Security Bulletin: Vulnerabilities in OpenSSL affect IBM SDN VE (CVE-2014- 3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3509, CVE-2014-3510, CVE-2014- 3511)

Summary

Security vulnerabilities have been discovered in OpenSSL.

Vulnerability Details

CVEID:CVE-2014-3511
**DESCRIPTION:*OpenSSL could allow a remote attacker to bypass security restrictions, caused by the negotiation of TLS 1.0 instead of higher protocol versions by the OpenSSL SSL/TLS server code when handling a badly fragmented ClientHello message. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to TLS 1.0.
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/95162_ _for the current score CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:CVE-2014-3509

**DESCRIPTION:*OpenSSL is vulnerable to a denial of service, caused by a race condition in the ssl_parse_serverhello_tlsext() code. If a multithreaded client connects to a malicious server using a resumed session, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/95159_ _for the current score CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVEID:CVE-2014-3505

**DESCRIPTION:*OpenSSL is vulnerable to a denial of service, caused by a double-free error when handling DTLS packets. A remote attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/95163_ _for the current score CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:CVE-2014-3506

**DESCRIPTION:*OpenSSL is vulnerable to a denial of service, caused by an error when processing DTLS handshake messages. A remote attacker could exploit this vulnerability to consume an overly large amount of memory.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/95160_ _for the current score CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

**CVEID:**CVE-2014-3507
**DESCRIPTION:*OpenSSL is vulnerable to a denial of service. By sending speciallycrafted
DTLS packets, a remote attacker could exploit this vulnerability to leak memory
and cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/95161&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

**CVEID:**CVE-2014-3510
**DESCRIPTION:*OpenSSL is vulnerable to a denial of service, caused by a NULL
pointer dereference in anonymous ECDH ciphersuites. A remote attacker could exploit
this vulnerability using a malicious handshake to cause the client to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/95164&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Affected Products and Versions

IBM SDN VE, Unified Controller, VMware Edition: 1.2.1 and earlier
IBM SDN VE, Unified Controller, KVM Edition: 1.2.1 and earlier
IBM SDN VE, Unified Controller, OpenFlow Edition: 1.2.1 and earlier
IBM SDN VE, Dove Management Console, VMware Edition: 1.0.0

Remediation/Fixes

IBM recommends updating affected IBM SDN VE, Unified Controllers to the
latest versions of IBM SDN VE for which IBM is providing a fix, which are
identified below:

IBM SDN VE, Unified Controller, VMware Edition: version 1.2.2 or later
IBM SDN VE, Unified Controller, KVM Edition: version 1.2.2 or later
IBM SDN VE, Unified Controller, OpenFlow Edition: version 1.2.2 or later

These versions are available via Passport Advantage.

Workarounds and Mitigations

None known