Lucene search

K
huaweiHuawei TechnologiesHUAWEI-SA-20160706-01-OPENSSL
HistoryJul 06, 2016 - 12:00 a.m.

Security Advisory - Multiple Vulnerabilities in OpenSSL in May 2016

2016-07-0600:00:00
Huawei Technologies
www.huawei.com
40

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.969

Percentile

99.7%

On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI, and, lastly, one is specific to a product performing an operation with_ _Extended Binary Coded Decimal Interchange Code (EBCDIC) encoding.

1.OpenSSL Untrusted ASN.1 Structures Out-of-Bounds Write Vulnerability. A vulnerability in the ASN.1 encoder in OpenSSL could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2016-05002)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2108.

**2.**OpenSSL AES CBC Cipher Man-in-the-Middle Vulnerability. A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to decrypt and access sensitive information. (Vulnerability ID: HWPSIRT-2016-05261)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2107.

**3.**OpenSSL EVP_EncryptUpdate Function Overflow Heap Corruption Vulnerability. A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on a targeted system. (Vulnerability ID: HWPSIRT-2016-05262)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2106.

4.OpenSSL EVP_EncodeUpdate Function Overflow Vulnerability. A vulnerability in the EVP_EncodeUpdate() function in OpenSSL could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2016-05263)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2105.

**5.**OpenSSL d2i_CMS_bio Function Denial of Service Vulnerability. A vulnerability in OpenSSL could allow a local attacker to cause a denial of service (DoS) condition on a targeted system. (Vulnerability ID: HWPSIRT-2016-05264)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2109.

**6.OpenSSL ASN.1 Strings X509_NAME_oneline Function Overread Vulnerability.******A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to gain access to sensitive information on a targeted system. (Vulnerability ID: HWPSIRT-2016-05265)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2176.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160706-01-openssl-en

Affected configurations

Vulners
Node
huawei9032Match9032
OR
huawei9032Matchv100r001c00
OR
huaweiagile_controller-campusMatchv100r001c00
OR
huaweiagile_controller-campusMatchv100r002c00
OR
huaweiagile_controller-campusMatchv100r002c10
OR
huaweianyofficeMatchv200r002c20
OR
huaweianyofficeMatchv200r003c00
OR
huaweianyofficeMatchv200r005c00
OR
huaweiar510Matchv200r005c30
OR
huaweibh620Matchv100r001c00
OR
huaweibh620_v2_firmwareMatchv100r002c00
OR
huaweich221Matchv100r001c00
OR
huaweich225_v5Matchv100r001c00
OR
huaweie5372sMatche5372s-32tcpu-v200r001b290d23sp00c00
OR
huaweie5377bsMatche5377bs-605tcpu-v200r001b305d09sp00c00
OR
huaweie5786sMatche5786s-32atcpu-v200r001b313d15sp00c00
OR
huaweie5878sMatche5878s-32tcpu-v200r001b305d11sp00c00
OR
huaweie6000_chassis_firmwareMatchv100r001c00
OR
huaweie9000_chassisMatchv100r001c00
OR
huaweieemMatchv200r007c00
OR
huaweieemMatchv200r007c10
OR
huaweieemMatchv200r007c20
OR
huaweieemMatchv200r008c00
OR
huaweielogMatchv200r005c00
OR
huaweiesdk_platformMatchv100r005c30
OR
huaweiesightMatchv300r003c20
OR
huaweiesightMatchv300r005c00
OR
huaweiivsMatchv100r001c02spc100
OR
huaweieudemon8000e-x8Matchv300r001c01
OR
huaweieudemon8000e-x8Matchv500r001c00
OR
huaweifirehunter6000Matchv100r001c20
OR
huaweifusionaccessMatchv100r003c00
OR
huaweifusionaccessMatchv100r005c10
OR
huaweifusionaccessMatchv100r005c20
OR
huaweifusionaccessMatchv100r005c30
OR
huaweifusioninsight_hdMatchv100r002c50
OR
huaweifusioninsight_hdMatchv100r002c30
OR
huaweifusionmanagerMatchv100r003c10
OR
huaweifusionmanagerMatchv100r005c00
OR
huaweifusionmanagerMatchv100r005c10spc700
OR
huaweifusionmanagerMatchv100r006c00
OR
huaweifusionstorageMatchv100r003c02
OR
huaweifusionstorageMatchv100r003c30
OR
huaweifusionstorageMatchv100r003c00
OR
huaweig710-c00Matchv100r001c92b118
OR
huaweihonor_20Matchv100r001c205b027
OR
huaweihg255s-10Matchv100r001c163b013
OR
huaweihistbandroidMatchv600r001c00spc060
OR
huaweiibmcMatchv100r002c10
OR
huaweiibmcMatchv100r002c30
OR
huaweiivsMatchv100r002c10
OR
huaweilogcenterMatchv100r001c10
OR
huaweilogcenterMatchv100r001c20
OR
huaweimt992-10Matchmv100r001c01b002
OR
huaweioceanstor_18500_firmwareMatchv100r001c10
OR
huaweioceanstor_18800_firmwareMatchv300r003c00
OR
huaweioceanstor_5800_v3Match2860
OR
huaweioceanstor_5800_v3Matchv3
OR
huaweioceanstor_5800_v3Matchv300r001c00t
OR
huaweioceanstor_5600_v3_firmwareMatchv300r001c00
OR
huaweioceanstor_5600_v3_firmwareMatchv300r003c00
OR
huaweioceanstor_5600_v3_firmwareMatchv300r003c10
OR
huaweioceanstor_5800_v3Matchv300r002c00
OR
huaweioceanstor_9000_firmwareMatchv100r001c01
OR
huaweioceanstor_9000_firmwareMatchv100r001c30
OR
huaweioceanstor_ismMatch9000e
OR
huaweioceanstor_ismMatchv100r001c01
OR
huaweioceanstor_ismMatch9000e
OR
huaweioceanstor_ismMatchv100r002c00
OR
huaweioceanstor_ismMatch9000e
OR
huaweioceanstor_ismMatchv100r002c19
OR
huaweioceanstor_ismMatchv100r002c00
OR
huaweioceanstor_ismMatchv100r005c00
OR
huaweioceanstor_cse_firmwareMatchv100r002c00lsfm01b010
OR
huaweioceanstor_hvs85t_firmwareMatchhvs85t
OR
huaweioceanstor_hvs85t_firmwareMatchv100r001c30
OR
huaweioceanstor_hvs85t_firmwareMatchhvs85t
OR
huaweioceanstor_hvs85t_firmwareMatchv100r001c30
OR
huaweioceanstor_ismMatchv200r001c09
OR
huaweioceanstor_ismMatchv200r001c91
OR
huaweipolicy_centerMatchv100r003c00
OR
huaweipolicy_centerMatchv100r003c10
OR
huaweipublic_cloud_solutionMatch1.0.3
OR
huaweipublic_cloud_solutionMatchv100r001c00
OR
huaweirh1288_v3_firmwareMatchv100r003c00spc100
OR
huaweirh2285h_v2_firmwareMatchv100r002c00
OR
huaweirh5885_v2_firmwareMatchv100r001c00
OR
huaweirh5885_v3_firmwareMatchv100r003c00
OR
huaweirh5885_v3_firmwareMatchv100r003c01
OR
huaweifusionserver_rh8100_v3Matchv100r003c00
OR
huaweisoftvcnMatchv100r002c20
OR
huaweispeedport_hybridMatchv100r001c01b021
OR
huaweiusg9560Matchusg9560
OR
huaweiusg9560Matchv300r001c20
OR
huaweiusg9560Matchusg9560
OR
huaweiusg9560Matchv300r002c00
OR
huaweivcmMatchv100r001c10
OR
huaweivcm5010Matchvcm5010
OR
huaweivcm5010Matchv100r002c20
OR
huaweixh320Matchxh320
OR
huaweixh320Matchv100r001c00
OR
huaweixh620Matchxh620
OR
huaweixh620Matchv100r001c00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.969

Percentile

99.7%