OpenSSL client would accept a handshake using an ephemeral ECDH ciphersuite if the server key exchange message is omitted. This allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy.\n\n * [CVE-2014-8275](<https://security-tracker.debian.org/tracker/CVE-2014-8275>)\n\nAntti Karjalainen and Tuomo Untinen of the Codenomicon CROSS project and Konrad Kraszewski of Google reported various certificate fingerprint issues, which allow remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism.\n\n * [CVE-2015-0204](<https://security-tracker.debian.org/tracker/CVE-2015-0204>)\n\nKarthikeyan Bhargavan of the PROSECCO team at INRIA reported that an OpenSSL client will accept the use of an ephemeral RSA key in a non-export RSA key exchange ciphersuite, violating the TLS standard. This allows remote SSL servers to downgrade the security of the session.\n\nFor Debian 6 Squeeze, these issues have been fixed in openssl version 0.9.8o-4squeeze19", "published": "2015-01-11T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://www.debian.org/security/2015/dla-132", "cvelist": ["CVE-2014-3572", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204"], "lastseen": "2016-09-02T12:56:37"}, {"id": "DSA-3125", "type": "debian", "title": "openssl -- security update", "description": "Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues:\n\n * [CVE-2014-3569](<https://security-tracker.debian.org/tracker/CVE-2014-3569>)\n\nFrank Schmirler reported that the ssl23_get_client_hello function in OpenSSL does not properly handle attempts to use unsupported protocols. When OpenSSL is built with the no-ssl3 option and a SSL v3 ClientHello is received, the ssl method would be set to NULL which could later result in a NULL pointer dereference and daemon crash.\n\n * [CVE-2014-3570](<https://security-tracker.debian.org/tracker/CVE-2014-3570>)\n\nPieter Wuille of Blockstream reported that the bignum squaring (BN_sqr) may produce incorrect results on some platforms, which might make it easier for remote attackers to defeat cryptographic protection mechanisms.\n\n * [CVE-2014-3571](<https://security-tracker.debian.org/tracker/CVE-2014-3571>)\n\nMarkus Stenberg of Cisco Systems, Inc. reported that a carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. A remote attacker could use this flaw to mount a denial of service attack.\n\n * [CVE-2014-3572](<https://security-tracker.debian.org/tracker/CVE-2014-3572>)\n\nKarthikeyan Bhargavan of the PROSECCO team at INRIA reported that an OpenSSL client would accept a handshake using an ephemeral ECDH ciphersuite if the server key exchange message is omitted. This allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy.\n\n * [CVE-2014-8275](<https://security-tracker.debian.org/tracker/CVE-2014-8275>)\n\nAntti Karjalainen and Tuomo Untinen of the Codenomicon CROSS project and Konrad Kraszewski of Google reported various certificate fingerprint issues, which allow remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism.\n\n * [CVE-2015-0204](<https://security-tracker.debian.org/tracker/CVE-2015-0204>)\n\nKarthikeyan Bhargavan of the PROSECCO team at INRIA reported that an OpenSSL client will accept the use of an ephemeral RSA key in a non-export RSA key exchange ciphersuite, violating the TLS standard. This allows remote SSL servers to downgrade the security of the session.\n\n * [CVE-2015-0205](<https://security-tracker.debian.org/tracker/CVE-2015-0205>)\n\nKarthikeyan Bhargavan of the PROSECCO team at INRIA reported that an OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. This flaw effectively allows a client to authenticate without the use of a private key via crafted TLS handshake protocol traffic to a server that recognizes a certification authority with DH support.\n\n * [CVE-2015-0206](<https://security-tracker.debian.org/tracker/CVE-2015-0206>)\n\nChris Mueller discovered a memory leak in the dtls1_buffer_record function. A remote attacker could exploit this flaw to mount a denial of service through memory exhaustion by repeatedly sending specially crafted DTLS records.\n\nFor the stable distribution (wheezy), these problems have been fixed in version 1.0.1e-2+deb7u14.\n\nFor the upcoming stable distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in version 1.0.1k-1.\n\nWe recommend that you upgrade your openssl packages.", "published": "2015-01-11T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://www.debian.org/security/dsa-3125", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2018-07-05T01:15:00"}], "oraclelinux": [{"id": "ELSA-2015-3010", "type": "oraclelinux", "title": "openssl security update", "description": "[0.9.8e-32.0.1]\n- Backport openssl 08-Jan-2015 security fixes (John Haxby) [orabug 20409893]\n- fix CVE-2014-3570 - Bignum squaring may produce incorrect results\n- fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record\n- fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]\n- fix CVE-2014-8275 - Certificate fingerprints can be modified\n- fix CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA [Client]", "published": "2015-02-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-3010.html", "cvelist": ["CVE-2014-3572", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204"], "lastseen": "2016-09-04T11:16:08"}, {"id": "ELSA-2015-0066", "type": "oraclelinux", "title": "openssl security update", "description": "[1.0.1e-34.7]\n- fix CVE-2014-3570 - incorrect computation in BN_sqr()\n- fix CVE-2014-3571 - possible crash in dtls1_get_record()\n- fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state\n- fix CVE-2014-8275 - various certificate fingerprint issues\n- fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export\n ciphersuites and on server\n- fix CVE-2015-0205 - do not allow unauthenticated client DH certificate\n- fix CVE-2015-0206 - possible memory leak when buffering DTLS records", "published": "2015-01-20T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-0066.html", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205"], "lastseen": "2016-09-04T11:16:42"}, {"id": "ELSA-2015-0800", "type": "oraclelinux", "title": "openssl security update", "description": "[0.9.8e-33]\n- fix CVE-2014-8275 (without introduction of CVE-2015-0286) - various\n certificate fingerprint issues\n- fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export\n ciphersuites and on server\n- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption\n- fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference\n- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data\n- fix CVE-2015-0292 - integer underflow in base64 decoder\n- fix CVE-2015-0293 - triggerable assert in SSLv2 server", "published": "2015-04-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-0800.html", "cvelist": ["CVE-2015-0286", "CVE-2015-0288", "CVE-2014-8275", "CVE-2015-0293", "CVE-2015-0204", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-0292"], "lastseen": "2016-09-04T11:16:20"}, {"id": "ELSA-2016-3621", "type": "oraclelinux", "title": "openssl security update", "description": "[1.0.1e-48.3]\n- fix CVE-2016-2177 - possible integer overflow\n- fix CVE-2016-2178 - non-constant time DSA operations\n- fix CVE-2016-2179 - further DoS issues in DTLS\n- fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio()\n- fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue\n- fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec()\n- fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check\n- fix CVE-2016-6304 - unbound memory growth with OCSP status request\n- fix CVE-2016-6306 - certificate message OOB reads\n- mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to\n 112 bit effective strength\n- replace expired testing certificates\n[1.0.1e-48.1]\n- fix CVE-2016-2105 - possible overflow in base64 encoding\n- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()\n- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC\n- fix CVE-2016-2108 - memory corruption in ASN.1 encoder\n- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO\n- fix CVE-2016-0799 - memory issues in BIO_printf\n[1.0.1e-48]\n- fix CVE-2016-0702 - side channel attack on modular exponentiation\n- fix CVE-2016-0705 - double-free in DSA private key parsing\n- fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn\n[1.0.1e-47]\n- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement\n- disable SSLv2 in the generic TLS method\n[1.0.1e-46]\n- fix 1-byte memory leak in pkcs12 parse (#1229871)\n- document some options of the speed command (#1197095)\n[1.0.1e-45]\n- fix high-precision timestamps in timestamping authority\n[1.0.1e-44]\n- fix CVE-2015-7575 - disallow use of MD5 in TLS1.2\n[1.0.1e-43]\n- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter\n- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak\n- fix CVE-2015-3196 - race condition when handling PSK identity hint\n[1.0.1e-42]\n- fix regression caused by mistake in fix for CVE-2015-1791\n[1.0.1e-41]\n- improved fix for CVE-2015-1791\n- add missing parts of CVE-2015-0209 fix for corectness although unexploitable\n[1.0.1e-40]\n- fix CVE-2014-8176 - invalid free in DTLS buffering code\n- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time\n- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent\n- fix CVE-2015-1791 - race condition handling NewSessionTicket\n- fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function\n[1.0.1e-39]\n- fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on\n read in multithreaded applications\n[1.0.1e-38]\n- fix CVE-2015-4000 - prevent the logjam attack on client - restrict\n the DH key size to at least 768 bits (limit will be increased in future)\n[1.0.1e-37]\n- drop the AES-GCM restriction of 2^32 operations because the IV is\n always 96 bits (32 bit fixed field + 64 bit invocation field)\n[1.0.1e-36]\n- update fix for CVE-2015-0287 to what was released upstream\n[1.0.1e-35]\n- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()\n- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison\n- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption\n- fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference\n- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data\n- fix CVE-2015-0292 - integer underflow in base64 decoder\n- fix CVE-2015-0293 - triggerable assert in SSLv2 server\n[1.0.1e-34]\n- copy digest algorithm when handling SNI context switch\n- improve documentation of ciphersuites - patch by Hubert Kario\n- add support for setting Kerberos service and keytab in\n s_server and s_client\n[1.0.1e-33]\n- fix CVE-2014-3570 - incorrect computation in BN_sqr()\n- fix CVE-2014-3571 - possible crash in dtls1_get_record()\n- fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state\n- fix CVE-2014-8275 - various certificate fingerprint issues\n- fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export\n ciphersuites and on server\n- fix CVE-2015-0205 - do not allow unauthenticated client DH certificate\n- fix CVE-2015-0206 - possible memory leak when buffering DTLS records\n[1.0.1e-32]\n- use FIPS approved method for computation of d in RSA\n[1.0.1e-31]\n- fix CVE-2014-3567 - memory leak when handling session tickets\n- fix CVE-2014-3513 - memory leak in srtp support\n- add support for fallback SCSV to partially mitigate CVE-2014-3566\n (padding attack on SSL3)\n[1.0.1e-30]\n- add ECC TLS extensions to DTLS (#1119800)\n[1.0.1e-29]\n- fix CVE-2014-3505 - doublefree in DTLS packet processing\n- fix CVE-2014-3506 - avoid memory exhaustion in DTLS\n- fix CVE-2014-3507 - avoid memory leak in DTLS\n- fix CVE-2014-3508 - fix OID handling to avoid information leak\n- fix CVE-2014-3509 - fix race condition when parsing server hello\n- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS\n- fix CVE-2014-3511 - disallow protocol downgrade via fragmentation\n[1.0.1e-28]\n- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support\n[1.0.1e-26]\n- drop EXPORT, RC2, and DES from the default cipher list (#1057520)\n- print ephemeral key size negotiated in TLS handshake (#1057715)\n- do not include ECC ciphersuites in SSLv2 client hello (#1090952)\n- properly detect encryption failure in BIO (#1100819)\n- fail on hmac integrity check if the .hmac file is empty (#1105567)\n- FIPS mode: make the limitations on DSA, DH, and RSA keygen\n length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment\n variable is set\n[1.0.1e-25]\n- fix CVE-2010-5298 - possible use of memory after free\n- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment\n- fix CVE-2014-0198 - possible NULL pointer dereference\n- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet\n- fix CVE-2014-0224 - SSL/TLS MITM vulnerability\n- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH\n[1.0.1e-24]\n- add back support for secp521r1 EC curve\n[1.0.1e-23]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension\n[1.0.1e-22]\n- use 2048 bit RSA key in FIPS selftests\n[1.0.1e-21]\n- add DH_compute_key_padded needed for FIPS CAVS testing\n- make 3des strength to be 128 bits instead of 168 (#1056616)\n- FIPS mode: do not generate DSA keys and DH parameters < 2048 bits\n- FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys)\n- FIPS mode: add DH selftest\n- FIPS mode: reseed DRBG properly on RAND_add()\n- FIPS mode: add RSA encrypt/decrypt selftest\n- FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key\n- use the key length from configuration file if req -newkey rsa is invoked\n[1.0.1e-20]\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n[1.0.1e-19]\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n[1.0.1e-18]\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n[1.0.1e-17]\n- add back some no-op symbols that were inadvertently dropped\n[1.0.1e-16]\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1e-15]\n- make DTLS1 work in FIPS mode\n- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode\n[1.0.1e-14]\n- installation of dracut-fips marks that the FIPS module is installed\n[1.0.1e-13]\n- avoid dlopening libssl.so from libcrypto\n[1.0.1e-12]\n- fix small memory leak in FIPS aes selftest\n- fix segfault in openssl speed hmac in the FIPS mode\n[1.0.1e-11]\n- document the nextprotoneg option in manual pages\n original patch by Hubert Kario\n[1.0.1e-9]\n- always perform the FIPS selftests in library constructor\n if FIPS module is installed\n[1.0.1e-8]\n- fix use of rdrand if available\n- more commits cherry picked from upstream\n- documentation fixes\n[1.0.1e-7]\n- additional manual page fix\n- use symbol versioning also for the textual version\n[1.0.1e-6]\n- additional manual page fixes\n- cleanup speed command output for ECDH ECDSA\n[1.0.1e-5]\n- use _prefix macro\n[1.0.1e-4]\n- add relro linking flag\n[1.0.1e-2]\n- add support for the -trusted_first option for certificate chain verification\n[1.0.1e-1]\n- rebase to the 1.0.1e upstream version\n[1.0.0-28]\n- fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n- enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB\n environment variable is set (fixes CVE-2012-4929 #857051)\n- use __secure_getenv() everywhere instead of getenv() (#839735)\n[1.0.0-27]\n- fix sslrand(1) and sslpasswd(1) reference in openssl(1) manpage (#841645)\n- drop superfluous lib64 fixup in pkgconfig .pc files (#770872)\n- force BIO_accept_new(*:\n) to listen on IPv4\n[1.0.0-26]\n- use PKCS#8 when writing private keys in FIPS mode as the old\n PEM encryption mode is not FIPS compatible (#812348)\n[1.0.0-25]\n- fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686)\n- properly initialize tkeylen in the CVE-2012-0884 fix\n[1.0.0-24]\n- fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185)\n[1.0.0-23]\n- fix problem with the SGC restart patch that might terminate handshake\n incorrectly\n- fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725)\n- fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489)\n[1.0.0-22]\n- fix incorrect encryption of unaligned chunks in CFB, OFB and CTR modes\n[1.0.0-21]\n- fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery\n vulnerability and additional DTLS fixes (#771770)\n- fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775)\n- fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778)\n- fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n[1.0.0-20]\n- fix x86cpuid.pl - patch by Paolo Bonzini\n[1.0.0-19]\n- add known answer test for SHA2 algorithms\n[1.0.0-18]\n- fix missing initialization of a variable in the CHIL engine (#740188)\n[1.0.0-17]\n- initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207\n (#736087)\n[1.0.0-16]\n- merge the optimizations for AES-NI, SHA1, and RC4 from the intelx\n engine to the internal implementations\n[1.0.0-15]\n- better documentation of the available digests in apps (#693858)\n- backported CHIL engine fixes (#693863)\n- allow testing build without downstream patches (#708511)\n- enable partial RELRO when linking (#723994)\n- add intelx engine with improved performance on new Intel CPUs\n- add OPENSSL_DISABLE_AES_NI environment variable which disables\n the AES-NI support (does not affect the intelx engine)\n[1.0.0-14]\n- use the AES-NI engine in the FIPS mode\n[1.0.0-11]\n- add API necessary for CAVS testing of the new DSA parameter generation\n[1.0.0-10]\n- fix OCSP stapling vulnerability - CVE-2011-0014 (#676063)\n- correct the README.FIPS document", "published": "2016-09-27T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-3621.html", "cvelist": ["CVE-2015-4000", "CVE-2013-0166", "CVE-2014-3505", "CVE-2012-2333", "CVE-2014-3508", "CVE-2015-1792", "CVE-2014-3566", "CVE-2015-3197", "CVE-2011-4108", "CVE-2014-3572", "CVE-2016-6306", "CVE-2016-0705", "CVE-2015-0206", "CVE-2015-1789", "CVE-2016-2183", "CVE-2013-0169", "CVE-2015-0286", "CVE-2013-6449", "CVE-2016-2178", "CVE-2014-3507", "CVE-2015-3195", "CVE-2016-2108", "CVE-2011-4576", "CVE-2014-3571", "CVE-2016-0799", "CVE-2016-6302", "CVE-2014-3513", "CVE-2016-2177", "CVE-2015-0288", "CVE-2012-1165", "CVE-2011-4577", "CVE-2014-0224", "CVE-2016-2105", "CVE-2015-3194", "CVE-2016-2107", "CVE-2011-4619", "CVE-2014-3511", "CVE-2011-0014", "CVE-2014-8275", "CVE-2016-2180", "CVE-2016-0797", "CVE-2016-0702", "CVE-2014-3570", "CVE-2015-7575", "CVE-2015-3196", "CVE-2014-3470", "CVE-2014-3506", "CVE-2016-2109", "CVE-2012-4929", "CVE-2016-2181", "CVE-2016-6304", "CVE-2013-6450", "CVE-2012-0050", "CVE-2015-0293", "CVE-2010-5298", "CVE-2014-0160", "CVE-2014-8176", "CVE-2013-4353", "CVE-2014-0195", "CVE-2014-0198", "CVE-2015-0209", "CVE-2014-3567", "CVE-2015-0204", "CVE-2012-2110", "CVE-2012-0884", "CVE-2015-1790", "CVE-2014-3510", "CVE-2016-2182", "CVE-2015-0287", "CVE-2011-3207", "CVE-2015-0289", "CVE-2015-3216", "CVE-2015-0292", "CVE-2015-0205", "CVE-2016-2179", "CVE-2016-2106", "CVE-2014-3509", "CVE-2015-1791", "CVE-2014-0221"], "lastseen": "2017-02-06T15:00:41"}], "openvas": [{"id": "OPENVAS:1361412562310123178", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-3010", "description": "Oracle Linux Local Security Checks ELSA-2015-3010", "published": "2015-10-06T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123178", "cvelist": ["CVE-2014-3572", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204"], "lastseen": "2017-07-24T12:53:34"}, {"id": "OPENVAS:1361412562310882095", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:0066 centos7 ", "description": "Check the version of openssl", "published": "2015-01-23T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882095", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205"], "lastseen": "2017-07-25T10:53:25"}, {"id": "OPENVAS:1361412562310882163", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:0800 centos5 ", "description": "Check the version of openssl", "published": "2015-04-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882163", "cvelist": ["CVE-2015-0288", "CVE-2014-8275", "CVE-2015-0293", "CVE-2015-0204", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-0292"], "lastseen": "2017-07-25T10:53:23"}, {"id": "OPENVAS:1361412562310123135", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-0800", "description": "Oracle Linux Local Security Checks ELSA-2015-0800", "published": "2015-10-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123135", "cvelist": ["CVE-2015-0286", "CVE-2015-0288", "CVE-2014-8275", "CVE-2015-0293", "CVE-2015-0204", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-0292"], "lastseen": "2017-07-24T12:53:48"}, {"id": "OPENVAS:1361412562310871300", "type": "openvas", "title": "RedHat Update for openssl RHSA-2015:0066-01", "description": "Check the version of openssl", "published": "2015-01-23T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871300", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205"], "lastseen": "2017-07-27T10:52:49"}, {"id": "OPENVAS:1361412562310120456", "type": "openvas", "title": "Amazon Linux Local Check: ALAS-2015-469", "description": "Amazon Linux Local Security Checks", "published": "2015-09-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120456", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2014-3568", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2017-07-24T12:52:30"}, {"id": "OPENVAS:1361412562310871353", "type": "openvas", "title": "RedHat Update for openssl RHSA-2015:0800-01", "description": "Check the version of openssl", "published": "2015-04-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871353", "cvelist": ["CVE-2015-0288", "CVE-2014-8275", "CVE-2015-0293", "CVE-2015-0204", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-0292"], "lastseen": "2017-07-27T10:53:29"}, {"id": "OPENVAS:1361412562310882101", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:0066 centos6 ", "description": "Check the version of openssl", "published": "2015-01-23T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882101", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205"], "lastseen": "2017-07-25T10:53:33"}, {"id": "OPENVAS:1361412562310850630", "type": "openvas", "title": "SuSE Update for openssl openSUSE-SU-2015:0130-1 (openssl)", "description": "Check the version of openssl", "published": "2015-01-24T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850630", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2017-12-12T11:15:23"}, {"id": "OPENVAS:1361412562310703125", "type": "openvas", "title": "Debian Security Advisory DSA 3125-1 (openssl - security update)", "description": "Multiple vulnerabilities have been\ndiscovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities\nand Exposures project identifies the following issues:\n\nCVE-2014-3569\nFrank Schmirler reported that the ssl23_get_client_hello function in\nOpenSSL does not properly handle attempts to use unsupported\nprotocols. When OpenSSL is built with the no-ssl3 option and a SSL\nv3 ClientHello is received, the ssl method would be set to NULL which\ncould later result in a NULL pointer dereference and daemon crash.\n\nCVE-2014-3570\nPieter Wuille of Blockstream reported that the bignum squaring\n(BN_sqr) may produce incorrect results on some platforms, which\nmight make it easier for remote attackers to defeat cryptographic\nprotection mechanisms.\n\nCVE-2014-3571\nMarkus Stenberg of Cisco Systems, Inc. reported that a carefully\ncrafted DTLS message can cause a segmentation fault in OpenSSL due\nto a NULL pointer dereference. A remote attacker could use this flaw\nto mount a denial of service attack.\n\nCVE-2014-3572\nKarthikeyan Bhargavan of the PROSECCO team at INRIA reported that an\nOpenSSL client would accept a handshake using an ephemeral ECDH\nciphersuite if the server key exchange message is omitted. This\nallows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks\nand trigger a loss of forward secrecy.\n\nCVE-2014-8275\nAntti Karjalainen and Tuomo Untinen of the Codenomicon CROSS project\nand Konrad Kraszewski of Google reported various certificate\nfingerprint issues, which allow remote attackers to defeat a\nfingerprint-based certificate-blacklist protection mechanism.\n\nCVE-2015-0204\nKarthikeyan Bhargavan of the PROSECCO team at INRIA reported that\nan OpenSSL client will accept the use of an ephemeral RSA key in a\nnon-export RSA key exchange ciphersuite, violating the TLS\nstandard. This allows remote SSL servers to downgrade the security\nof the session.\n\nCVE-2015-0205\nKarthikeyan Bhargavan of the PROSECCO team at INRIA reported that an\nOpenSSL server will accept a DH certificate for client\nauthentication without the certificate verify message. This flaw\neffectively allows a client to authenticate without the use of a\nprivate key via crafted TLS handshake protocol traffic to a server\nthat recognizes a certification authority with DH support.\n\nCVE-2015-0206\nChris Mueller discovered a memory leak in the dtls1_buffer_record\nfunction. A remote attacker could exploit this flaw to mount a\ndenial of service through memory exhaustion by repeatedly sending\nspecially crafted DTLS records.", "published": "2015-01-11T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703125", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2018-04-06T11:25:22"}], "freebsd": [{"id": "4E536C14-9791-11E4-977D-D050992ECDE8", "type": "freebsd", "title": "OpenSSL -- multiple vulnerabilities", "description": "\nOpenSSL project reports:\n\nDTLS segmentation fault in dtls1_get_record (CVE-2014-3571)\nDTLS memory leak in dtls1_buffer_record (CVE-2015-0206)\nno-ssl3 configuration sets method to NULL (CVE-2014-3569)\nECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)\nRSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)\nDH client certificates accepted without verification [Server] (CVE-2015-0205)\nCertificate fingerprints can be modified (CVE-2014-8275)\nBignum squaring may produce incorrect results (CVE-2014-3570)\n\n", "published": "2015-01-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://vuxml.freebsd.org/freebsd/4e536c14-9791-11e4-977d-d050992ecde8.html", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2016-09-26T17:24:21"}], "amazon": [{"id": "ALAS-2015-469", "type": "amazon", "title": "Medium: openssl", "description": "**Issue Overview:**\n\nOpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c.\n\nThe BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.\n\nThe ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message.\n\nThe ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the [CVE-2014-3568 __](<https://access.redhat.com/security/cve/CVE-2014-3568>) fix.\n\nOpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c.\n\nThe ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support.\n\nThe ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role.\n\nMemory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection.\n\n \n**Affected Packages:** \n\n\nopenssl\n\n \n**Issue Correction:** \nRun _yum update openssl_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n openssl-debuginfo-1.0.1k-1.82.amzn1.i686 \n openssl-devel-1.0.1k-1.82.amzn1.i686 \n openssl-perl-1.0.1k-1.82.amzn1.i686 \n openssl-1.0.1k-1.82.amzn1.i686 \n openssl-static-1.0.1k-1.82.amzn1.i686 \n \n src: \n openssl-1.0.1k-1.82.amzn1.src \n \n x86_64: \n openssl-devel-1.0.1k-1.82.amzn1.x86_64 \n openssl-static-1.0.1k-1.82.amzn1.x86_64 \n openssl-1.0.1k-1.82.amzn1.x86_64 \n openssl-perl-1.0.1k-1.82.amzn1.x86_64 \n openssl-debuginfo-1.0.1k-1.82.amzn1.x86_64 \n \n \n", "published": "2015-01-11T12:36:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://alas.aws.amazon.com/ALAS-2015-469.html", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2014-3568", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2016-09-28T21:04:15"}], "redhat": [{"id": "RHSA-2015:0066", "type": "redhat", "title": "(RHSA-2015:0066) Moderate: openssl security update", "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary.\n\nA NULL pointer dereference flaw was found in the DTLS implementation of\nOpenSSL. A remote attacker could send a specially crafted DTLS message,\nwhich would cause an OpenSSL server to crash. (CVE-2014-3571)\n\nA memory leak flaw was found in the way the dtls1_buffer_record() function\nof OpenSSL parsed certain DTLS messages. A remote attacker could send\nmultiple specially crafted DTLS messages to exhaust all available memory of\na DTLS server. (CVE-2015-0206)\n\nIt was found that OpenSSL's BigNumber Squaring implementation could produce\nincorrect results under certain special conditions. This flaw could\npossibly affect certain OpenSSL library functionality, such as RSA\nblinding. Note that this issue occurred rarely and with a low probability,\nand there is currently no known way of exploiting it. (CVE-2014-3570)\n\nIt was discovered that OpenSSL would perform an ECDH key exchange with a\nnon-ephemeral key even when the ephemeral ECDH cipher suite was selected.\nA malicious server could make a TLS/SSL client using OpenSSL use a weaker\nkey exchange method than the one requested by the user. (CVE-2014-3572)\n\nIt was discovered that OpenSSL would accept ephemeral RSA keys when using\nnon-export RSA cipher suites. A malicious server could make a TLS/SSL\nclient using OpenSSL use a weaker key exchange method. (CVE-2015-0204)\n\nMultiple flaws were found in the way OpenSSL parsed X.509 certificates.\nAn attacker could use these flaws to modify an X.509 certificate to produce\na certificate with a different fingerprint without invalidating its\nsignature, and possibly bypass fingerprint-based blacklisting in\napplications. (CVE-2014-8275)\n\nIt was found that an OpenSSL server would, under certain conditions, accept\nDiffie-Hellman client certificates without the use of a private key.\nAn attacker could use a user's client certificate to authenticate as that\nuser, without needing the private key. (CVE-2015-0205)\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to mitigate the above issues. For the update to\ntake effect, all services linked to the OpenSSL library (such as httpd and\nother SSL-enabled services) must be restarted or the system rebooted.\n", "published": "2015-01-20T05:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2015:0066", "cvelist": ["CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-8275", "CVE-2015-0204", "CVE-2015-0205", "CVE-2015-0206"], "lastseen": "2018-06-12T21:10:27"}, {"id": "RHSA-2015:0800", "type": "redhat", "title": "(RHSA-2015:0800) Moderate: openssl security update", "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL would accept ephemeral RSA keys when using\nnon-export RSA cipher suites. A malicious server could make a TLS/SSL\nclient using OpenSSL use a weaker key exchange method. (CVE-2015-0204)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the\nway OpenSSL decoded malformed Base64-encoded inputs. An attacker able to\nmake an application using OpenSSL decode a specially crafted Base64-encoded\ninput (such as a PEM file) could use this flaw to cause the application to\ncrash. Note: this flaw is not exploitable via the TLS/SSL protocol because\nthe data being transferred is not Base64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. A remote attacker could use this flaw to cause a\nTLS/SSL server using OpenSSL to exit on a failed assertion if it had both\nthe SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293)\n\nMultiple flaws were found in the way OpenSSL parsed X.509 certificates.\nAn attacker could use these flaws to modify an X.509 certificate to produce\na certificate with a different fingerprint without invalidating its\nsignature, and possibly bypass fingerprint-based blacklisting in\napplications. (CVE-2014-8275)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain\nASN.1 structures. A remote attacker could possibly use a specially crafted\nASN.1 structure that, when parsed by an application, would cause that\napplication to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509 certificate\nhandling implementation. A specially crafted X.509 certificate could cause\nan application using OpenSSL to crash if the application attempted to\nconvert the certificate to a certificate request. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. An attacker able to make an application using OpenSSL\nverify, decrypt, or parse a specially crafted PKCS#7 input could cause that\napplication to crash. TLS/SSL clients and servers using OpenSSL were not\naffected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting \nCVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and \nCVE-2015-0293. Upstream acknowledges Emilia Kasper of the OpenSSL \ndevelopment team as the original reporter of CVE-2015-0287, Brian Carpenter \nas the original reporter of CVE-2015-0288, Michal Zalewski of Google as the \noriginal reporter of CVE-2015-0289, Robert Dugal and David Ramos as the \noriginal reporters of CVE-2015-0292, and Sean Burford of Google and Emilia \nKasper of the OpenSSL development team as the original reporters of \nCVE-2015-0293.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\n", "published": "2015-04-13T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:0800", "cvelist": ["CVE-2014-8275", "CVE-2015-0204", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293", "CVE-2016-0703", "CVE-2016-0704"], "lastseen": "2018-05-11T21:13:47"}], "aix": [{"id": "OPENSSL_ADVISORY12.ASC", "type": "aix", "title": "Multiple Security vulnerabilities in AIX OpenSSL", "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Wed Feb 4 06:24:41 CST 2015\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc\nhttps://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc\nftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc\n===============================================================================\n VULNERABILITY SUMMARY\n\n1. VULNERABILITY: AIX OpenSSL does not properly calculate the square of a BIGNUM \n value which makes it easier for attacker to defeat cryptographic\n protection mechanisms\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2014-3570\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n2.VULNERABILITY: AIX OpenSSL Denial of Service due to NULL pointer dereference\n while processing a DTLS message\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2014-3571\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n3. VULNERABILITY: AIX OpenSSL allows remote SSL servers to conduct ECDHE-to-ECDH\n downgrade attacks and thereby causing loss of forward secrecy\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2014-3572\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n4. VULNERABILITY: AIX OpenSSL allows remote attackers to defeat the fingerprint-based\n certificate blacklist protection mechanism\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2014-8275\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n5. VULNERABILITY: AIX OpenSSL allows remote SSL servers to conduct RSA-to-EXPORT_RSA\n downgrade attacks and thereby offering a weak ephemeral RSA key in\n a noncompliant role\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2015-0204\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n6. VULNERABILITY: AIX OpenSSL allows remote attackers to obtain access without\n knowledge of a private key on a server that recognizes a\n Certification Authority with DH support\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2015-0205\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n7. VULNERABILITY: AIX OpenSSL allows remote attackers to cause Denial of Service\n by sending many duplicate records for the next epoch, leading\n to failure of replay detection\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2015-0206\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n===============================================================================\n DETAILED INFORMATION\n\nI. DESCRIPTION \n \n 1. CVE-2014-3570\n \tOpenSSL does not properly calculate the square of a BIGNUM value, which might \n make it easier for remote attackers to defeat cryptographic protection mechanisms \n via unspecified vectors\n\n 2. CVE-2014-3571\n\t OpenSSL allows remote attackers to cause a denial of service via a crafted DTLS \n message that is processed with a different read operation for the handshake \n header than for the handshake body\n\n 3. CVE-2014-3572\n OpenSSL allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks \n and trigger loss of forward secrecy by omitting the ServerKeyExchange message.\n\n 4. CVE-2014-8275\n OpenSSL does not enforce certain constraints on certificate data, which allows \n remote attackers to defeat a fingerprint-based certificate-blacklist protection \n mechanism by including crafted data within a certificate's unsigned portion\n\n 5. CVE-2015-0204\n OpenSSL allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks \n and facilitate brute-force decryption by offering a weak ephemeral RSA key \n in a noncompliant role.\n\n 6. CVE-2015-0205\n OpenSSL accepts client authentication with a Diffie-Hellman (DH) certificate \n without requiring a CertificateVerify message, which allows remote attackers \n to obtain access without knowledge of a private key via crafted TLS Handshake \n Protocol traffic to a server that recognizes a Certification Authority \n with DH support.\n\n 7. CVE-2015-0206\n\t OpenSSL could allow remote attackers to cause a denial of service (memory \n consumption) by sending many duplicate records for the next epoch, leading \n to failure of replay detection.\n\nII. CVSS\n\n 1. CVE-2014-3570\n CVSS Base Score: 2.6\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/99710\n CVSS Environmental Score*: Undefined\n CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N\n\n 2. CVE-2014-3571\n CVSS Base Score: 5\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/99703\n CVSS Environmental Score*: Undefined\n CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P\n\n 3. CVE-2014-3572\n CVSS Base Score: 1.2\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/99705\n CVSS Environmental Score*: Undefined\n CVSS Vector: AV:L/AC:H/Au:N/C:N/I:P/A:N\n\n 4. CVE-2014-8275\n CVSS Base Score: 1.2\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/99709\n CVSS Environmental Score*: Undefined\n CVSS Vector: AV:L/AC:H/Au:N/C:N/I:P/A:N\n\n 5. CVE-2015-0204\n CVSS Base Score: 1.2\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/99707\n CVSS Environmental Score*: Undefined\n CVSS Vector: AV:L/AC:H/Au:N/C:N/I:P/A:N\n\n 6. CVE-2015-0205\n CVSS Base Score: 2.1\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/99708 \n CVSS Environmental Score*: Undefined\n CVSS Vector: AV:N/AC:H/Au:S/C:N/I:P/A:N\n\n 7. CVE-2015-0206\n CVSS Base Score: 5\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/99704\n CVSS Environmental Score*: Undefined\n CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P\n\n\nIII. PLATFORM VULNERABILITY ASSESSMENT\n\n To determine if your system is vulnerable, execute the following\n command:\n\n lslpp -L openssl.base\n \n The following fileset levels are vulnerable:\n \n A. CVE-2014-3572, CVE-2015-0205, CVE-2015-0206\n\n AIX Fileset Lower Level Upper Level \n ------------------------------------------\n openssl.base 1.0.1.500 1.0.1.513\n\n B. CVE-2014-3570, CVE-2014-3571, CVE-2014-8275, CVE-2015-0204\n\n AIX Fileset Lower Level Upper Level \n ------------------------------------------\n openssl.base 1.0.1.500 1.0.1.513\n openssl.base 0.9.8.401 0.9.8.2504\n openssl.base 12.9.8.1100 12.9.8.2504\n\n\tNote, 0.9.8.401 and 12.9.8.1100 are the Lowest OpenSSL version\n\tavailable in aix web download site. Even OpenSSL versions below \n\tthis are impacted\n\n\nIV. SOLUTIONS\n\n A. FIXES\n\n Fix is available. The fix can be downloaded via ftp\n from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/openssl_fix12.tar\n\n The link above is to a tar file containing this signed\n advisory, fix packages, and OpenSSL signatures for each package.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n releases.\n\n\tNote that the tar file contains Interim fixes that are based on OpenSSL version.\n\n AIX Level Interim Fix (*.Z) Fileset Name(prereq for installation)\n ---------------------------------------------------------------------------------\n 5.3, 6.1, 7.1 IV69033s9a.150129.epkg.Z openssl.base(1.0.1.513 version)\n 5.3, 6.1, 7.1 IV69033s9b.150129.epkg.Z openssl.base(0.9.8.2504 version)\n 5.3, 6.1, 7.1 IV69033s9c.150129.epkg.Z openssl.base(12.9.8.2504 version)\n\n VIOS Level Interim Fix (*.Z)\t Fileset Name(prereq for installation)\n -------------------------------------------------------------------------------------\n 2.2.* IV69033s9a.150129.epkg.Z openssl.base(1.0.1.513 version)\n 2.2.* IV69033s9b.150129.epkg.Z openssl.base(0.9.8.2504 version)\n 2.2.* IV69033s9c.150129.epkg.Z openssl.base(12.9.8.2504 version)\n\n\n To extract the fix from the tar file:\n\n tar xvf openssl_fix12.tar\n cd openssl_fix12\n\n Verify you have retrieved the fix intact:\n\n The checksums below were generated using the\n \"openssl dgst -sha256 file\" command is the followng:\n\n openssl dgst -sha256 \t\t\t\t\t\t filename\t \n ----------------------------------------------------------------------------------------------\n \tba67b128e22ca028756100a473137b64cd8758c8182e4cda8bc3293b69cb53ba IV69033s9a.150129.epkg.Z\n 1c244927ae807d9c55dee91366ac88488a1312103a19f3017758989f91759f48 IV69033s9b.150129.epkg.Z\n\t 361e751b0ce323b57b8865fca66e90f0dc541857a04b4c67f55874b01e98fffb IV69033s9c.150129.epkg.Z\n\n\t These sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM AIX Security at\n security-alert@austin.ibm.com and describe the discrepancy.\n \n Published advisory OpenSSL signature file location:\n\n http://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc.sig\n https://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc.sig\n ftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc.sig \n\n\topenssl dgst -sha1 -verify <pubkey_file> -signature <advisory_file>.sig <advisory_file>\n\n openssl dgst -sha1 -verify <pubkey_file> -signature <ifix_file>.sig <ifix_file>\n\n \n B. FIX AND INTERIM FIX INSTALLATION\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e ipkg_name -p # where ipkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n\n emgr -e ipkg_name -X # where ipkg_name is the name of the\n # interim fix package being installed.\n\n\nV. WORKAROUNDS\n \n No workarounds.\n\nVI. CONTACT US:\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team via security-alert@austin.ibm.com you\n can either:\n\n A. Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pgppubkey.txt\n\n B. Download the key from a PGP Public Key Server. The key ID is:\n\n 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\n\nVII. REFERENCES:\n\n Note: Keywords labeled as KEY in this document are used for parsing purposes.\n\n eServer is a trademark of International Business Machines\n Corporation. IBM, AIX and pSeries are registered trademarks of\n International Business Machines Corporation. All other trademarks\n are property of their respective holders.\n\n Complete CVSS Guide: http://www.first.org/cvss/cvss-guide.html\n On-line Calculator V2: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2\n\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/99710\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/99703\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/99705\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/99709\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/99707\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/99708 \n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/99704\n CVE-2014-3570 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n CVE-2014-3571 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n CVE-2014-3572 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n CVE-2014-8275 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n CVE-2015-0204 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n CVE-2015-0205 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n CVE-2015-0206 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n\n *The CVSS Environment Score is customer environment specific and will\n ultimately impact the Overall CVSS Score. Customers can evaluate the\n impact of this vulnerability in their environments by accessing the links\n in the Reference section of this Flash.\n\n Note: According to the Forum of Incident Response and Security Teams\n (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry\n open standard designed to convey vulnerability severity and help to\n determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES\n \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF\n MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE\n RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY\n VULNERABILITY.\n", "published": "2015-02-04T06:24:41", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205"], "lastseen": "2016-10-24T17:48:11"}], "kaspersky": [{"id": "KLA10460", "type": "kaspersky", "title": "\r KLA10460Multiple vulnerabilities in OpenSSL ", "description": "### *CVSS*:\n5.0\n\n### *Detect date*:\n01/08/2015\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities have been found in OpenSSL. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions.\n\n### *Affected products*:\nOpenSSL versions earlier than 0.9.8zd \nOpenSSL 1.0.0 versions earlier than 1.0.0p \nOpenSSL 1.0.1 versions earlier than 1.0.1k\n\n### *Solution*:\nUpdate to latest version!\n\n### *Original advisories*:\n[OpenSSL bulletin](<https://www.openssl.org/news/secadv_20150108.txt>) \n\n\n### *Impacts*:\nSB \n\n### *Related products*:\n[OpenSSl](<https://threats.kaspersky.com/en/product/OpenSSl/>)\n\n### *CVE-IDS*:\n[CVE-2015-0206](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206>) \n[CVE-2015-0204](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204>) \n[CVE-2015-0205](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205>) \n[CVE-2014-8275](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275>) \n[CVE-2014-3569](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569>) \n[CVE-2014-3572](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572>) \n[CVE-2014-3570](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570>) \n[CVE-2014-3571](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571>)", "published": "2015-01-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10460", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2018-07-06T07:33:51"}], "cisco": [{"id": "CISCO-SA-20150310-SSL", "type": "cisco", "title": "Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products", "description": "A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to bypass fingerprint-based certificate validation mechanisms implemented by the affected software.\n\nThe vulnerability exists due to insufficient constraints applied on certificate data by the affected software. An attacker could exploit this vulnerability by including crafted data within a certificate's unsigned portion and submitting it to be processed by the affected software. If successful, an attacker could bypass the fingerprint-based certificate-blacklist protection mechanism implemented by the affected software.\n\nA vulnerability in OpenSSL could allow an unauthenticated, remote attacker to bypass security restrictions.\n\nThe vulnerability is due to improper handling of an RSA temporary key. An attacker with a privileged network position could exploit the vulnerability by returning a weak temporary RSA key to a system using an application that uses the vulnerable OpenSSL library. When processed, the insecure temporary key could result in reduced cryptographic protections, which could allow the attacker to bypass security protections.\n\nA vulnerability in OpenSSL could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.\n\nThe vulnerability is due to improper implementation of the OpenSSL build configuration. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted SSL 3.0 handshake request to the targeted client. Processing the request could cause the affected software to terminate abnormally, leading to a DoS condition.\n\nA vulnerability in OpenSSL could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.\n\nThe vulnerability is due to improper processing of network messages. An attacker could exploit this vulnerability by sending malicious network messages to a targeted system.\n\nA vulnerability in OpenSSL could allow an unauthenticated, remote attacker to conduct downgrade attacks.\n\nThe vulnerability is due to insecure implementation of ephemeral Elliptic Curve Diffie-Hellman (ECDH) ciphersuites by the affected software. An unauthenticated, remote attacker could exploit this vulnerability by transmitting crafted handshake requests to the targeted client system. When processed, the requests could allow the attacker to downgrade the server to use the weaker encryption protocol, which could allow the attacker to obtain sensitive information from the system.\n\nAn issue in OpenSSL could result in the calculation of incorrect mathematical results.\n\nThe issue is in the BN_sql function because the function does not properly calculate the square of a BIGNUM value. An unauthenticated, remote attacker could exploit this issue using an unspecified vector. Successful exploitation could cause the software to calculate incorrect results.\n\nReports suggest that no exploits are known and straightforward bug attacks fail because the attacker cannot control when the bug triggers and no private key material is involved.\n\nMultiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service condition or perform a man-in-the-middle attack. On January 8, 2015, the OpenSSL Project released a security advisory detailing eight distinct vulnerabilities. The vulnerabilities are referenced in this document as follows:\n\n CVE-2014-3571: OpenSSL DTLS Message Processing Denial of Service Vulnerability\n CVE-2015-0206: OpenSSL dtls1_buffer_record Function DTLS Message Processing Denial of Service Vulnerability\n CVE-2014-3569: OpenSSL no-ssl3 Option NULL Pointer Dereference Vulnerability\n CVE-2014-3572: OpenSSL Elliptic Curve Cryptographic Downgrade Vulnerability\n CVE-2015-0204: OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability\n CVE-2015-0205: OpenSSL Diffie-Hellman Certificate Validation Authentication Bypass Vulnerability\n CVE-2014-8275: OpenSSL Certificate Fingerprint Validation Vulnerability\n CVE-2014-3570: OpenSSL BN_sql Function Incorrect Mathematical Results Issue\n\nCisco will release software updates that address these vulnerabilities.\n\nWorkarounds that mitigate these vulnerabilities may be available.\n\nThis advisory is available at the following link:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl[\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl\"]\n\nOpenSSL contains a vulnerability that could allow an unauthenticated, remote attacker to bypass certain security restrictions and access sensitive information on a targeted system.\n\nThe vulnerability is due to improper certificate verification by the affected software. An unauthenticated, remote attacker could exploit this vulnerability by transmitting a crafted Diffie-Hellman certificate without the certificate verify message to the affected server. The processing of such certificates could allow the attacker to bypass certain security restrictions and access sensitive information on the system.\n\nOpenSSL contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.\n\nThe vulnerability is due to an error condition that occurs when the affected software processes crafted Datagram Transport Layer Security (DTLS) packets. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted DTLS packets to an affected OpenSSL-based server. An exploit could allow the attacker to consume excessive memory resources, resulting in a DoS condition.", "published": "2015-03-10T16:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl", "cvelist": ["CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-8275", "CVE-2015-0204", "CVE-2015-0205", "CVE-2015-0206"], "lastseen": "2018-07-14T16:40:03"}], "centos": [{"id": "CESA-2015:0800", "type": "centos", "title": "openssl security update", "description": "**CentOS Errata and Security Advisory** CESA-2015:0800\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL would accept ephemeral RSA keys when using\nnon-export RSA cipher suites. A malicious server could make a TLS/SSL\nclient using OpenSSL use a weaker key exchange method. (CVE-2015-0204)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the\nway OpenSSL decoded malformed Base64-encoded inputs. An attacker able to\nmake an application using OpenSSL decode a specially crafted Base64-encoded\ninput (such as a PEM file) could use this flaw to cause the application to\ncrash. Note: this flaw is not exploitable via the TLS/SSL protocol because\nthe data being transferred is not Base64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. A remote attacker could use this flaw to cause a\nTLS/SSL server using OpenSSL to exit on a failed assertion if it had both\nthe SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293)\n\nMultiple flaws were found in the way OpenSSL parsed X.509 certificates.\nAn attacker could use these flaws to modify an X.509 certificate to produce\na certificate with a different fingerprint without invalidating its\nsignature, and possibly bypass fingerprint-based blacklisting in\napplications. (CVE-2014-8275)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain\nASN.1 structures. A remote attacker could possibly use a specially crafted\nASN.1 structure that, when parsed by an application, would cause that\napplication to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509 certificate\nhandling implementation. A specially crafted X.509 certificate could cause\nan application using OpenSSL to crash if the application attempted to\nconvert the certificate to a certificate request. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. An attacker able to make an application using OpenSSL\nverify, decrypt, or parse a specially crafted PKCS#7 input could cause that\napplication to crash. TLS/SSL clients and servers using OpenSSL were not\naffected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting \nCVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and \nCVE-2015-0293. Upstream acknowledges Emilia Kasper of the OpenSSL \ndevelopment team as the original reporter of CVE-2015-0287, Brian Carpenter \nas the original reporter of CVE-2015-0288, Michal Zalewski of Google as the \noriginal reporter of CVE-2015-0289, Robert Dugal and David Ramos as the \noriginal reporters of CVE-2015-0292, and Sean Burford of Google and Emilia \nKasper of the OpenSSL development team as the original reporters of \nCVE-2015-0293.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-April/021064.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-perl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-0800.html", "published": "2015-04-14T11:25:52", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2015-April/021064.html", "cvelist": ["CVE-2015-0288", "CVE-2014-8275", "CVE-2015-0293", "CVE-2015-0204", "CVE-2016-0704", "CVE-2015-0287", "CVE-2016-0703", "CVE-2015-0289", "CVE-2015-0292"], "lastseen": "2017-10-03T18:26:55"}, {"id": "CESA-2015:0066", "type": "centos", "title": "openssl security update", "description": "**CentOS Errata and Security Advisory** CESA-2015:0066\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary.\n\nA NULL pointer dereference flaw was found in the DTLS implementation of\nOpenSSL. A remote attacker could send a specially crafted DTLS message,\nwhich would cause an OpenSSL server to crash. (CVE-2014-3571)\n\nA memory leak flaw was found in the way the dtls1_buffer_record() function\nof OpenSSL parsed certain DTLS messages. A remote attacker could send\nmultiple specially crafted DTLS messages to exhaust all available memory of\na DTLS server. (CVE-2015-0206)\n\nIt was found that OpenSSL's BigNumber Squaring implementation could produce\nincorrect results under certain special conditions. This flaw could\npossibly affect certain OpenSSL library functionality, such as RSA\nblinding. Note that this issue occurred rarely and with a low probability,\nand there is currently no known way of exploiting it. (CVE-2014-3570)\n\nIt was discovered that OpenSSL would perform an ECDH key exchange with a\nnon-ephemeral key even when the ephemeral ECDH cipher suite was selected.\nA malicious server could make a TLS/SSL client using OpenSSL use a weaker\nkey exchange method than the one requested by the user. (CVE-2014-3572)\n\nIt was discovered that OpenSSL would accept ephemeral RSA keys when using\nnon-export RSA cipher suites. A malicious server could make a TLS/SSL\nclient using OpenSSL use a weaker key exchange method. (CVE-2015-0204)\n\nMultiple flaws were found in the way OpenSSL parsed X.509 certificates.\nAn attacker could use these flaws to modify an X.509 certificate to produce\na certificate with a different fingerprint without invalidating its\nsignature, and possibly bypass fingerprint-based blacklisting in\napplications. (CVE-2014-8275)\n\nIt was found that an OpenSSL server would, under certain conditions, accept\nDiffie-Hellman client certificates without the use of a private key.\nAn attacker could use a user's client certificate to authenticate as that\nuser, without needing the private key. (CVE-2015-0205)\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to mitigate the above issues. For the update to\ntake effect, all services linked to the OpenSSL library (such as httpd and\nother SSL-enabled services) must be restarted or the system rebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-January/020884.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-January/020885.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-libs\nopenssl-perl\nopenssl-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-0066.html", "published": "2015-01-20T21:00:39", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2015-January/020884.html", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205"], "lastseen": "2017-10-03T18:26:08"}], "slackware": [{"id": "SSA-2015-009-01", "type": "slackware", "title": "openssl", "description": "New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\nand -current to fix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/openssl-1.0.1k-i486-1_slack14.1.txz: Upgraded.\n This update fixes several security issues:\n DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)\n DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)\n no-ssl3 configuration sets method to NULL (CVE-2014-3569)\n ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)\n RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)\n DH client certificates accepted without verification [Server] (CVE-2015-0205)\n Certificate fingerprints can be modified (CVE-2014-8275)\n Bignum squaring may produce incorrect results (CVE-2014-3570)\n For more information, see:\n https://www.openssl.org/news/secadv_20150108.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1k-i486-1_slack14.1.txz: Upgraded.\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zd-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zd-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zd-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zd-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zd-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zd-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zd-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zd-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zd-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zd-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zd-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zd-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1k-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1k-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1k-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1k-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1k-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1k-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1k-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1k-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1k-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1k-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1k-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1k-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 packages:\n7011638e44786670642a29b13adbb4cd openssl-0.9.8zd-i486-1_slack13.0.txz\n239cd5697b2633e68aae60f84728ec3d openssl-solibs-0.9.8zd-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n953f3ea84349050f9075d69f190c4ef0 openssl-0.9.8zd-x86_64-1_slack13.0.txz\ne4cb8384a1a5fd0730f47b0d66844973 openssl-solibs-0.9.8zd-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n60a91060b530795c3aec7776e559069b openssl-0.9.8zd-i486-1_slack13.1.txz\n25833ee7c47234dfc57333e4e6ac9516 openssl-solibs-0.9.8zd-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n936f04a96087ac8b242fc468ab4902af openssl-0.9.8zd-x86_64-1_slack13.1.txz\n2e822308f12b71adbe1d63d3bb7dac44 openssl-solibs-0.9.8zd-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n90d89193c9625543a0b22595ba6e6989 openssl-0.9.8zd-i486-1_slack13.37.txz\n83d2ba9b537949d5a882433c19232049 openssl-solibs-0.9.8zd-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n644c8acaf2ea6f5ea6fd197ee3d367f9 openssl-0.9.8zd-x86_64-1_slack13.37.txz\nebbae4f2e239906132fddbc8cc1f64cb openssl-solibs-0.9.8zd-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\n4400c395a2de5b68e880a76092dadd47 openssl-1.0.1k-i486-1_slack14.0.txz\nb2455038898a8715310f4ab732c11f71 openssl-solibs-1.0.1k-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\nf912cf9ec0d25495b1534c61563541be openssl-1.0.1k-x86_64-1_slack14.0.txz\n4eeed382d27de024e4f9e69aec1c148d openssl-solibs-1.0.1k-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n299f48c01718e425e44844f54b34199d openssl-1.0.1k-i486-1_slack14.1.txz\nca6b49bb17c602e6637edca5686afc10 openssl-solibs-1.0.1k-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nb9071e68e60d598a85659df0519131c2 openssl-1.0.1k-x86_64-1_slack14.1.txz\na835c6471b1cf5b162afe0782a6384bc openssl-solibs-1.0.1k-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\ncb7d3aa850b3cfe54abd1eb61c881cc7 a/openssl-solibs-1.0.1k-i486-1.txz\n00ae9f01693bf86a709fd79b0e8cd099 n/openssl-1.0.1k-i486-1.txz\n\nSlackware x86_64 -current packages:\n727887e756148bb1d28fa348804fcdb9 a/openssl-solibs-1.0.1k-x86_64-1.txz\n9c254936144f5aaaf8fe4eee033f5658 n/openssl-1.0.1k-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg openssl-1.0.1k-i486-1_slack14.1.txz openssl-solibs-1.0.1k-i486-1_slack14.1.txz", "published": "2015-01-09T10:34:39", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.782231", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2018-02-02T18:11:34"}], "archlinux": [{"id": "ASA-201501-2", "type": "archlinux", "title": "openssl: multiple issues", "description": "- CVE-2014-3571 (denial of service)\nA remote attacker is able to cause a denial of service (NULL pointer\ndereference and application crash) via a crafted DTLS message that is\nprocessed with a different read operation for the handshake header than\nfor the handshake body, related to the dtls1_get_record function in\nd1_pkt.c and the ssl3_read_n function in s3_pkt.c.\n\n- CVE-2015-0206 (denial of service)\nA memory leak can occur in the dtls1_buffer_record function under\ncertain conditions. In particular this could occur if an attacker sent\nrepeated DTLS records with the same sequence number but for the next\nepoch. The memory leak could be exploited by an attacker in a denial of\nservice attack through memory exhaustion.\n\n- CVE-2014-3569 (denial of service)\nThe ssl23_get_client_hello function in s23_srvr.c does not properly\nhandle attempts to use unsupported protocols, which allows remote\nattackers to cause a denial of service (NULL pointer dereference and\ndaemon crash) via an unexpected handshake, as demonstrated by an SSLv3\nhandshake to a no-ssl3 application with certain error handling.\n\n- CVE-2014-3572 (cipher downgrade)\nAn OpenSSL client will accept a handshake using an ephemeral ECDH\nciphersuite using an ECDSA certificate if the server key exchange\nmessage is omitted. This effectively removes forward secrecy from the\nciphersuite.\n\n- CVE-2015-0204 (cipher downgrade)\nThe ssl3_get_key_exchange function in s3_clnt.c allows remote SSL\nservers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate\nbrute-force decryption by offering a weak ephemeral RSA key in a\nnoncompliant role.\n\n- CVE-2015-0205 (certificate verification bypass)\nAn OpenSSL server will accept a DH certificate for client authentication\nwithout the certificate verify message. This effectively allows a client\nto authenticate without the use of a private key. This only affects\nservers which trust a client certificate authority which issues\ncertificates containing DH keys.\n\n- CVE-2014-8275 (certificate fingerprint modification)\nOpenSSL accepts several non-DER-variations of certificate signature\nalgorithm and signature encodings. OpenSSL also does not enforce a match\nbetween the signature algorithm between the signed and unsigned portions\nof the certificate. By modifying the contents of the signature algorithm\nor the encoding of the signature, it is possible to change the\ncertificate's fingerprint.\nThis does not allow an attacker to forge certificates, and does not\naffect certificate verification or OpenSSL servers/clients in any other\nway. It also does not affect common revocation mechanisms. Only custom\napplications that rely on the uniqueness of the fingerprint (e.g.\ncertificate blacklists) may be affected.\n\n- CVE-2014-3570 (bignum squaring error)\nThe BN_sqr implementation does not properly calculate the square of a\nBIGNUM value, which might make it easier for remote attackers to defeat\ncryptographic protection mechanisms via unspecified vectors, related to\ncrypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.", "published": "2015-01-09T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2016-09-02T18:44:40"}], "ubuntu": [{"id": "USN-2459-1", "type": "ubuntu", "title": "OpenSSL vulnerabilities", "description": "Pieter Wuille discovered that OpenSSL incorrectly handled Bignum squaring. (CVE-2014-3570)\n\nMarkus Stenberg discovered that OpenSSL incorrectly handled certain crafted DTLS messages. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2014-3571)\n\nKarthikeyan Bhargavan discovered that OpenSSL incorrectly handled certain handshakes. A remote attacker could possibly use this issue to downgrade to ECDH, removing forward secrecy from the ciphersuite. (CVE-2014-3572)\n\nAntti Karjalainen, Tuomo Untinen and Konrad Kraszewski discovered that OpenSSL incorrectly handled certain certificate fingerprints. A remote attacker could possibly use this issue to trick certain applications that rely on the uniqueness of fingerprints. (CVE-2014-8275)\n\nKarthikeyan Bhargavan discovered that OpenSSL incorrectly handled certain key exchanges. A remote attacker could possibly use this issue to downgrade the security of the session to EXPORT_RSA. (CVE-2015-0204)\n\nKarthikeyan Bhargavan discovered that OpenSSL incorrectly handled client authentication. A remote attacker could possibly use this issue to authenticate without the use of a private key in certain limited scenarios. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-0205)\n\nChris Mueller discovered that OpenSSL incorrect handled memory when processing DTLS records. A remote attacker could use this issue to cause OpenSSL to consume resources, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-0206)", "published": "2015-01-12T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://usn.ubuntu.com/2459-1/", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205"], "lastseen": "2018-03-29T18:18:52"}], "suse": [{"id": "OPENSUSE-SU-2015:0130-1", "type": "suse", "title": "Security update for openssl (important)", "description": "openssl was updated to 1.0.1k to fix various security issues and bugs.\n\n More information can be found in the openssl advisory:\n <a rel=\"nofollow\" href=\"http://openssl.org/news/secadv_20150108.txt\">http://openssl.org/news/secadv_20150108.txt</a>\n\n Following issues were fixed:\n\n * CVE-2014-3570 (bsc#912296): Bignum squaring (BN_sqr) may have produced\n incorrect results on some platforms, including x86_64.\n\n * CVE-2014-3571 (bsc#912294): Fixed crash in dtls1_get_record whilst in\n the listen state where you get two separate reads performed - one for\n the header and one for the body of the handshake record.\n\n * CVE-2014-3572 (bsc#912015): Don't accept a handshake using an ephemeral\n ECDH ciphersuites with the server key exchange message omitted.\n\n * CVE-2014-8275 (bsc#912018): Fixed various certificate fingerprint issues.\n\n * CVE-2015-0204 (bsc#912014): Only allow ephemeral RSA keys in export\n ciphersuites\n\n * CVE-2015-0205 (bsc#912293): A fixwas added to prevent use of DH client\n certificates without sending certificate verify message.\n\n * CVE-2015-0206 (bsc#912292): A memory leak was fixed in\n dtls1_buffer_record.\n\n", "published": "2015-01-23T20:05:13", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html", "cvelist": ["CVE-2014-3572", "CVE-2015-0206", "CVE-2014-3571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0204", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2016-09-04T12:38:06"}, {"id": "OPENSUSE-SU-2015:1277-1", "type": "suse", "title": "Security update for libressl (important)", "description": "libressl was updated to version 2.2.1 to fix 16 security issues.\n\n LibreSSL is a fork of OpenSSL. Because of that CVEs affecting OpenSSL\n often also affect LibreSSL.\n\n These security issues were fixed:\n - CVE-2014-3570: The BN_sqr implementation in OpenSSL before 0.9.8zd,\n 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k did not properly calculate\n the square of a BIGNUM value, which might make it easier for remote\n attackers to defeat cryptographic protection mechanisms via unspecified\n vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c,\n and crypto/bn/bn_asm.c (bsc#912296).\n - CVE-2014-3572: The ssl3_get_key_exchange function in s3_clnt.c in\n OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k\n allowed remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks\n and trigger a loss of forward secrecy by omitting the ServerKeyExchange\n message (bsc#912015).\n - CVE-2015-1792: The do_free_upto function in crypto/cms/cms_smime.c in\n OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and\n 1.0.2 before 1.0.2b allowed remote attackers to cause a denial of\n service (infinite loop) via vectors that trigger a NULL value of a BIO\n data structure, as demonstrated by an unrecognized X.660 OID for a hash\n function (bsc#934493).\n - CVE-2014-8275: OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1\n before 1.0.1k did not enforce certain constraints on certificate data,\n which allowed remote attackers to defeat a fingerprint-based\n certificate-blacklist protection mechanism by including crafted data\n within a certificate's unsigned portion, related to\n crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c,\n and crypto/x509/x_all.c (bsc#912018).\n - CVE-2015-0209: Use-after-free vulnerability in the d2i_ECPrivateKey\n function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before\n 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allowed\n remote attackers to cause a denial of service (memory corruption and\n application crash) or possibly have unspecified other impact via a\n malformed Elliptic Curve (EC) private-key file that is improperly\n handled during import (bsc#919648).\n - CVE-2015-1789: The X509_cmp_time function in crypto/x509/x509_vfy.c in\n OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and\n 1.0.2 before 1.0.2b allowed remote attackers to cause a denial of\n service (out-of-bounds read and application crash) via a crafted length\n field in ASN1_TIME data, as demonstrated by an attack against a server\n that supports client authentication with a custom verification callback\n (bsc#934489).\n - CVE-2015-1788: The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in\n OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and\n 1.0.2 before 1.0.2b did not properly handle ECParameters structures in\n which the curve is over a malformed binary polynomial field, which\n allowed remote attackers to cause a denial of service (infinite loop)\n via a session that used an Elliptic Curve algorithm, as demonstrated by\n an attack against a server that supports client authentication\n (bsc#934487).\n - CVE-2015-1790: The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c\n in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and\n 1.0.2 before 1.0.2b allowed remote attackers to cause a denial of\n service (NULL pointer dereference and application crash) via a PKCS#7\n blob that used ASN.1 encoding and lacks inner EncryptedContent data\n (bsc#934491).\n - CVE-2015-0287: The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c\n in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and\n 1.0.2 before 1.0.2a did not reinitialize CHOICE and ADB data structures,\n which might allowed attackers to cause a denial of service (invalid\n write operation and memory corruption) by leveraging an application that\n relies on ASN.1 structure reuse (bsc#922499).\n - CVE-2015-0286: The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in\n OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and\n 1.0.2 before 1.0.2a did not properly perform boolean-type comparisons,\n which allowed remote attackers to cause a denial of service (invalid\n read operation and application crash) via a crafted X.509 certificate to\n an endpoint that used the certificate-verification feature (bsc#922496).\n - CVE-2015-0289: The PKCS#7 implementation in OpenSSL before 0.9.8zf,\n 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a did\n not properly handle a lack of outer ContentInfo, which allowed attackers\n to cause a denial of service (NULL pointer dereference and application\n crash) by leveraging an application that processes arbitrary PKCS#7 data\n and providing malformed data with ASN.1 encoding, related to\n crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (bsc#922500).\n - CVE-2015-0288: The X509_to_X509_REQ function in crypto/x509/x509_req.c\n in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and\n 1.0.2 before 1.0.2a might allowed attackers to cause a denial of service\n (NULL pointer dereference and application crash) via an invalid\n certificate key (bsc#920236).\n - CVE-2014-8176: The dtls1_clear_queues function in ssl/d1_lib.c in\n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h\n frees data structures without considering that application data can\n arrive between a ChangeCipherSpec message and a Finished message, which\n allowed remote DTLS peers to cause a denial of service (memory\n corruption and application crash) or possibly have unspecified other\n impact via unexpected application data (bsc#934494).\n - CVE-2015-4000: The TLS protocol 1.2 and earlier, when a DHE_EXPORT\n ciphersuite is enabled on a server but not on a client, did not properly\n convey a DHE_EXPORT choice, which allowed man-in-the-middle attackers to\n conduct cipher-downgrade attacks by rewriting a ClientHello with DHE\n replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT\n replaced by DHE, aka the "Logjam" issue (bsc#931600).\n - CVE-2015-0205: The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL\n 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client\n authentication with a Diffie-Hellman (DH) certificate without requiring\n a CertificateVerify message, which allowed remote attackers to obtain\n access without knowledge of a private key via crafted TLS Handshake\n Protocol traffic to a server that recognizes a Certification Authority\n with DH support (bsc#912293).\n - CVE-2015-0206: Memory leak in the dtls1_buffer_record function in\n d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allowed\n remote attackers to cause a denial of service (memory consumption) by\n sending many duplicate records for the next epoch, leading to failure of\n replay detection (bsc#912292).\n\n", "published": "2015-07-22T15:08:14", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html", "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2014-3572", "CVE-2015-0206", "CVE-2015-1789", "CVE-2015-0286", "CVE-2015-0288", "CVE-2014-8275", "CVE-2014-3570", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-0209", "CVE-2015-1790", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-0205"], "lastseen": "2016-09-04T11:46:48"}, {"id": "SUSE-SU-2015:0578-1", "type": "suse", "title": "Security update for compat-openssl097g (important)", "description": "OpenSSL has been updated to fix various security issues:\n\n *\n\n CVE-2014-3568: The build option no-ssl3 was incomplete.\n\n *\n\n CVE-2014-3566: Support for TLS_FALLBACK_SCSV was added.\n\n *\n\n CVE-2014-3508: An information leak in pretty printing functions was\n fixed.\n\n *\n\n CVE-2013-0166: A OCSP bad key DoS attack was fixed.\n\n *\n\n CVE-2013-0169: An SSL/TLS CBC plaintext recovery attack was fixed.\n\n *\n\n CVE-2014-3470: Anonymous ECDH denial of service was fixed.\n\n *\n\n CVE-2014-0224: A SSL/TLS MITM vulnerability was fixed.\n\n *\n\n CVE-2014-3570: Bignum squaring (BN_sqr) may have produced incorrect\n results on some platforms, including x86_64.\n\n *\n\n CVE-2014-3572: Don't accept a handshake using an ephemeral ECDH\n ciphersuites with the server key exchange message omitted.\n\n *\n\n CVE-2014-8275: Fixed various certificate fingerprint issues.\n\n *\n\n CVE-2015-0204: Only allow ephemeral RSA keys in export ciphersuites\n\n *\n\n CVE-2015-0205: A fix was added to prevent use of DH client\n certificates without sending certificate verify message.\n\n *\n\n CVE-2015-0286: A segmentation fault in ASN1_TYPE_cmp was fixed that\n could be exploited by attackers when e.g. client authentication is used.\n This could be exploited over SSL connections.\n\n *\n\n CVE-2015-0287: A ASN.1 structure reuse memory corruption was fixed.\n This problem can not be exploited over regular SSL connections, only if\n specific client programs use specific ASN.1 routines.\n\n *\n\n CVE-2015-0288: A X509_to_X509_REQ NULL pointer dereference was\n fixed, which could lead to crashes. This function is not commonly used,\n and not reachable over SSL methods.\n\n *\n\n CVE-2015-0289: Several PKCS7 NULL pointer dereferences were fixed,\n which could lead to crashes of programs using the PKCS7 APIs. The SSL apis\n do not use those by default.\n\n *\n\n CVE-2015-0292: Various issues in base64 decoding were fixed, which\n could lead to crashes with memory corruption, for instance by using\n attacker supplied PEM data.\n\n *\n\n CVE-2015-0293: Denial of service via reachable assert in SSLv2\n servers, could be used by remote attackers to terminate the server\n process. Note that this requires SSLv2 being allowed, which is not the\n default.\n\n", "published": "2015-03-24T00:05:09", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", "cvelist": ["CVE-2013-0166", "CVE-2014-3508", "CVE-2014-3566", "CVE-2014-3572", "CVE-2013-0169", "CVE-2015-0286", "CVE-2015-0288", "CVE-2014-0224", "CVE-2014-8275", "CVE-2014-3570", "CVE-2014-3470", "CVE-2015-0293", "CVE-2015-0204", "CVE-2015-0287", "CVE-2015-0289", "CVE-2014-3568", "CVE-2015-0292", "CVE-2015-0205"], "lastseen": "2016-09-04T11:23:40"}, {"id": "OPENSUSE-SU-2016:0640-1", "type": "suse", "title": "Security update for libopenssl0_9_8 (important)", "description": "This update for libopenssl0_9_8 fixes the following issues:\n\n - CVE-2016-0800 aka the "DROWN" attack (bsc#968046): OpenSSL was\n vulnerable to a cross-protocol attack that could lead to decryption of\n TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites\n as a Bleichenbacher RSA padding oracle.\n\n This update changes the openssl library to:\n\n * Disable SSLv2 protocol support by default.\n\n This can be overridden by setting the environment variable\n "OPENSSL_ALLOW_SSL2" or by using SSL_CTX_clear_options using the\n SSL_OP_NO_SSLv2 flag.\n\n Note that various services and clients had already disabled SSL\n protocol 2 by default previously.\n\n * Disable all weak EXPORT ciphers by default. These can be reenabled if\n required by old legacy software using the environment variable\n "OPENSSL_ALLOW_EXPORT".\n\n - CVE-2016-0797 (bnc#968048): The BN_hex2bn() and BN_dec2bn() functions\n had a bug that could result in an attempt to de-reference a NULL pointer\n leading to crashes. This could have security consequences if these\n functions were ever called by user applications with large untrusted\n hex/decimal data. Also, internal usage of these functions in OpenSSL\n uses data from config files or application command line arguments. If\n user developed applications generated config file data based on\n untrusted data, then this could have had security consequences as well.\n\n - CVE-2016-0799 (bnc#968374) On many 64 bit systems, the internal fmtstr()\n and doapr_outch() functions could miscalculate the length of a string\n and attempt to access out-of-bounds memory locations. These problems\n could have enabled attacks where large amounts of untrusted data is\n passed to the BIO_*printf functions. If applications use these functions\n in this way then they could have been vulnerable. OpenSSL itself uses\n these functions when printing out human-readable dumps of ASN.1 data.\n Therefore applications that print this data could have been vulnerable\n if the data is from untrusted sources. OpenSSL command line applications\n could also have been vulnerable when they print out ASN.1 data, or if\n untrusted data is passed as command line arguments. Libssl is not\n considered directly vulnerable.\n\n\n - The package was updated to 0.9.8zh:\n * fixes many security vulnerabilities (not seperately listed):\n CVE-2015-3195, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790,\n CVE-2015-1792, CVE-2015-1791, CVE-2015-0286, CVE-2015-0287,\n CVE-2015-0289, CVE-2015-0293, CVE-2015-0209, CVE-2015-0288,\n CVE-2014-3571, CVE-2014-3569, CVE-2014-3572, CVE-2015-0204,\n CVE-2014-8275, CVE-2014-3570, CVE-2014-3567, CVE-2014-3568,\n CVE-2014-3566, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506,\n CVE-2014-3505, CVE-2014-3508, CVE-2014-0224, CVE-2014-0221,\n CVE-2014-0195, CVE-2014-3470, CVE-2014-0076, CVE-2013-0169,\n CVE-2013-0166\n\n - avoid running OPENSSL_config twice. This avoids breaking engine loading.\n (boo#952871, boo#967787)\n\n - fix CVE-2015-3197 (boo#963415)\n * SSLv2 doesn't block disabled ciphers\n\n", "published": "2016-03-03T14:11:44", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "cvelist": ["CVE-2013-0166", "CVE-2014-3505", "CVE-2014-3508", "CVE-2015-1792", "CVE-2014-3566", "CVE-2015-3197", "CVE-2014-3572", "CVE-2015-1789", "CVE-2013-0169", "CVE-2015-0286", "CVE-2014-3507", "CVE-2015-3195", "CVE-2014-3571", "CVE-2014-0076", "CVE-2016-0799", "CVE-2015-0288", "CVE-2014-0224", "CVE-2014-8275", "CVE-2016-0797", "CVE-2014-3570", "CVE-2014-3470", "CVE-2014-3506", "CVE-2015-0293", "CVE-2015-1788", "CVE-2014-0195", "CVE-2015-0209", "CVE-2014-3567", "CVE-2015-0204", "CVE-2016-0800", "CVE-2015-1790", "CVE-2014-3510", "CVE-2015-0287", "CVE-2015-0289", "CVE-2014-3568", "CVE-2014-3569", "CVE-2015-1791", "CVE-2014-0221"], "lastseen": "2016-09-04T12:32:46"}, {"id": "SUSE-SU-2015:0946-1", "type": "suse", "title": "Security update for MySQL (important)", "description": "MySQL was updated to version 5.5.43 to fix several security and non\n security issues:\n\n * CVEs fixed: CVE-2014-3569, CVE-2014-3570, CVE-2014-3571,\n CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205,\n CVE-2015-0206, CVE-2015-0405, CVE-2015-0423, CVE-2015-0433,\n CVE-2015-0438, CVE-2015-0439, CVE-2015-0441, CVE-2015-0498,\n CVE-2015-0499, CVE-2015-0500, CVE-2015-0501, CVE-2015-0503,\n CVE-2015-0505, CVE-2015-0506, CVE-2015-0507, CVE-2015-0508,\n CVE-2015-0511, CVE-2015-2566, CVE-2015-2567, CVE-2015-2568,\n CVE-2015-2571, CVE-2015-2573, CVE-2015-2576.\n * Fix integer overflow in regcomp (Henry Spencer's regex library) for\n excessively long pattern strings. (bnc#922043, CVE-2015-2305)\n\n For a comprehensive list of changes, refer to\n <a rel=\"nofollow\" href=\"http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-43.html\">http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-43.html</a>\n <<a rel=\"nofollow\" href=\"http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-43.html\">http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-43.html</a>> .\n\n Security Issues:\n\n * CVE-2014-3569\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569</a>>\n * CVE-2014-3570\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570</a>>\n * CVE-2014-3571\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571</a>>\n * CVE-2014-3572\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572</a>>\n * CVE-2014-8275\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275</a>>\n * CVE-2015-0204\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204</a>>\n * CVE-2015-0205\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205</a>>\n * CVE-2015-0206\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206</a>>\n * CVE-2015-0405\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0405\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0405</a>>\n * CVE-2015-0423\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0423\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0423</a>>\n * CVE-2015-0433\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0433\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0433</a>>\n * CVE-2015-0438\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0438\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0438</a>>\n * CVE-2015-0439\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0439\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0439</a>>\n * CVE-2015-0441\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0441\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0441</a>>\n * CVE-2015-0498\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0498\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0498</a>>\n * CVE-2015-0499\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0499\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0499</a>>\n * CVE-2015-0500\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0500\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0500</a>>\n * CVE-2015-0501\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0501\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0501</a>>\n * CVE-2015-0503\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0503\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0503</a>>\n * CVE-2015-0505\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0505\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0505</a>>\n * CVE-2015-0506\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0506\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0506</a>>\n * CVE-2015-0507\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0507\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0507</a>>\n * CVE-2015-0508\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0508\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0508</a>>\n * CVE-2015-0511\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0511\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0511</a>>\n * CVE-2015-2566\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2566\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2566</a>>\n * CVE-2015-2567\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2567\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2567</a>>\n * CVE-2015-2568\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2568\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2568</a>>\n * CVE-2015-2571\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2571\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2571</a>>\n * CVE-2015-2573\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2573\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2573</a>>\n * CVE-2015-2576\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2576\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2576</a>>\n * CVE-2015-2305\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305</a>>\n\n", "published": "2015-05-26T15:04:53", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", "cvelist": ["CVE-2015-2576", "CVE-2015-2567", "CVE-2014-3572", "CVE-2015-0206", "CVE-2015-2568", "CVE-2015-0506", "CVE-2014-3571", "CVE-2015-0511", "CVE-2015-2305", "CVE-2015-0501", "CVE-2015-0439", "CVE-2015-0507", "CVE-2015-2571", "CVE-2014-8275", "CVE-2014-3570", "CVE-2015-0503", "CVE-2015-0500", "CVE-2015-0405", "CVE-2015-0204", "CVE-2015-2566", "CVE-2015-0423", "CVE-2015-0498", "CVE-2015-0438", "CVE-2015-0499", "CVE-2015-0433", "CVE-2015-0441", "CVE-2015-0508", "CVE-2015-0505", "CVE-2015-2573", "CVE-2015-0205", "CVE-2014-3569"], "lastseen": "2016-09-04T12:13:42"}], "oracle": [{"id": "ORACLE:CPUAPR2015-2365600", "type": "oracle", "title": "Oracle Critical Patch Update - April 2015", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n \n\n\n**Oracle continues to periodically receive reports of malicious exploitation of vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that malicious attackers have been successful because customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\n \n\n\nThis Critical Patch Update contains 98 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n \n\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n\n \n\n", "published": "2015-04-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "", "cvelist": ["CVE-2015-2576", "CVE-2015-0489", "CVE-2015-0466", "CVE-2015-0473", "CVE-2015-0455", "CVE-2015-0484", "CVE-2014-3566", "CVE-2015-0504", "CVE-2015-0482", "CVE-2015-0235", "CVE-2015-0493", "CVE-2015-0463", "CVE-2015-2579", "CVE-2015-0474", "CVE-2015-0492", "CVE-2014-7809", "CVE-2015-0495", "CVE-2015-0440", "CVE-2015-2567", "CVE-2014-3572", "CVE-2015-0206", "CVE-2015-0502", "CVE-2015-0477", "CVE-2015-0469", "CVE-2015-2568", "CVE-2015-0506", "CVE-2015-2575", "CVE-2015-0447", "CVE-2014-3571", "CVE-2015-0476", "CVE-2015-0511", "CVE-2015-0458", "CVE-2015-0483", "CVE-2014-0116", "CVE-2015-0487", "CVE-2015-0453", "CVE-2015-2572", "CVE-2015-0490", "CVE-2015-2574", "CVE-2015-0510", "CVE-2015-0497", "CVE-2015-0501", "CVE-2015-0450", "CVE-2015-0439", "CVE-2015-0448", "CVE-2015-0472", "CVE-2015-0462", "CVE-2015-0459", "CVE-2015-0507", "CVE-2015-2571", "CVE-2015-0475", "CVE-2014-8275", "CVE-2015-2570", "CVE-2014-3570", "CVE-2015-0509", "CVE-2015-0494", "CVE-2015-0461", "CVE-2015-0503", "CVE-2015-0449", "CVE-2014-0050", "CVE-2015-0500", "CVE-2015-0405", "CVE-2013-4286", "CVE-2015-0451", "CVE-2015-2577", "CVE-2014-1568", "CVE-2015-0478", "CVE-2015-2565", "CVE-2015-0496", "CVE-2015-0204", "CVE-2014-0094", "CVE-2015-2578", "CVE-2015-2566", "CVE-2015-0460", "CVE-2015-0488", "CVE-2015-0470", "CVE-2015-0471", "CVE-2015-0423", "CVE-2015-0498", "CVE-2014-0113", "CVE-2015-0438", "CVE-2015-0480", "CVE-2015-0499", "CVE-2015-0433", "CVE-2015-0441", "CVE-2015-0486", "CVE-2015-0452", "CVE-2014-0112", "CVE-2015-0508", "CVE-2015-0457", "CVE-2015-0505", "CVE-2015-0465", "CVE-2015-0479", "CVE-2015-2573", "CVE-2015-0205", "CVE-2015-0485", "CVE-2014-3569", "CVE-2015-0464", "CVE-2015-0491", "CVE-2015-0456", "CVE-2013-4545"], "lastseen": "2018-04-18T20:23:52"}, {"id": "ORACLE:CPUJUL2015-2367936", "type": "oracle", "title": "Oracle Critical Patch Update - July 2015", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n \n\n\n**Oracle continues to periodically receive reports of malicious exploitation of vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that malicious attackers have been successful because customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\n \n\n\nThis Critical Patch Update contains 193 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n \n\n\n** Please note that on May 15, 2015, Oracle released [Security Alert for CVE-2015-3456 (QEMU \"Venom\")](<http://www.oracle.com/technetwork/topics/security/alert-cve-2015-3456-2542656.html>). Customers of affected Oracle products are strongly advised to apply the fixes and/or configuration steps that were announced for CVE-2015-3456. **\n\n \n\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n\n \n\n", "published": "2015-07-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "", "cvelist": ["CVE-2015-1926", "CVE-2015-1802", "CVE-2015-4000", "CVE-2015-2591", "CVE-2015-0443", "CVE-2015-1803", "CVE-2015-4771", "CVE-2015-2627", "CVE-2015-2615", "CVE-2014-3566", "CVE-2015-4764", "CVE-2015-4774", "CVE-2015-2601", "CVE-2015-4738", "CVE-2014-8098", "CVE-2015-0235", "CVE-2015-4729", "CVE-2015-1804", "CVE-2015-4751", "CVE-2015-0444", "CVE-2015-0445", "CVE-2015-4749", "CVE-2014-8092", "CVE-2015-4758", "CVE-2014-7809", "CVE-2015-2643", "CVE-2015-4770", "CVE-2015-4747", "CVE-2015-2661", "CVE-2015-4778", "CVE-2015-2632", "CVE-2015-2625", "CVE-2015-2617", "CVE-2015-4784", "CVE-2015-2664", "CVE-2015-2605", "CVE-2015-2597", "CVE-2015-4785", "CVE-2015-4732", "CVE-2015-2653", "CVE-2014-3572", "CVE-2014-3613", "CVE-2015-0206", "CVE-2014-0227", "CVE-2015-2595", "CVE-2015-4782", "CVE-2015-0286", "CVE-2015-3244", "CVE-2015-2648", "CVE-2015-2657", "CVE-2014-0230", "CVE-2014-8100", "CVE-2015-4789", "CVE-2015-2581", "CVE-2015-2613", "CVE-2015-2658", "CVE-2014-3571", "CVE-2015-4736", "CVE-2015-2599", "CVE-2013-2251", "CVE-2013-5704", "CVE-2015-4739", "CVE-2015-0288", "CVE-2015-4790", "CVE-2013-6422", "CVE-2015-2589", "CVE-2010-1324", "CVE-2015-2623", "CVE-2015-2631", "CVE-2010-4020", "CVE-2015-2596", "CVE-2015-4763", "CVE-2015-0285", "CVE-2015-4783", "CVE-2015-2620", "CVE-2015-2650", "CVE-2011-3389", "CVE-2015-2654", "CVE-2015-0207", "CVE-2015-2607", "CVE-2015-2639", "CVE-2015-2611", "CVE-2015-2645", "CVE-2015-2634", "CVE-2015-2594", "CVE-2014-8275", "CVE-2015-3456", "CVE-2015-0467", "CVE-2015-2584", "CVE-2015-0208", "CVE-2015-2808", "CVE-2013-0249", "CVE-2014-3570", "CVE-2015-2590", "CVE-2015-2656", "CVE-2015-2626", "CVE-2015-2628", "CVE-2015-4768", "CVE-2015-4761", "CVE-2015-4745", "CVE-2015-4750", "CVE-2014-0139", "CVE-2015-2635", "CVE-2015-4756", "CVE-2015-2647", "CVE-2014-3707", "CVE-2015-0293", "CVE-2015-2600", "CVE-2015-2580", "CVE-2014-8097", "CVE-2014-8101", "CVE-2015-2640", "CVE-2015-4733", "CVE-2015-2646", "CVE-2014-1568", "CVE-2015-2651", "CVE-2015-2603", "CVE-2014-8091", "CVE-2015-4765", "CVE-2015-2660", "CVE-2015-2604", "CVE-2015-0255", "CVE-2015-4772", "CVE-2015-2662", "CVE-2015-4735", "CVE-2015-0468", "CVE-2015-4779", "CVE-2015-0209", "CVE-2015-2585", "CVE-2013-2186", "CVE-2014-3567", "CVE-2015-2614", "CVE-2014-0015", "CVE-2015-4737", "CVE-2015-4776", "CVE-2015-4757", "CVE-2015-4728", "CVE-2015-2637", "CVE-2015-2606", "CVE-2015-4769", "CVE-2015-0204", "CVE-2015-2621", "CVE-2015-4786", "CVE-2015-4787", "CVE-2015-2638", "CVE-2015-4740", "CVE-2015-2619", "CVE-2015-4731", "CVE-2014-8095", "CVE-2015-4727", "CVE-2015-4741", "CVE-2015-2636", "CVE-2015-2659", "CVE-2015-2655", "CVE-2015-4775", "CVE-2015-4773", "CVE-2014-8102", "CVE-2015-0291", "CVE-2015-4746", "CVE-2015-2629", "CVE-2014-8096", "CVE-2015-4788", "CVE-2015-4755", "CVE-2015-2602", "CVE-2015-4748", "CVE-2015-0287", "CVE-2015-2622", "CVE-2015-2610", "CVE-2012-0036", "CVE-2013-2174", "CVE-2015-2663", "CVE-2015-4742", "CVE-2014-8093", "CVE-2015-0289", "CVE-2015-2652", "CVE-2015-4759", "CVE-2015-0446", "CVE-2015-0292", "CVE-2015-2582", "CVE-2015-4780", "CVE-2014-1569", "CVE-2015-4781", "CVE-2015-2618", "CVE-2015-2641", "CVE-2015-2593", "CVE-2015-4744", "CVE-2015-2598", "CVE-2014-0138", "CVE-2015-2587", "CVE-2015-2630", "CVE-2015-2592", "CVE-2015-4767", "CVE-2015-0290", "CVE-2015-2616", "CVE-2015-0205", "CVE-2015-2624", "CVE-2015-2609", "CVE-2015-4777", "CVE-2010-1323", "CVE-2015-1787", "CVE-2015-4754", "CVE-2014-3569", "CVE-2015-2588", "CVE-2015-4760", "CVE-2015-2583", "CVE-2015-4743", "CVE-2013-4545", "CVE-2015-4752", "CVE-2015-2586", "CVE-2015-4753", "CVE-2015-2649", "CVE-2015-2612", "CVE-2015-2644"], "lastseen": "2018-04-18T20:24:06"}, {"id": "ORACLE:CPUOCT2015-2367953", "type": "oracle", "title": "Oracle Critical Patch Update - October 2015", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n \n\n\n**Oracle continues to periodically receive reports of malicious exploitation of vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that malicious attackers have been successful because customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\n \n\n\nThis Critical Patch Update contains 153 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n \n\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n\n \n\n", "published": "2015-10-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "", "cvelist": ["CVE-2015-4894", "CVE-2015-4000", "CVE-2015-4851", "CVE-2015-4895", "CVE-2015-4905", "CVE-2015-4866", "CVE-2015-4832", "CVE-2015-4822", "CVE-2015-4830", "CVE-2015-1792", "CVE-2015-4804", "CVE-2015-4816", "CVE-2015-0235", "CVE-2015-1793", "CVE-2015-4793", "CVE-2015-4863", "CVE-2014-7923", "CVE-2015-4913", "CVE-2015-4892", "CVE-2014-0191", "CVE-2015-4796", "CVE-2015-4864", "CVE-2015-4794", "CVE-2015-4887", "CVE-2015-2642", "CVE-2015-4860", "CVE-2015-3236", "CVE-2015-4868", "CVE-2014-3572", "CVE-2015-0206", "CVE-1999-0377", "CVE-2015-1789", "CVE-2015-4820", "CVE-2015-4903", "CVE-2015-0286", "CVE-2015-4906", "CVE-2014-8150", "CVE-2015-4843", "CVE-2015-4842", "CVE-2015-4910", "CVE-2015-4872", "CVE-2015-4846", "CVE-2014-3576", "CVE-2015-2522", "CVE-2015-4876", "CVE-2014-3571", "CVE-2015-4883", "CVE-2015-0288", "CVE-2014-7940", "CVE-2015-4858", "CVE-2015-4802", "CVE-2015-4882", "CVE-2015-4801", "CVE-2015-4878", "CVE-2015-4799", "CVE-2015-4811", "CVE-2015-4834", "CVE-2015-4762", "CVE-2015-0285", "CVE-2015-4815", "CVE-2015-4812", "CVE-2015-4839", "CVE-2015-4798", "CVE-2015-4891", "CVE-2015-4734", "CVE-2015-4899", "CVE-2015-3153", "CVE-2015-0207", "CVE-2015-4865", "CVE-2015-4915", "CVE-2015-4871", "CVE-2015-4800", "CVE-2014-8275", "CVE-2015-4869", "CVE-2015-0208", "CVE-2015-4828", "CVE-2015-4803", "CVE-2015-4875", "CVE-2015-4902", "CVE-2014-3570", "CVE-2015-4917", "CVE-2015-4909", "CVE-2015-4791", "CVE-2015-4805", "CVE-2015-4849", "CVE-2015-4879", "CVE-2015-4888", "CVE-2015-4838", "CVE-2015-4850", "CVE-2014-8147", "CVE-2015-4806", "CVE-2015-4825", "CVE-2015-3144", "CVE-2015-4797", "CVE-2015-4792", "CVE-2015-4837", "CVE-2015-4904", "CVE-2015-4810", "CVE-2015-4827", "CVE-2014-0050", "CVE-2015-4817", "CVE-2015-4908", "CVE-2014-3707", "CVE-2015-4912", "CVE-2015-0293", "CVE-2015-4833", "CVE-2015-4847", "CVE-2015-4848", "CVE-2015-4730", "CVE-2015-4819", "CVE-2015-4896", "CVE-2015-1788", "CVE-2015-2633", "CVE-2015-4807", "CVE-2014-8146", "CVE-2015-4901", "CVE-2015-4835", "CVE-2015-0209", "CVE-2015-3183", "CVE-2015-4873", "CVE-2015-4766", "CVE-2015-4795", "CVE-2015-4907", "CVE-2015-0204", "CVE-2014-7926", "CVE-2015-4859", "CVE-2015-1829", "CVE-2015-4898", "CVE-2015-4874", "CVE-2015-4836", "CVE-2015-4824", "CVE-2015-1790", "CVE-2015-4900", "CVE-2015-4831", "CVE-2015-4861", "CVE-2015-0291", "CVE-2015-4911", "CVE-2015-4886", "CVE-2015-2608", "CVE-2015-4809", "CVE-2015-4877", "CVE-2015-4844", "CVE-2015-4870", "CVE-2015-4881", "CVE-2015-4840", "CVE-2015-4854", "CVE-2015-0287", "CVE-2015-4856", "CVE-2015-4845", "CVE-2015-4914", "CVE-2015-4893", "CVE-2015-0289", "CVE-2015-4916", "CVE-2015-4826", "CVE-2015-0292", "CVE-2014-1569", "CVE-2015-4862", "CVE-2010-1622", "CVE-2015-4857", "CVE-2015-4890", "CVE-2015-4867", "CVE-2015-0290", "CVE-2015-0205", "CVE-2015-4884", "CVE-2015-4813", "CVE-2015-4841", "CVE-2015-1787", "CVE-2014-3569", "CVE-2015-4818", "CVE-2015-4880", "CVE-2015-1791", "CVE-2015-4823", "CVE-2015-4821"], "lastseen": "2018-04-18T20:24:08"}, {"id": "ORACLE:CPUJUL2016-2881720", "type": "oracle", "title": "Oracle Critical Patch Update - July 2016", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 276 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\nPlease note that the vulnerabilities in this Critical Patch Update are scored using versions 3.0 of Common Vulnerability Scoring Standard (CVSS).\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "published": "2016-07-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "", "cvelist": ["CVE-2015-5600", "CVE-2016-5465", "CVE-2015-4000", "CVE-2016-3446", "CVE-2016-3508", "CVE-2016-3547", "CVE-2016-3529", "CVE-2016-5452", "CVE-2016-5445", "CVE-2016-1548", "CVE-2016-2518", "CVE-2016-3485", "CVE-2016-3444", "CVE-2015-1792", "CVE-2014-3566", "CVE-2016-3552", "CVE-2015-0235", "CVE-2016-3615", "CVE-2015-1793", "CVE-2016-3491", "CVE-2016-3553", "CVE-2016-3477", "CVE-2016-3613", "CVE-2016-5477", "CVE-2016-3488", "CVE-2015-3197", "CVE-2016-3592", "CVE-2016-3573", "CVE-2016-3494", "CVE-2016-5466", "CVE-2016-5019", "CVE-2015-3236", "CVE-2016-3544", "CVE-2014-3572", "CVE-2016-0705", "CVE-2016-3545", "CVE-2016-3611", "CVE-2015-7181", "CVE-2015-0206", "CVE-2015-1789", "CVE-2016-3597", "CVE-2016-3598", "CVE-2016-5455", "CVE-2016-3574", "CVE-2015-8138", "CVE-2016-3500", "CVE-2016-5472", "CVE-2016-4051", "CVE-2016-3445", "CVE-2016-5454", "CVE-2016-3554", "CVE-2016-5458", "CVE-2015-3195", "CVE-2016-0798", "CVE-2016-3570", "CVE-2016-3432", "CVE-2016-3515", "CVE-2016-2108", "CVE-2016-5447", "CVE-2016-3474", "CVE-2016-3528", "CVE-2016-5440", "CVE-2016-3580", "CVE-2014-3571", "CVE-2016-5450", "CVE-2016-3496", "CVE-2016-3555", "CVE-2016-3596", "CVE-2016-1938", "CVE-2016-5468", "CVE-2016-3481", "CVE-2016-3563", "CVE-2016-0799", "CVE-2016-3539", "CVE-2016-3507", "CVE-2016-3584", "CVE-2016-3519", "CVE-2016-5460", "CVE-2016-3472", "CVE-2016-3583", "CVE-2016-5471", "CVE-2016-3511", "CVE-2016-3479", "CVE-2016-3499", "CVE-2013-2064", "CVE-2014-0224", "CVE-2016-5467", "CVE-2016-0635", "CVE-2016-3498", "CVE-2016-2105", "CVE-2016-3560", "CVE-2016-3514", "CVE-2016-5453", "CVE-2016-3440", "CVE-2016-4052", "CVE-2015-3194", "CVE-2016-2107", "CVE-2016-3607", "CVE-2016-3556", "CVE-2016-3512", "CVE-2016-3532", "CVE-2015-7501", "CVE-2016-1550", "CVE-2016-3475", "CVE-2015-3253", "CVE-2016-0701", "CVE-2016-3476", "CVE-2016-3588", "CVE-2016-3424", "CVE-2016-3471", "CVE-2016-1182", "CVE-2015-7704", "CVE-2016-3585", "CVE-2016-5444", "CVE-2016-3538", "CVE-2014-8275", "CVE-2016-3452", "CVE-2015-7979", "CVE-2016-3549", "CVE-2016-0797", "CVE-2015-7182", "CVE-2016-0702", "CVE-2015-2808", "CVE-2014-3570", "CVE-2016-5451", "CVE-2015-7575", "CVE-2016-3577", "CVE-2016-3591", "CVE-2016-3567", "CVE-2016-3467", "CVE-2016-3537", "CVE-2016-3593", "CVE-2016-3606", "CVE-2016-5456", "CVE-2016-3468", "CVE-2016-3540", "CVE-2016-2109", "CVE-2016-3559", "CVE-2016-5476", "CVE-2015-2721", "CVE-2016-3530", "CVE-2015-3193", "CVE-2014-9708", "CVE-2016-5473", "CVE-2016-3568", "CVE-2016-3453", "CVE-2016-5464", "CVE-2016-5462", "CVE-2016-3490", "CVE-2016-3572", "CVE-2016-3513", "CVE-2012-3137", "CVE-2015-0228", "CVE-2016-3509", "CVE-2015-3237", "CVE-2016-3565", "CVE-2016-5437", "CVE-2016-3534", "CVE-2016-3503", "CVE-2015-7183", "CVE-2016-3550", "CVE-2015-1788", "CVE-2016-3525", "CVE-2016-3587", "CVE-2016-3561", "CVE-2016-3504", "CVE-2016-3581", "CVE-2016-3501", "CVE-2016-5457", "CVE-2016-1547", "CVE-2015-3183", "CVE-2016-3614", "CVE-2012-3410", "CVE-2016-5461", "CVE-2016-5439", "CVE-2015-0204", "CVE-2016-5449", "CVE-2016-3578", "CVE-2016-3527", "CVE-2016-0800", "CVE-2016-3489", "CVE-2016-3483", "CVE-2016-3433", "CVE-2016-5459", "CVE-2016-1181", "CVE-2016-3450", "CVE-2016-3524", "CVE-2016-5442", "CVE-2016-3564", "CVE-2016-5470", "CVE-2013-2566", "CVE-2016-2176", "CVE-2015-1790", "CVE-2016-3542", "CVE-2016-1978", "CVE-2016-3575", "CVE-2016-3531", "CVE-2016-3502", "CVE-2016-3459", "CVE-2016-5446", "CVE-2016-3480", "CVE-2016-3533", "CVE-2016-5469", "CVE-2016-3526", "CVE-2016-5448", "CVE-2016-3486", "CVE-2016-3448", "CVE-2016-5474", "CVE-2016-5436", "CVE-2016-3523", "CVE-2016-5441", "CVE-2016-5475", "CVE-2016-3576", "CVE-2016-3595", "CVE-2016-3610", "CVE-2016-3458", "CVE-2016-3484", "CVE-2016-3586", "CVE-2016-3520", "CVE-2016-3451", "CVE-2016-3582", "CVE-2015-5300", "CVE-2016-3497", "CVE-2016-3589", "CVE-2016-3517", "CVE-2016-3608", "CVE-2016-3510", "CVE-2016-3493", "CVE-2016-3536", "CVE-2016-3548", "CVE-2016-3506", "CVE-2016-3571", "CVE-2016-3487", "CVE-2016-3546", "CVE-2016-5463", "CVE-2016-3541", "CVE-2016-3081", "CVE-2016-3521", "CVE-2015-0205", "CVE-2016-4053", "CVE-2016-3579", "CVE-2016-5443", "CVE-2016-3557", "CVE-2016-3558", "CVE-2016-2106", "CVE-2016-3594", "CVE-2016-3478", "CVE-2016-3522", "CVE-2016-3535", "CVE-2016-3543", "CVE-2016-3612", "CVE-2014-3569", "CVE-2016-3470", "CVE-2016-3518", "CVE-2016-3516", "CVE-2015-1791", "CVE-2016-3569", "CVE-2016-3482", "CVE-2016-3590", "CVE-2015-8104", "CVE-2016-3609", "CVE-2016-3566", "CVE-2016-3469"], "lastseen": "2018-04-18T20:23:41"}, {"id": "ORACLE:CPUOCT2017-3236626", "type": "oracle", "title": "Oracle Critical Patch Update - October 2017", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 252 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2017 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2310031.1>).\n\nPlease note that on September 22, 2017, Oracle released [Security Alert for CVE-2017-9805](<http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html>). Customers of affected Oracle product(s) are strongly advised to apply the fixes that were announced in this Security Alert as well as those contained in this Critical Patch update\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "published": "2017-10-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "", "cvelist": ["CVE-2017-10324", "CVE-2017-10167", "CVE-2017-10014", "CVE-2017-10417", "CVE-2017-10037", "CVE-2015-5351", "CVE-2015-5254", "CVE-2017-10270", "CVE-2017-10387", "CVE-2017-10360", "CVE-2015-1792", "CVE-2017-10321", "CVE-2017-10060", "CVE-2015-0235", "CVE-2015-1793", "CVE-2017-10404", "CVE-2017-10311", "CVE-2017-10421", "CVE-2017-10353", "CVE-2017-10260", "CVE-2017-10203", "CVE-2016-9840", "CVE-2017-10419", "CVE-2017-10424", "CVE-2017-10399", "CVE-2017-10293", "CVE-2015-3197", "CVE-2017-10299", "CVE-2017-10158", "CVE-2017-10379", "CVE-2017-10414", "CVE-2017-10054", "CVE-2017-10357", "CVE-2017-10197", "CVE-2017-10361", "CVE-2017-10356", "CVE-2016-5019", "CVE-2017-10322", "CVE-2017-10323", "CVE-2017-10066", "CVE-2014-3572", "CVE-2017-5709", "CVE-2016-6306", "CVE-2017-5462", "CVE-2014-3613", "CVE-2017-7502", "CVE-2015-7181", "CVE-2015-0206", "CVE-2017-10369", "CVE-2015-1789", "CVE-2016-2183", "CVE-2017-10349", "CVE-2017-10284", "CVE-2017-10294", "CVE-2017-10325", "CVE-2017-10416", "CVE-2015-0286", "CVE-2017-10341", "CVE-2017-10420", "CVE-2017-10418", "CVE-2017-10367", "CVE-2016-2178", "CVE-2017-10164", "CVE-2013-1903", "CVE-2017-10400", "CVE-2017-3167", "CVE-2017-10281", "CVE-2015-3195", "CVE-2017-10351", "CVE-2017-10359", "CVE-2017-10381", "CVE-2017-10406", "CVE-2017-10348", "CVE-2017-10372", "CVE-2014-8714", "CVE-2017-10034", "CVE-2017-10328", "CVE-2016-0714", "CVE-2016-3092", "CVE-2014-3571", "CVE-2017-10397", "CVE-2017-10388", "CVE-2017-10330", "CVE-2017-10407", "CVE-2014-0076", "CVE-2017-10033", "CVE-2017-10342", "CVE-2017-10415", "CVE-2017-10408", "CVE-2016-6302", "CVE-2017-10344", "CVE-2017-10354", "CVE-2017-10338", "CVE-2017-10296", "CVE-2017-10292", "CVE-2017-10402", "CVE-2014-3587", "CVE-2017-10306", "CVE-2017-10365", "CVE-2017-10337", "CVE-2017-10426", "CVE-2016-8745", "CVE-2016-2177", "CVE-2017-10380", "CVE-2015-0288", "CVE-2017-10332", "CVE-2017-10378", "CVE-2014-0224", "CVE-2017-10026", "CVE-2017-10276", "CVE-2016-0635", "CVE-2017-10409", "CVE-2017-10166", "CVE-2017-10427", "CVE-2017-10422", "CVE-2015-3194", "CVE-2017-10355", "CVE-2017-10163", "CVE-2016-6515", "CVE-2017-10326", "CVE-2015-0285", "CVE-2016-2107", "CVE-2017-10153", "CVE-2016-7055", "CVE-2017-10382", "CVE-2015-7501", "CVE-2017-10364", "CVE-2017-10319", "CVE-2015-3253", "CVE-2017-3731", "CVE-2016-6307", "CVE-2016-0701", "CVE-2017-10398", "CVE-2017-10051", "CVE-2017-10308", "CVE-2017-10320", "CVE-2017-10287", "CVE-2017-10412", "CVE-2017-10334", "CVE-2016-9842", "CVE-2016-2834", "CVE-2017-10283", "CVE-2015-0899", "CVE-2017-10152", "CVE-2017-10264", "CVE-2016-1182", "CVE-2014-0065", "CVE-2016-0763", "CVE-2015-0207", "CVE-2017-10155", "CVE-2017-10271", "CVE-2017-10286", "CVE-2017-10304", "CVE-2016-6308", "CVE-2016-6816", "CVE-2016-7433", "CVE-2014-4342", "CVE-2017-5662", "CVE-2014-8275", "CVE-2016-2180", "CVE-2017-10411", "CVE-2017-10313", "CVE-2017-10194", "CVE-2015-7182", "CVE-2015-0208", "CVE-2015-2808", "CVE-2017-10347", "CVE-2014-3570", "CVE-2017-10227", "CVE-2015-7575", "CVE-2017-10370", "CVE-2017-10261", "CVE-2017-10425", "CVE-2017-5706", "CVE-2015-3196", "CVE-2017-10428", "CVE-2014-3470", "CVE-2017-10362", "CVE-2017-10309", "CVE-2016-2181", "CVE-2017-10391", "CVE-2016-6304", "CVE-2015-3193", "CVE-2017-10263", "CVE-2014-3538", "CVE-2017-10403", "CVE-2014-0114", "CVE-2017-10159", "CVE-2017-10410", "CVE-2017-3732", "CVE-2017-10383", "CVE-2017-10339", "CVE-2017-10340", "CVE-2014-0050", "CVE-2017-10327", "CVE-2017-10396", "CVE-2017-10300", "CVE-2014-3707", "CVE-2014-0064", "CVE-2017-10343", "CVE-2015-0293", "CVE-2017-10165", "CVE-2017-10316", "CVE-2017-3445", "CVE-2017-10373", "CVE-2016-1979", "CVE-2017-10363", "CVE-2017-10352", "CVE-2016-2381", "CVE-2014-8713", "CVE-2017-10279", "CVE-2015-7183", "CVE-2013-0255", "CVE-2017-10314", "CVE-2017-9805", "CVE-2015-1788", "CVE-2017-10055", "CVE-2014-0195", "CVE-2014-0198", "CVE-2017-10161", "CVE-2016-7052", "CVE-2015-0209", "CVE-2014-0063", "CVE-2016-1950", "CVE-2017-10333", "CVE-2015-0204", "CVE-2016-0706", "CVE-2013-0248", "CVE-2017-3733", "CVE-2017-5664", "CVE-2017-10312", "CVE-2017-10366", "CVE-2014-0060", "CVE-2017-10318", "CVE-2016-7429", "CVE-2016-1181", "CVE-2017-10268", "CVE-2017-10285", "CVE-2017-3446", "CVE-2017-10392", "CVE-2017-10413", "CVE-2016-9843", "CVE-2013-2566", "CVE-2016-8735", "CVE-2015-1790", "CVE-2017-10394", "CVE-2017-9788", "CVE-2017-10350", "CVE-2016-6305", "CVE-2016-6303", "CVE-2017-10275", "CVE-2017-10274", "CVE-2017-10190", "CVE-2013-1902", "CVE-2017-10315", "CVE-2015-0291", "CVE-2017-10317", "CVE-2017-10389", "CVE-2017-10385", "CVE-2017-10154", "CVE-2017-10395", "CVE-2017-3588", "CVE-2014-4345", "CVE-2017-10162", "CVE-2003-1418", "CVE-2016-2182", "CVE-2017-10358", "CVE-2017-10310", "CVE-2017-10077", "CVE-2017-10346", "CVE-2014-0062", "CVE-2017-10401", "CVE-2015-0287", "CVE-2017-7668", "CVE-2017-3444", "CVE-2017-10295", "CVE-2017-10393", "CVE-2017-10423", "CVE-2017-10280", "CVE-2017-5461", "CVE-2016-10165", "CVE-2014-0066", "CVE-2015-0289", "CVE-2016-9841", "CVE-2015-7940", "CVE-2017-3169", "CVE-2017-10065", "CVE-2016-5285", "CVE-2017-10368", "CVE-2015-0292", "CVE-2017-10375", "CVE-2017-10384", "CVE-2014-0107", "CVE-2017-10050", "CVE-2016-3506", "CVE-2017-10345", "CVE-2017-10303", "CVE-2017-10302", "CVE-2017-10259", "CVE-2017-10265", "CVE-2015-0290", "CVE-2017-3730", "CVE-2015-0205", "CVE-2017-10329", "CVE-2016-2179", "CVE-2017-10405", "CVE-2017-10277", "CVE-2016-6814", "CVE-2013-1900", "CVE-2015-1787", "CVE-2015-4852", "CVE-2014-0061", "CVE-2014-3569", "CVE-2017-10386", "CVE-2015-1791", "CVE-2017-10336", "CVE-2017-10335", "CVE-2016-7431", "CVE-2017-7679", "CVE-2014-0221", "CVE-2017-10331", "CVE-2017-10099"], "lastseen": "2018-04-18T20:23:54"}]}}
