Huawei TechnologiesHUAWEI-SA-20160706-01-OPENSSLSecurity Advisory - Multiple Vulnerabilities in OpenSSL in May 2016
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.969 High
EPSS
Percentile
99.7%
On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI, and, lastly, one is specific to a product performing an operation with_ _Extended Binary Coded Decimal Interchange Code (EBCDIC) encoding.
1.OpenSSL Untrusted ASN.1 Structures Out-of-Bounds Write Vulnerability. A vulnerability in the ASN.1 encoder in OpenSSL could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2016-05002)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2108.
**2.**OpenSSL AES CBC Cipher Man-in-the-Middle Vulnerability. A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to decrypt and access sensitive information. (Vulnerability ID: HWPSIRT-2016-05261)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2107.
**3.**OpenSSL EVP_EncryptUpdate Function Overflow Heap Corruption Vulnerability. A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on a targeted system. (Vulnerability ID: HWPSIRT-2016-05262)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2106.
4.OpenSSL EVP_EncodeUpdate Function Overflow Vulnerability. A vulnerability in the EVP_EncodeUpdate() function in OpenSSL could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2016-05263)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2105.
**5.**OpenSSL d2i_CMS_bio Function Denial of Service Vulnerability. A vulnerability in OpenSSL could allow a local attacker to cause a denial of service (DoS) condition on a targeted system. (Vulnerability ID: HWPSIRT-2016-05264)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2109.
**6.OpenSSL ASN.1 Strings X509_NAME_oneline Function Overread Vulnerability.******A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to gain access to sensitive information on a targeted system. (Vulnerability ID: HWPSIRT-2016-05265)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2176.
Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160706-01-openssl-en
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.969 High
EPSS
Percentile
99.7%