DATABASE RESOURCES PRICING ABOUT US

{"id": "C83F675C530B12620988F0C65F58B32931125E0012C4B7C771823623ECB73255", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Intrusion Prevention System", "description": "## Summary\n\nThere are multiple vulnerabilities in OpenSSL that is used by IBM Security Network Intrusion Prevention System. These vulnerabilities include CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-3216, and CVE-2015-1788.\n\n## Vulnerability Details\n\n**CVE ID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>)\n\n**DESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \n\n \n \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n\n**CVE ID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>)\n\n**DESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n\n**CVE ID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>)\n\n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n\n**CVE ID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>)\n\n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n\n\n**CVE ID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>)\n\n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n\n**CVE ID:** [_CVE-2015-3216_](<https://vulners.com/cve/CVE-2015-3216>)\n\n**DESCRIPTION:** OpenSSL shipped with Red Hat Enterprise Linux is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash.\n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103915> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n\n**CVE ID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>)\n\n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n## Affected Products and Versions\n\nProducts: GX3002, GX4002, GX4004, GX4004-v2, GX5008, GX5008-v2, GX5108, GX5108-v2, GX5208, GX5208-v2, GX6116, GX7412, GX7412-10, GX7412-05, GX7800, GV200, GV1000 \n \nFirmware versions 4.6.2, 4.6.1, 4.6, 4.5, 4.4, and 4.3\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Intrusion Prevention System | Firmware version 4.6.2| [_4.6.2.0-ISS-ProvG-AllModels-System-FP0009_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.6.1| [_4.6.1.0-ISS-ProvG-AllModels-System-FP0013_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.6| [_4.6.0.0-ISS-ProvG-AllModels-System-FP0011_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.5| [_4.5.0.0-ISS-ProvG-AllModels-System-FP0013_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.4| [_4.4.0.0-ISS-ProvG-AllModels-System-FP0013_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.3| [_4.3.0.0-ISS-ProvG-AllModels-System-FP0011_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "published": "2022-02-23T19:48:26", "modified": "2022-02-23T19:48:26", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://www.ibm.com/support/pages/node/532087", "reporter": "IBM", "references": [], "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "immutableFields": [], "lastseen": "2023-02-21T05:36:57", "viewCount": 19, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY14.ASC"]}, {"type": "altlinux", "idList": ["758E6D870DDEA68E74011E577E986457"]}, {"type": "amazon", "idList": ["ALAS-2015-550"]}, {"type": "archlinux", "idList": ["ASA-201506-3"]}, {"type": "centos", "idList": ["CESA-2015:1115", "CESA-2015:1197"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2015-0994", "CPAI-2015-1158"]}, {"type": "cisco", "idList": ["CISCO-SA-20150612-OPENSSL"]}, {"type": "citrix", "idList": ["CTX216642"]}, {"type": "cve", "idList": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216", "CVE-2015-8176"]}, {"type": "debian", "idList": ["DEBIAN:DLA-247-1:99960", "DEBIAN:DSA-3287-1:1A401"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-8176", "DEBIANCVE:CVE-2015-1788", "DEBIANCVE:CVE-2015-1789", "DEBIANCVE:CVE-2015-1790", "DEBIANCVE:CVE-2015-1791", "DEBIANCVE:CVE-2015-1792", "DEBIANCVE:CVE-2015-3216"]}, {"type": "f5", "idList": ["F5:K16898", "F5:K16904", "F5:K16913", "F5:K16914", "F5:K16915", "F5:K16920", "F5:K16938", "SOL16898", "SOL16904", "SOL16913", "SOL16914", "SOL16915", "SOL16920", "SOL16938"]}, {"type": "fedora", "idList": ["FEDORA:13A9D6049716", "FEDORA:13B146087AAB", "FEDORA:A69386143D9F", "FEDORA:D331C6087C6A"]}, {"type": "fortinet", "idList": ["FG-IR-15-014"]}, {"type": "freebsd", "idList": ["8305E215-1080-11E5-8BA2-000C2980A9F3"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-15:10.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-201506-02"]}, {"type": "hackerone", "idList": ["H1:73241"]}, {"type": "ibm", "idList": ["09EFBF1EDC3D056A4C55B6D328B0019A52124F7A8C7DCA88E25031BCFD79F86E", "0B963717F89450DA332A8F619DDD9CE7A603E588666B7A5DE7227A89ADD7D81D", "0C850FECD02720FE8E127F730E7172757B14E40919BABE4F7D431689A5B199DB", "0CB790755A86B581A38C5E6BE6E3A26223CD5CF0D217D9AF43702EEF9E45DABD", "0E96665079E56894EA39AFB24283955B35E3838213DCD87205604F5B1858EEA7", "0F8EC0887570E466DCF4213DD901C1A007B8EFDAA1B999193C4CC4FDB9F8F7E4", "12D9F191717460AECB934B007F4CDE9698A96A4B8B98144C3F39DD87E57929EA", "1552258BC602B501CB144C17FE55DEC12CEDE82B9F4351E9E4F47BE8C7003BA9", "160974CCBC12FDC44262159FC9737359086DF0317D260FA132DE5D77C6CF279E", "1625261D52D4F7681DDD4AD119C0D00ED593A0BDB39B248876E1FFDAF88D6F39", "201018C415242F0DA1C06575A912CA5C445B3279D15C72F87C78C22FECC5D78A", "218390BFF75A1EE9F5782E6F5D8A4974DE9C74872244CE63508F8AC545A1D314", "2666C659D997588714E14C01634C94F0B9A9EF963A2F6BD072D0D717E4DAB9DA", "2B57635893A008B30DACCBFC585DFBEFC6815B10A081CE771A451CBB98704E62", "2F044E6D3403CF1CE244F404A02D2A1E0F016AD4BEEC5C72C153F07E02439876", "2FE4FAEC11A5A595193A03B9D60E81D9623A26BB5D27D6ACC64201D05E5AFAA9", "44581CEFAAC57F6BA083046E8D17AC3B05F7A3FDCFB70055DF3548236FC99CA6", "5329CD1C63D2F95E92A27532DD149EA30C54823558FD6ECF9F637F7793762B35", "573D5194C5FA6D57BF7D7107395D0823BF59A24F4A6BFB8961AB7839F18340F7", "5F468E7095FD7CDC6ACB31C903D40522F03AE2C875C15B90AB7E04C796279517", "6680272534C119E2F4255DAC0A5F66CF25F5D99D47E9760C164E835E0C60EF0F", "6771D22CBA4F411B776687E7E7DFC88A07A853D3773656BFD792DBCA38A8939C", "6808EC84BE4A9DD5A0B439C6FCE9D4EA1BDF91E3E0DEBF72E5BEFD925D973E99", "69708648D7347A46AB7B2DD1702D4EBF5A57623CDB811A18663D65A9AB17A3C8", "6C1FFD4C64A90ADEECC342C463AE4A2D627A083EBFD6A4348B199A8C68A07F9C", "74CEE8219E1D60BC6A66BBFFF067E8FF68222101E533A8C6D0FA63EFC99459E2", "7560A74E2926246941C9FBAEBB3EC98EF899CD0E877EBB53F3C2438F3C7CB29A", "787C1621D06EE465998FEBEFA80BA8B6DAEC2388BAF60D434FCE4B04471920AA", "7D14B08C045BFDC910143AB7478EEF037B7EDE9D4C014BE6212BF743A8294BD7", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7EAF5CB207E5D468583094D39BFEB783DDAF939EF5BB4632C3FB6CBE7F70A7E3", "807C4AB87E47CA332F6205CBA2C6C1C3C3158B123385BE5D10E64D27338C557A", "86A0EA0159959C48BE8EE2EC91274A454DF3095B67D0C80CF9DB99E4B05F7F88", "8976330D24BA16C6597AF93C67C2A46121ECFA13975E064BAC48376E8563DA89", "89DBD775E165C8C80EAAC4824D0125B2291970233028B235C3C22D4EAF3CE227", "8A87036F5C290A7EB193FCCEE8F258BACCA1FC57CC5D8A56759A27F177621DF5", "8CF70E6991DFDEA5B82E28E7377F3F5FD2B97A890585F6756AD1FD870B0DCE3A", "8EEBB0B8FAC8DFA33C0405E2C48BAF0FD71BF64FEE9E71DFF45B1738CA5A7E36", "99E2A8F47F4108C69540D005070137804DC7E040890DE030D99CAAB2C61648E6", "A21160CD167CEB07B665A0A9788C062C19FA75832274194D0CFF1E816F29CA4D", "A5EE6903D383C042ADBB5FEF76C2F60C5F1B6BFAAA0ABAB88DC4660244B7AED4", "A84A7C9BF929868F8166CB87D5CEFBA3C864431A4299CB147A963BF97FDE753B", "A911AF5A1D427E3C73869552B626178ECA9D7A2C4D751BD35DCB395C648FFF83", "AB1990CCF9D6A307BC98A44FDCD73837D64D583DA165615A5EAB1AC9A7D0F3F2", "AD5AEF2A5C571C6008D3EFAB58A32CF97C5454F4FD7A2DF5AEB0C657936F1BE2", "ADF65B4A474E1421F71559C3F519C310FC36B59F7BDDCDE5839099E428CDBDB6", "AFB18C01001C1ED3C57D258D7EAEF5E63B8016D0093506248A32EF21FB399220", "B0AEB074FFA0854656EFE3CAF612805ED0F2B662B12263D2B3084481427FAB2B", "B26BA31F7C8E180B2476A6D17348E9C8899E4E6C0D69D13EE7B0DE3A1B8FD9D5", "B84251E3C31E8FAF9BA0B73449F8A92CA84F7B802070A7A5FB283B62300DC251", "C18F1AC2D0D0C2B07F75AF3BA243CEDC4570C2610325B9CFF40F409EC37A5644", "C31D150033FD48D09A309BBEFA4383E996752BB2E541CB9E4A69082ABF2CFD19", "C95E77161B48C2969E6AAB743AAD921249B05B139C9E6DB99D47B8254D0339E9", "C98742B877B2C201166B837BC2C23F231BE604BF071711015BA45A10D5709CDE", "CC1A30E8E2330D238749CFFBD49D7E9838BBE1BEFE625CE5C43D437242EE4573", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D453C632FF9EC3087898B06E3DFD86A6FE0EFBF4D9E74F1A54E4DB3CBADA0D49", "D696D6BA5722A0DBAF997A72F8E1B1364740C100E291AB2426A4BDD7BDD5DA93", "D798A2662F653C58B07EF7AB7952BA9F9D262CA55D27B779D34C5A7F3DECACDF", "D87699740B30BB25DEC2F8B16CA15FBC5C6247D272AD4BA218F8A206B588A8C2", "DD1039AD603CD497738F840D32655E5B15E168D7E31F54FA722E4A3C3742244E", "DD6B46FA2DDAAE6080D5C927EEA372B16800D8CB903BB5366DA05ECEEBE80546", "DEC8B1857975B965D873A8BB6F56B19058C4EFA0C242EB808E499279F11EE7B2", "E9A3E2EA3AE2ADD4620D37196036A6030F0C51283082B6F6903A10C2A73E5C49", "EC4680A726FB50E4B12980B4ADD271AC01D733FEC93E24F9E55438A2237587BA", "EF5A55D8CCABA9019F6306256CB26946DC810DE7EBB1EA5F4D90251B35752411", "F549A2FEAC9B8235BEDEAB1D1110EF3A8710606A890D4EE5C62A7F21A7169A12", "F55ABDFF87575503ED1A594C10571C58606CD661947C9F188A65571C4868F922", "FBF8D5380A8667F5D239F868F077DAD8E14459BF18DCA6E0C2C65E35815C9F4A"]}, {"type": "mageia", "idList": ["MGASA-2015-0246"]}, {"type": "nessus", "idList": ["8253.PRM", "8790.PRM", "8791.PRM", "8981.PRM", "AIX_OPENSSL_ADVISORY14.NASL", "ALA_ALAS-2015-550.NASL", "CENTOS_RHSA-2015-1115.NASL", "CENTOS_RHSA-2015-1197.NASL", "CHECK_POINT_GAIA_SK106499.NASL", "CISCO_ACE_A5_3_3.NASL", "DB2_105FP7_NIX.NASL", "DB2_105FP7_WIN.NASL", "DB2_97FP10_MULTI_VULN.NASL", "DEBIAN_DLA-247.NASL", "DEBIAN_DSA-3287.NASL", "EULEROS_SA-2019-1547.NASL", "EULEROS_SA-2019-1548.NASL", "EULEROS_SA-2019-1861.NASL", "EULEROS_SA-2019-1980.NASL", "EULEROS_SA-2019-2271.NASL", "EULEROS_SA-2019-2509.NASL", "EULEROS_SA-2019-2643.NASL", "EULEROS_SA-2020-1774.NASL", "EULEROS_SA-2020-2076.NASL", "F5_BIGIP_SOL16898.NASL", "F5_BIGIP_SOL16913.NASL", "F5_BIGIP_SOL16914.NASL", "FEDORA_2015-10047.NASL", "FEDORA_2015-10108.NASL", "FREEBSD_PKG_8305E215108011E58BA2000C2980A9F3.NASL", "GENTOO_GLSA-201506-02.NASL", "HPSMH_7_2_6.NASL", "HPSMH_7_5_4.NASL", "IBM_HTTP_SERVER_533837.NASL", "MACOSX_10_10_5.NASL", "MACOSX_SECUPD2015-006.NASL", "NESSUS_TNS_2015_07.NASL", "OPENSSL_0_9_8ZG.NASL", "OPENSSL_1_0_0S.NASL", "OPENSSL_1_0_1N.NASL", "OPENSSL_1_0_2B.NASL", "OPENSUSE-2015-447.NASL", "OPENSUSE-2015-507.NASL", "OPENSUSE-2015-889.NASL", "OPENSUSE-2016-294.NASL", "ORACLELINUX_ELSA-2015-1115.NASL", "ORACLELINUX_ELSA-2015-1197.NASL", "ORACLEVM_OVMSA-2015-0070.NASL", "PFSENSE_SA-15_06.NASL", "PUPPET_ENTERPRISE_ACTIVEMQ_PSQL_SSL.NASL", "REDHAT-RHSA-2015-1115.NASL", "REDHAT-RHSA-2015-1197.NASL", "SCREENOS_JSA10733.NASL", "SLACKWARE_SSA_2015-162-01.NASL", "SL_20150615_OPENSSL_ON_SL6_X.NASL", "SL_20150630_OPENSSL_ON_SL5_X.NASL", "SPLUNK_625.NASL", "SUSE_SU-2015-1143-1.NASL", "SUSE_SU-2015-1150-1.NASL", "SUSE_SU-2015-1181-2.NASL", "SUSE_SU-2015-1182-2.NASL", "SUSE_SU-2015-1183-2.NASL", "SUSE_SU-2015-1184-1.NASL", "SUSE_SU-2015-1184-2.NASL", "SUSE_SU-2015-2303-1.NASL", "UBUNTU_USN-2639-1.NASL", "WEBSPHERE_8_5_5_7.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2014-8176", "OPENSSL:CVE-2015-1788", "OPENSSL:CVE-2015-1789", "OPENSSL:CVE-2015-1790", "OPENSSL:CVE-2015-1791", "OPENSSL:CVE-2015-1792"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105308", "OPENVAS:1361412562310105363", "OPENVAS:1361412562310105364", "OPENVAS:1361412562310105365", "OPENVAS:1361412562310105369", "OPENVAS:1361412562310105605", "OPENVAS:1361412562310105678", "OPENVAS:1361412562310105692", "OPENVAS:1361412562310105798", "OPENVAS:1361412562310106048", "OPENVAS:1361412562310106049", "OPENVAS:1361412562310120033", "OPENVAS:1361412562310121379", "OPENVAS:1361412562310123086", "OPENVAS:1361412562310123099", "OPENVAS:1361412562310703287", "OPENVAS:1361412562310806730", "OPENVAS:1361412562310806734", "OPENVAS:1361412562310806744", "OPENVAS:1361412562310806745", "OPENVAS:1361412562310806746", "OPENVAS:1361412562310806747", "OPENVAS:1361412562310842242", "OPENVAS:1361412562310850661", "OPENVAS:1361412562310850678", "OPENVAS:1361412562310850749", "OPENVAS:1361412562310850877", "OPENVAS:1361412562310850914", "OPENVAS:1361412562310850964", "OPENVAS:1361412562310851044", "OPENVAS:1361412562310851077", "OPENVAS:1361412562310851141", "OPENVAS:1361412562310851223", "OPENVAS:1361412562310869465", "OPENVAS:1361412562310869732", "OPENVAS:1361412562310869740", "OPENVAS:1361412562310869742", "OPENVAS:1361412562310871376", "OPENVAS:1361412562310871385", "OPENVAS:1361412562310882198", "OPENVAS:1361412562310882199", "OPENVAS:1361412562310882215", "OPENVAS:1361412562311220191547", "OPENVAS:1361412562311220191548", "OPENVAS:1361412562311220191861", "OPENVAS:1361412562311220191980", "OPENVAS:1361412562311220192271", "OPENVAS:1361412562311220192509", "OPENVAS:1361412562311220192643", "OPENVAS:1361412562311220201774", "OPENVAS:703287"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2016V3", "ORACLE:CPUAPR2017", "ORACLE:CPUJAN2016", "ORACLE:CPUJAN2017", "ORACLE:CPUJUL2016", "ORACLE:CPUJUL2017", "ORACLE:CPUOCT2015", "ORACLE:CPUOCT2016", "ORACLE:CPUOCT2017"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1115", "ELSA-2015-1197", "ELSA-2015-2617", "ELSA-2016-3621", "ELSA-2019-4581", "ELSA-2019-4747", "ELSA-2021-9150"]}, {"type": "osv", "idList": ["OSV:DLA-247-1", "OSV:DSA-3287-1"]}, {"type": "paloalto", "idList": ["PAN-SA-2016-0020", "PAN-SA-2016-0028"]}, {"type": "redhat", "idList": ["RHSA-2015:1115", "RHSA-2015:1197", "RHSA-2016:2957"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32203", "SECURITYVULNS:DOC:32390", "SECURITYVULNS:DOC:32494", "SECURITYVULNS:VULN:14530", "SECURITYVULNS:VULN:14630", "SECURITYVULNS:VULN:14755"]}, {"type": "slackware", "idList": ["SSA-2015-162-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:1139-1", "OPENSUSE-SU-2015:1277-1", "OPENSUSE-SU-2015:2243-1", "OPENSUSE-SU-2016:0640-1", "SUSE-SU-2015:1143-1", "SUSE-SU-2015:1150-1", "SUSE-SU-2015:1181-1", "SUSE-SU-2015:1181-2", "SUSE-SU-2015:1182-1", "SUSE-SU-2015:1182-2", "SUSE-SU-2015:1183-1", "SUSE-SU-2015:1183-2", "SUSE-SU-2015:1184-1", "SUSE-SU-2015:1184-2", "SUSE-SU-2015:1185-1"]}, {"type": "symantec", "idList": ["SMNTC-1325"]}, {"type": "ubuntu", "idList": ["USN-2639-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-8176", "UB:CVE-2015-1788", "UB:CVE-2015-1789", "UB:CVE-2015-1790", "UB:CVE-2015-1791", "UB:CVE-2015-1792", "UB:CVE-2015-3216"]}]}, "score": {"value": 1.8, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2015-550"]}, {"type": "archlinux", "idList": ["ASA-201506-3"]}, {"type": "centos", "idList": ["CESA-2015:1115", "CESA-2015:1197"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2015-1158"]}, {"type": "cisco", "idList": ["CISCO-SA-20150612-OPENSSL"]}, {"type": "cve", "idList": ["CVE-2014-8176"]}, {"type": "debian", "idList": ["DEBIAN:DLA-247-1:99960"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-1792"]}, {"type": "f5", "idList": ["F5:K16904", "F5:K16920"]}, {"type": "fedora", "idList": ["FEDORA:13B146087AAB"]}, {"type": "fortinet", "idList": ["FG-IR-15-014"]}, {"type": "freebsd", "idList": ["8305E215-1080-11E5-8BA2-000C2980A9F3"]}, {"type": "gentoo", "idList": ["GLSA-201506-02"]}, {"type": "hackerone", "idList": ["H1:73241"]}, {"type": "ibm", "idList": ["0C850FECD02720FE8E127F730E7172757B14E40919BABE4F7D431689A5B199DB", "12D9F191717460AECB934B007F4CDE9698A96A4B8B98144C3F39DD87E57929EA", "160974CCBC12FDC44262159FC9737359086DF0317D260FA132DE5D77C6CF279E", "8976330D24BA16C6597AF93C67C2A46121ECFA13975E064BAC48376E8563DA89", "A5EE6903D383C042ADBB5FEF76C2F60C5F1B6BFAAA0ABAB88DC4660244B7AED4", "AB1990CCF9D6A307BC98A44FDCD73837D64D583DA165615A5EAB1AC9A7D0F3F2"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CISCO-ANYCONNECT-CVE-2014-8176/", "MSF:ILITIES/F5-BIG-IP-CVE-2014-8176/"]}, {"type": "nessus", "idList": ["AIX_OPENSSL_ADVISORY14.NASL", "DB2_105FP7_WIN.NASL", "EULEROS_SA-2020-2076.NASL", "FEDORA_2015-10047.NASL", "OPENSUSE-2015-889.NASL", "SLACKWARE_SSA_2015-162-01.NASL", "SPLUNK_625.NASL", "SUSE_SU-2015-1143-1.NASL", "SUSE_SU-2015-1181-2.NASL", "SUSE_SU-2015-1184-2.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2015-1788"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703287", "OPENVAS:1361412562310806730", "OPENVAS:1361412562310806746", "OPENVAS:1361412562310850964", "OPENVAS:1361412562310871376"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2016", "ORACLE:CPUJUL2017-3236622", "ORACLE:CPUOCT2017-3236626"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4747"]}, {"type": "redhat", "idList": ["RHSA-2015:1197"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32203", "SECURITYVULNS:VULN:14630"]}, {"type": "slackware", "idList": ["SSA-2015-162-01"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1181-1", "SUSE-SU-2015:1181-2", "SUSE-SU-2015:1182-2", "SUSE-SU-2015:1183-1", "SUSE-SU-2015:1184-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-8176", "UB:CVE-2015-1791"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "proventia network intrusion prevention system", "version": 4}, {"name": "proventia network intrusion prevention system", "version": 4}, {"name": "proventia network intrusion prevention system", "version": 4}, {"name": "proventia network intrusion prevention system", "version": 4}, {"name": "proventia network intrusion prevention system", "version": 4}, {"name": "proventia network intrusion prevention system", "version": 4}]}, "epss": [{"cve": "CVE-2014-8176", "epss": "0.050130000", "percentile": "0.916100000", "modified": "2023-03-17"}, {"cve": "CVE-2015-1788", "epss": "0.562990000", "percentile": "0.971020000", "modified": "2023-03-17"}, {"cve": "CVE-2015-1789", "epss": "0.346210000", "percentile": "0.964100000", "modified": "2023-03-17"}, {"cve": "CVE-2015-1790", "epss": "0.424730000", "percentile": "0.967090000", "modified": "2023-03-17"}, {"cve": "CVE-2015-1791", "epss": "0.330470000", "percentile": "0.963450000", "modified": "2023-03-17"}, {"cve": "CVE-2015-1792", "epss": "0.634140000", "percentile": "0.972530000", "modified": "2023-03-17"}, {"cve": "CVE-2015-3216", "epss": "0.155390000", "percentile": "0.949930000", "modified": "2023-03-18"}], "vulnersScore": 1.8}, "_state": {"dependencies": 1676957828, "score": 1676958121, "affected_software_major_version": 1677355290, "epss": 1679165106}, "_internal": {"score_hash": "54a0cf86245b1896f3431cd8a0599902"}, "affectedSoftware": [{"version": "4.3", "operator": "eq", "name": "proventia network intrusion prevention system"}, {"version": "4.4", "operator": "eq", "name": "proventia network intrusion prevention system"}, {"version": "4.5", "operator": "eq", "name": "proventia network intrusion prevention system"}, {"version": "4.6", "operator": "eq", "name": "proventia network intrusion prevention system"}, {"version": "4.6.1", "operator": "eq", "name": "proventia network intrusion prevention system"}, {"version": "4.6.2", "operator": "eq", "name": "proventia network intrusion prevention system"}]}

{"ibm": [{"lastseen": "2023-02-21T05:52:09", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM Security Access Manager for Web. IBM Security Access Manager for Web has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n \n**CVEID:** [_CVE-2015-3216_](<https://vulners.com/cve/CVE-2015-3216>)** \nDESCRIPTION:** OpenSSL shipped with Red Hat Enterprise Linux is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103915_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103915>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n## Affected Products and Versions\n\nIBM Security Access Manager for Web version 7.0 appliance, all firmware versions \nIBM Security Access Manager for Web version 8.0 appliance, all firmware versions \n\n## Remediation/Fixes\n\nThe table below provides links to patches for all affected IBM Security Access Manager for Web appliance versions. Follow the installation instructions in the README file included with the patch. \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Web \n_(appliance-based)_| _7.0.0.0 - \n7.0.0.15_| IV75512 | Apply the 7.0.0.16 interim fix:_ \n_[_7.0.0-ISS-WGA-IF0016_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=All&function=all>) \nIBM Security Access Manager for Web| _8.0.0.1 - \n8.0.1.3_| IV75321| Upgrade to the 8.0.1.3 interim fix: \n[_8.0.1.3-ISS-WGA-IF0001_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0&platform=Linux&function=all>) \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-16T21:26:04", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Access Manager for Web", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2018-06-16T21:26:04", "id": "5329CD1C63D2F95E92A27532DD149EA30C54823558FD6ECF9F637F7793762B35", "href": "https://www.ibm.com/support/pages/node/533493", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:52:09", "description": "## Summary\n\nThere are multiple vulnerabilities in OpenSSL that is used by IBM Security Network Protection. These vulnerabilities include CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-3216, and CVE-2015-1788.\n\n## Vulnerability Details\n\n**CVE ID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>)\n\n**DESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \n\n \n \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n\n**CVE ID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>)\n\n**DESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n\n**CVE ID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>)\n\n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n\n**CVE ID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>)\n\n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n\n\n**CVE ID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>)\n\n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n\n**CVE ID:** [_CVE-2015-3216_](<https://vulners.com/cve/CVE-2015-3216>)\n\n**DESCRIPTION:** OpenSSL shipped with Red Hat Enterprise Linux is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash.\n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103915> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n\n**CVE ID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>)\n\n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \n\n \n \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n## Affected Products and Versions\n\nIBM Security Network Protection 5.2 \nIBM Security Network Protection 5.3 \n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Protection | Firmware version 5.2| Download 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0010 from [_IBM Fix Central_](<http://www-933.ibm.com/support/fixcentral/>) and upload and install via the Available Updates page of the local management interface. \nIBM Security Network Protection| Firmware version 5.3| Install Fixpack 5.3.1.2 from the Available Updates page of the local management interface, or by performing a One Time Scheduled Installation from SiteProtector. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-16T21:25:43", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2018-06-16T21:25:43", "id": "0C850FECD02720FE8E127F730E7172757B14E40919BABE4F7D431689A5B199DB", "href": "https://www.ibm.com/support/pages/node/531321", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:44:55", "description": "## Summary\n\nMultiple vulnerabilities in openssl affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2014-8176 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3216 CVE-2015-1788).\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>)** \nDESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>)** \nDESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-3216_](<https://vulners.com/cve/CVE-2015-3216>)** \nDESCRIPTION:** OpenSSL shipped with Red Hat Enterprise Linux is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103915_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103915>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance\n\n## Remediation/Fixes\n\nIf you are running IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance, contact [_IBM support_](<https://www-947.ibm.com/support/servicerequest/newServiceRequest.action>).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T22:30:13", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in openssl affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2018-06-17T22:30:13", "id": "D87699740B30BB25DEC2F8B16CA15FBC5C6247D272AD4BA218F8A206B588A8C2", "href": "https://www.ibm.com/support/pages/node/266269", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:38:43", "description": "## Summary\n\nOpen SSL is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>)** \nDESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>)** \nDESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n \n \n**CVEID:** [_CVE-2015-3216_](<https://vulners.com/cve/CVE-2015-3216>)** \nDESCRIPTION:** OpenSSL shipped with Red Hat Enterprise Linux is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103915_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103915>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n## Affected Products and Versions\n\n \nPower HMC V7.3.0.0 \nPower HMC V7.8.0.0 \nPower HMC V7.9.0.0 \nPower HMC V8.1.0.0 \nPower HMC V8.2.0.0 \nPower HMC V8.3.0.0\n\n## Remediation/Fixes\n\n \nThe following fixes are available on IBM Fix Central at: <http://www-933.ibm.com/support/fixcentral/>\n\nProduct\n\n| \n\nVRMF\n\n| \n\nAPAR\n\n| \n\nRemediation/Fix \n \n---|---|---|--- \n \nPower HMC\n\n| \n\nV7.7.3.0 SP7\n\n| \n\nMB03935\n\n| \n\nApply eFix MH01547 \n \nPower HMC\n\n| \n\nV7.7.8.0 SP2\n\n| \n\nMB03936\n\n| \n\nApply eFix MH01548 \n \nPower HMC\n\n| \n\nV7.7.9.0 SP2\n\n| \n\nMB03937\n\n| \n\nApply eFix MH01549 \n \nPower HMC\n\n| \n\nV8.8.1.0 SP2\n\n| \n\nMB03938\n\n| \n\nApply eFix MH01550 \n \nPower HMC\n\n| \n\nV8.8.2.0 SP2\n\n| \n\nMB03873 \n\n| \n\nApply Service Pack 2 MH01488 \n \nPower HMC\n\n| \n\nV8.8.3.0\n\n| \n\nMB03939\n\n| \n\nApply eFix MH01551 \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-23T01:31:39", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Open SSL affect Power Hardware Management Console (CVE-2014-8176,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-3216)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2021-09-23T01:31:39", "id": "44581CEFAAC57F6BA083046E8D17AC3B05F7A3FDCFB70055DF3548236FC99CA6", "href": "https://www.ibm.com/support/pages/node/666389", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:38:20", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by multiple N series products. Multiple N series products have addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>)** \nDESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>)** \nDESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)\n\n## Affected Products and Versions\n\nClustered Data ONTAP: 8.2.1, 8.2.2, 8.2.3, 8.2.4, ; \n\nClustered Data ONTAP Antivirus Connector: 1.0, 1.0.1, 1.0.2;\n\nData ONTAP operating in 7-Mode: 7.3.7, 8.1.4, 8.2.1, 8.2.2, 8.2.3;\n\nNS OnCommand Workflow Automation: 3.1;\n\nNS OnCommand Core Package: 5.1.2, 5.2.1, 5.2;\n\nOpen Systems SnapVault: 3.0.1;\n\nSnapDrive for Unix: 5.2, 5.2.2;\n\nSnapDrive for Windows: 7.0.3, 7.1.1, 7.1.2, 7.1.3;\n\n## Remediation/Fixes\n\nFor_ _SnapDrive for Unix: the fix exists from microcode version: 5.3; \n\nFor_ _SnapDrive for Windows: the fix exists from microcode version: 7.1.4;\n\nPlease contact IBM support or go to this [_link_](<https://www-945.ibm.com/support/fixcentral/>) to download a supported release. For customers who are using Clustered Data ONTAP, Clustered Data ONTAP Antivirus Connector, Data ONTAP operating in 7-Mode, NS OnCommand Workflow Automation, NS OnCommand Core Package or Open Systems SnapVault, please contact IBM support.\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-15T18:05:07", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect multiple N series products", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2021-12-15T18:05:07", "id": "0E96665079E56894EA39AFB24283955B35E3838213DCD87205604F5B1858EEA7", "href": "https://www.ibm.com/support/pages/node/696435", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-28T22:06:38", "description": "## Summary\n\nPowerKVM is affected by OpenSSL vulnerabilities (multiple CVEs).\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1788_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1789_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1790_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791>)** \nDESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-1792_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2014-8176_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176>)** \nDESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)\n\n## Affected Products and Versions\n\nPowerKVM 2.1\n\n## Remediation/Fixes\n\nFix is made available via Fix Central ([_https://ibm.biz/BdEnT8_](<https://ibm.biz/BdEnT8>)) in 2.1.1 build 57 and all later builds and fix packs. For systems currently running fix levels of PowerKVM prior to 2.1.1, please see <http://download4.boulder.ibm.com/sar/CMA/OSA/05e4c/0/README> for prerequisite fixes and instructions. Customers can also update from 2.1.1 (GA and later levels) by using \"yum update\".\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n1 July 2015 - Initial version\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSZJY4\",\"label\":\"PowerKVM\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"2.1\",\"Edition\":\"KVM\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-18T01:28:42", "type": "ibm", "title": "Security Bulletin: PowerKVM is affected by OpenSSL vulnerabilities (multiple CVEs)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2018-06-18T01:28:42", "id": "A5EE6903D383C042ADBB5FEF76C2F60C5F1B6BFAAA0ABAB88DC4660244B7AED4", "href": "https://www.ibm.com/support/pages/node/681017", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:57:28", "description": "## Summary\n\nSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. IBM DataPower Gateways has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID****:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\nNote that CVE-2015-1788 only affects IBM DataPower Gateways Crypto objects in version 7.2.0.0, and not earlier versions. Refer to the following bulletin for details of this advisory affecting IBM DataPower Gateways objects that use GSKit: <http://www-01.ibm.com/support/docview.wss?uid=swg21969271>.\n\n**Note that the following vulnerabilities disclosed on the same day do not impact DataPower appliances:**\n\n \nCVEID: CVE-2015-1791 \nCVEID: CVE-2014-8176 \n\n## Affected Products and Versions\n\nIBM DataPower Gateways appliances all versions through 6.0.0.15, 6.0.1.11, 7.0.0.8, 7.1.0.5, 7.2.0.0\n\n## Remediation/Fixes\n\nFix is available in versions 6.0.0.16, 6.0.1.12, 7.0.0.9, 7.1.0.6, 7.2.0.1. Refer to [APAR IT10104](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT10104>) for URLs to download the fix. \n \nYou should verify applying this fix does not cause any compatibility issues. \n\n\n_For DataPower customers using versions 5.x and earlier versions, IBM recommends upgrading to a fixed, supported version/release/platform of the product. _\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-15T07:03:33", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in SSL affect IBM DataPower Gateways (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2018-06-15T07:03:33", "id": "5E809025DAFEC4CB7FE0FA92E57B5B479AB4FCA9F07C50F0A73D0E25DCE67AF1", "href": "https://www.ibm.com/support/pages/node/536433", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:48:51", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM\u00ae Rational Team Concert\u2122 Build Agent. IBM\u00ae Rational Team Concert\u2122 Build Agent has addressed the applicable CVEs. \n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>)** \nDESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>)** \nDESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)\n\n## Affected Products and Versions\n\nOnly the Rational Team Concert Build Agent uses the OpenSSL component and is affected by these vulnerabilities. No other part of Rational Team Concert is impacted. \n \nRational Team Concert 3.0.x, 4.0.x, 5.0.x, and 6.0 are affected versions. \n \nThe following operating systems are not impacted in any RTC release: \n\\- IBM i \n\\- Linux on Power\n\n## Remediation/Fixes\n\nThe remediation for this security exposure is to update the Rational Build Agent that is included with the Rational Team Concert Build System Toolkit. Refer to the following list to determine the approach to take for the operating system that is being used for the Build System Toolkit. \n \nThis[ Build Forge agent interim fix](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FRational+Build+Forge&fixids=bfagent-8.0.0.2-3-0013&source=SAR>) or later can be used to obtain the replacement agent for your operating systems. \n\n\n * For the following combinations :\n \n\\- Windows and RTC 3.0.1.x, 4.0.x, 5.0.x, or 6.0 \n\\- Linux x86 and RTC 3.0.1.x, 4.0.x, 5.0.x, or 6.0 \n\\- Linux on System z and RTC 3.0.1.x, 4.0.x, 5.0.x, or 6.0 \n\\- Solaris and RTC 3.0.1.x, 4.0.x, 5.0.x Obtain the updated agent install package from the Build Forge Agent interim fix and replace it in the installed build system toolkit. \n * * For AIX in RTC 3.0.1.x, 4.0.x, 5.0.x, and 6.0 : Obtain the updated agent install package and install it on an AIX machine. Extract the resulting bfagent executable and replace in the build system toolkit.\n\n## Workarounds and Mitigations\n\nThese vulnerabilities are only in the Build Agent, so not using the build agent component is a mitigation.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T05:07:14", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM\u00ae Rational Team Concert\u2122 Build Agent (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2014-8176)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2018-06-17T05:07:14", "id": "201018C415242F0DA1C06575A912CA5C445B3279D15C72F87C78C22FECC5D78A", "href": "https://www.ibm.com/support/pages/node/268731", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:52:07", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM Flex Chassis Management Module (CMM). Flex Chassis Management Module has addressed the vulnerabilities.\n\n## Vulnerability Details\n\n## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM Flex Chassis Management Module (CMM). Flex Chassis Management Module has addressed the vulnerabilities.\n\n**Vulnerability Details**\n\n**CVE-ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\".\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**CVE-ID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>)\n\n**Description:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpecand Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system.\n\nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103782> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103780> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>)\n\n**Description:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103609> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVE-ID:** [CVE-2015-3216](<https://vulners.com/cve/CVE-2015-3216>)\n\n**Description:** OpenSSL shipped with Red Hat Enterprise Linux is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103915> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103778> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected products and versions\n\nProduct | Affected Version \n---|--- \nIBM Flex System Chassis Management Module (CMM) | 2PET12U \u2014 2.53 \n \n## Remediation/Fixes\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\nProduct | Affected Version \n---|--- \nIBM Flex System Chassis Management Module (CMM) | 2PET12W \u2014 2.5.4 \n \nFor **CVE-2015-4000**: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone.\n\n## References\n\n * [Complete CVSS V2 Guide](<http://www.first.org/cvss/v2/guide>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n24 November 2015: Original Version Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by multiple vulnerabilities in OpenSSL including Logjam", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216", "CVE-2015-4000"], "modified": "2019-01-31T02:10:01", "id": "2CBBD45F30EBDD9AF79E128709B5FA169B4D42EC7E63984FB628059AD9D57EEF", "href": "https://www.ibm.com/support/pages/node/868186", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-13T05:37:53", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed in June 2015 by the OpenSSL Project. OpenSSL is used by IBM SONAS. IBM SONAS has addressed the applicable CVEs.\n\n## Vulnerability Details\n\nOpenSSL is used in IBM SONAS for providing communication security by encrypting data being transmitted. \n** ** \n \n**CVEID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>) \n \n**DESCRIPTION: **OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an error in handling internal data. An attacker could exploit this vulnerability to execute arbitrary code on the system. \n \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103782> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n \n \n**CVEID: **[CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an error in one of its functions. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID: **[CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an error in its parsing code. An attacker could exploit this vulnerability using specially crafted content to trigger a NULL pointer dereference. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103780> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID: **[CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an error in one of its functions. By sending a specially crafted message, an attacker could produce a race condition. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103609> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID: **[CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service. An attacker could exploit this vulnerability using specially crafted data to cause the application to enter into an infinite loop. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM SONAS \nThe product is affected when running a code releases 1.5.0.0 to 1.5.2.1\n\n## Remediation/Fixes\n\nA fix for these issues is in version 1.5.2.2 of IBM SONAS. Customers running an affected version of SONAS should upgrade to 1.5.2.2 or a later version, so that the fix gets applied. \n \nPlease contact IBM support for assistance in upgrading your system.\n\n## Workarounds and Mitigations\n\nWorkaround(s): None \n \nMitigation(s): Ensure that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-18T00:09:53", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM SONAS (CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2018-06-18T00:09:53", "id": "807C4AB87E47CA332F6205CBA2C6C1C3C3158B123385BE5D10E64D27338C557A", "href": "https://www.ibm.com/support/pages/node/690571", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-13T05:37:51", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed in June 2015 by the OpenSSL Project. OpenSSL is used by by IBM Storwize V7000 Unified. IBM Storwize V7000 Unified has addressed the applicable CVEs.\n\n## Vulnerability Details\n\nOpenSSL is used in IBM Storwize V7000 Unified for providing communication security by encrypting data being transmitted. \n \n \n**CVEID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>) \n \n**DESCRIPTION: **OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an error in handling internal data. An attacker could exploit this vulnerability to execute arbitrary code on the system. \n \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103782> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n \n \n**CVEID: **[CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an error in one of its functions. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID: **[CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an error in its parsing code. An attacker could exploit this vulnerability using specially crafted content to trigger a NULL pointer dereference. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103780> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID: **[CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an error in one of its functions. By sending a specially crafted message, an attacker could produce a race condition. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103609> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID: **[CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service. An attacker could exploit this vulnerability using specially crafted data to cause the application to enter into an infinite loop. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM Storwize V7000 Unified \nThe product is affected when running code releases 1.5.0.0 to 1.5.2.1\n\n## Remediation/Fixes\n\nA fix for these issues is in version 1.5.2.2 of IBM Storwize V7000 Unified. Customers running an affected version of V7000 Unified should upgrade to 1.5.2.2 or a later version, so that the fix gets applied. \n \n[_Latest Storwize V7000 Unified Software_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003918&myns=s028&mynp=OCST5Q4U&mync=E>)\n\n## Workarounds and Mitigations\n\nWorkaround(s): None \n \nMitigation(s): Ensure that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-18T00:09:53", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Storwize V7000 Unified (CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2018-06-18T00:09:53", "id": "0F8EC0887570E466DCF4213DD901C1A007B8EFDAA1B999193C4CC4FDB9F8F7E4", "href": "https://www.ibm.com/support/pages/node/690573", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:36:52", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on Jun 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM InfoSphere Master Data Management and has addressed the applicable CVEs provided by OpenSSL\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nThese vulnerabilities are known to affect the following offerings: \n \nIBM Initiate Master Data Service versions 8.1, 9.0, 9.2, 9.5, 9.7, 10.0, 10.1 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM Initiate Master Data Service Patient Hub versions 9.5, 9.7 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM Initiate Master Data Service Provider Hub versions 9.5, 9.7 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM InfoSphere Master Data Management Patient Hub version 10.0 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM InfoSphere Master Data Management Provider Hub version 10.0 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM InfoSphere Master Data Management Standard/Advanced Edition version 11.0 (impacts [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and [_Enterprise Integrator Toolkit_](<http://pic.dhe.ibm.com/infocenter/initiate/v9r5/topic/com.ibm.release_notes.doc/topics/r_release_notes_GAenterprise_integrator_toolkit.html>) component) \n \nIBM InfoSphere Master Data Management Standard/Advanced Edition version 11.3 (impacts [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component) \n \nIBM InfoSphere Master Data Management Standard/Advanced Edition version 11.4 (impacts [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component)\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix as soon as practical. Please see below for information on the fixes available. \n \n\n\n**_Product_**| **_VRMF_**| **_APAR_**| **_Remediation/First Fix_** \n---|---|---|--- \nIBM Initiate Master Data Service | \n\n8.1\n\n| None| [8.1.102815](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%2FInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=8.1.102815_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service | \n\n9.0\n\n| None| [9.0.102815](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=9.0.102815_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Patient Hub| \n\n9.0\n\n| None| [9.0.102815](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Patient&release=All&platform=All&function=fixId&fixids=9.0.102815_IM_Initiate_Patient_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Provider Hub| \n\n9.0\n\n| None| [9.0.102815](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Provider&release=All&platform=All&function=fixId&fixids=9.0.102815_IM_Initiate_Provider_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service | \n\n9.2\n\n| None| [9.2.102815](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=9.2.102815_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Patient Hub| \n\n9.2\n\n| None| [9.2.102815](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Patient&release=All&platform=All&function=fixId&fixids=9.2.102815_IM_Initiate_Patient_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Provider Hub| \n\n9.2\n\n| None| [9.2.102815](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Provider&release=All&platform=All&function=fixId&fixids=9.2.102815_IM_Initiate_Provider_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service | \n\n9.5\n\n| None| [9.5.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=9.5.071215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Patient Hub| \n\n9.5\n\n| None| [9.5.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Patient&release=All&platform=All&function=fixId&fixids=9.5.071215_IM_Initiate_Patient_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Provider Hub| \n\n9.5\n\n| None| [9.5.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Provider&release=All&platform=All&function=fixId&fixids=9.5.071215_IM_Initiate_Provider_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service | \n\n9.7\n\n| None| [9.7.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=9.7.071215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Patient Hub | \n\n9.7\n\n| None| [9.7.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Patient&release=All&platform=All&function=fixId&fixids=9.7.071215_IM_Initiate_Patient_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Provider Hub| \n\n9.7\n\n| None| [9.7.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Provider&release=All&platform=All&function=fixId&fixids=9.7.071215_IM_Initiate_Provider_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service| \n\n10.0\n\n| None| [10.0.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=10.0.071215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Patient Hub | \n\n10.0\n\n| None| [10.0.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Patient&release=All&platform=All&function=fixId&fixids=10.0.071215_IM_Initiate_Patient_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Provider Hub| \n\n10.0\n\n| None| [10.0.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Provider&release=All&platform=All&function=fixId&fixids=10.0.071215_IM_Initiate_Provider_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service| \n\n10.1\n\n| None| [10.1.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=10.1.071215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Standard/Advanced Edition| \n\n11.0\n\n| None| [11.0-FP3-IF3](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/InfoSphere+Master+Data+Management&release=All&platform=All&function=fixId&fixids=11.0.0.3-MDM-SAE-FP03IF003&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Standard/Advanced Edition| \n\n11.3\n\n| None| [11.3-FP3-IF1](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/InfoSphere+Master+Data+Management&release=All&platform=All&function=fixId&fixids=11.3.0.3-MDM-SE-AE-FP03IF001&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Standard/Advanced Edition| \n\n11.4\n\n| None| [11.4-FP3-IF1](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/InfoSphere+Master+Data+Management&release=All&platform=All&function=fixId&fixids=11.4.0.3-MDM-SE-AE-FP03IF001&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone known.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-04-27T09:58:00", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM InfoSphere Master Data Management (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2022-04-27T09:58:00", "id": "7D14B08C045BFDC910143AB7478EEF037B7EDE9D4C014BE6212BF743A8294BD7", "href": "https://www.ibm.com/support/pages/node/531779", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:39:17", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM BladeCenter Advanced Management Module (AMM). IBM BladeCenter Advanced Management Module (AMM) has addressed the vulnerabilities.\n\n## Vulnerability Details\n\n## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM BladeCenter Advanced Management Module (AMM). IBM BladeCenter Advanced Management Module (AMM) has addressed the vulnerabilities.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam.\"\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**CVE-ID:** [CVE-2015-3216](<https://vulners.com/cve/CVE-2015-3216>)\n\n**Description:** OpenSSL shipped with Red Hat Enterprise Linux is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103915> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>)\n\n**Description:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpecand Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system.\n\nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103782> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103780> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>)\n\n**Description:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103609> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nProduct | Affected Version \n---|--- \nIBM BladeCenter Advanced Management Module (AMM) | 1.00 - 3.66n \n \n## Remediation/Fixes:\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\nProduct | Fixed Version \n---|--- \nIBM BladeCenter Advanced Management Module (AMM) | BPET66P - 3.66p \n \nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations:\n\nNone.\n\n## References:\n\n * [Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide.html>)\n * [On-line Calculator v2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n20 November 2015: Original version published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-11-02T20:22:51", "type": "ibm", "title": "Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by multiple vulnerabilities in OpenSSL including Logjam (CVE-2015-4000, CVE-2015-3216, CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216", "CVE-2015-4000"], "modified": "2020-11-02T20:22:51", "id": "B26BA31F7C8E180B2476A6D17348E9C8899E4E6C0D69D13EE7B0DE3A1B8FD9D5", "href": "https://www.ibm.com/support/pages/node/868150", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:50:30", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the applicable CVEs.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam.\"\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**CVE-ID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>)\n\n**Description:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system.\n\nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [http://exchange.xforce.ibmcloud.com/vulnerabilities/103782](<http://exchange.xforce.ibmcloud.com/vulnerabilities/103782%20>) for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)\n\n**CVE-ID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See [http://exchange.xforce.ibmcloud.com/vulnerabilities/103778](<http://exchange.xforce.ibmcloud.com/vulnerabilities/103778%20>) for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See [http://exchange.xforce.ibmcloud.com/vulnerabilities/103779](<http://exchange.xforce.ibmcloud.com/vulnerabilities/103779%20>) for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See [http://exchange.xforce.ibmcloud.com/vulnerabilities/103780](<http://exchange.xforce.ibmcloud.com/vulnerabilities/103780%20>) for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>)\n\n**Description:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103609> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nProduct | Affected Version \n---|--- \nMegaRAID Storage Manager | 15.05.* \n \n## Remediation/Fixes:\n\nIt is recommended to update to the firmware level listed below, or later version. Firmware updates are available through IBM Fix Central: \n<http://www.ibm.com/support/fixcentral/>.\n\nProduct | Fixed Version \n---|--- \nMegaRAID Storage Manager \nibm_utl_msm_15.11.50.00_linux_32-64 \nibm_utl_msm_15.11.50.00_windows_32-64 | 15.11.50.00 \n \nYou should verify applying the fix does not cause any compatibility issues.\n\nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workaround(s) &amp; Mitigation(s):\n\nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## References:\n\n * [Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide.html>)\n * [On-line Calculator v2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nReported to IBM by The WeakDH team at <https://weakdh.org>\n\n**Change History** \n01 August 2016: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:25:02", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect MegaRAID Storage Manager", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2019-01-31T02:25:02", "id": "6680272534C119E2F4255DAC0A5F66CF25F5D99D47E9760C164E835E0C60EF0F", "href": "https://www.ibm.com/support/pages/node/868546", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:53:14", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed by the OpenSSL Project. This includes the alternate chains certificate forgery vulnerability (CVE-2015-1793). OpenSSL is used by the Progress Software DataDirect Connect ODBC drivers which are shipped as a component of IBM InfoSphere Information Server. The Progress Software DataDirect Connect ODBC drivers have addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1793_](<https://vulners.com/cve/CVE-2015-1793>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to bypass security restrictions, caused by an implementation error of the alternative certificate chain logic. An attacker could exploit this vulnerability to bypass the CA flag and other specific checks on untrusted certificates and issue an invalid certificate. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104500_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104500>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n**CVEID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n \n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n \n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nThe following product, running on all supported platforms, is affected: \nIBM InfoSphere Information Server: versions 8.5, 8.7, 9.1, 11.3 and 11.5\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nInfoSphere Information Server| 11.3 11.5| \nJR53677| \\--Upgrade to [_DataDirect ODBC drivers version 7.1.5_](<http://www.ibm.com/support/fixcentral/swg/quickorder?&product=ibm/Information+Management/IBM+InfoSphere+Information+Server&function=fixId&fixids=is_ddodbc_7.1.5_server*>) \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21965326>) to choose which OpenSSL version the drivers will use \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21679867>) to follow additional post installation configuration steps \nInfoSphere Information Server| 9.1| \nJR53677| \\--Upgrade to [_DataDirect ODBC drivers version 7.1.5_](<http://www.ibm.com/support/fixcentral/swg/quickorder?&product=ibm/Information+Management/IBM+InfoSphere+Information+Server&function=fixId&fixids=is_ddodbc_7.1.5_server*>) \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21965326>) to choose which OpenSSL version the drivers will use \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21679867>) to follow additional post installation configuration steps \nInfoSphere Information Server| 8.7| \nJR53677| \\--Apply IBM InfoSphere Information Server version [_8.7 Fix Pack 2_](<http://www-01.ibm.com/support/docview.wss?uid=swg24034359>) \n\\--Upgrade to [_DataDirect ODBC drivers version 7.1.5_](<http://www.ibm.com/support/fixcentral/swg/quickorder?&product=ibm/Information+Management/IBM+InfoSphere+Information+Server&function=fixId&fixids=is_ddodbc_7.1.5_server*>) \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21965326>) to choose which OpenSSL version the drivers will use \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21679867>) to follow additional post installation configuration steps \nInfoSphere Information Server| 8.5| \nJR53677| \\--Apply IBM InfoSphere Information Server version [_8.5 Fix Pack 3_](<http://www-01.ibm.com/support/docview.wss?uid=swg24033513>) \n\\--Upgrade to [_DataDirect ODBC drivers version 7.1.5_](<http://www.ibm.com/support/fixcentral/swg/quickorder?&product=ibm/Information+Management/IBM+InfoSphere+Information+Server&function=fixId&fixids=is_ddodbc_7.1.5_server*>) \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21965326>) to choose which OpenSSL version the drivers will use \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21679867>) to follow additional post installation configuration steps \n \n \nFor IBM InfoSphere Information Server version 8.1, IBM recommends upgrading to a fixed, supported version/release/platform of the product. \n\nNote: A fix for CVE-2014-8176 was provided in OpenSSL versions 0.9.8za, 1.0.0m, and 1.0.1h.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-16T14:07:52", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM InfoSphere Information Server", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-1793"], "modified": "2018-06-16T14:07:52", "id": "6771D22CBA4F411B776687E7E7DFC88A07A853D3773656BFD792DBCA38A8939C", "href": "https://www.ibm.com/support/pages/node/534009", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:41:11", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes the Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000) which affects IBM SDK for Node.js in IBM Bluemix. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n**CVEID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n## Affected Products and Versions\n\nThis vulnerability affects all versions up to and including IBM SDK for Node.js v1.1.0.14 and v1.2.0.2. It also affects open-source version v0.10.38 and v0.12.4 of the Node.js runtime in IBM Bluemix. The issue has been resolved in IBM SDK for Node.js v1.1.0.15 and v1.2.0.3 with Node.js Buildpack Version: v2.2-20150630-1721. \n \nTo check which version of the Node.js runtime your Bluemix application is using, navigate to the \"Files and Logs\" for your application through the Bluemix UI. In the \"logs\" directory, check the \"staging_task.log\". You can also find this file through the command-line Cloud Foundry client by running \"cf files &lt;appname&gt; logs/staging_task.log\". \n \nLook for the following lines: \n \n\\-----&gt; IBM SDK for Node.js Buildpack _______ \n \nIf the open-source version is not v0.10.39 or v0.12.5, or the buildpack verison is v2.2-xxxxxxxx-xxxx, your application may be vulnerable.\n\n## Remediation/Fixes\n\n_To upgrade to the latest version of the Node.js runtime, please specify the latest Node.js runtime in your package.json file for your application:_ \n \n\"engines\": { \n\"node\": \"&gt;=0.10.39\" \n}, \nor \n\"engines\": { \n\"node\": \"&gt;=0.12.5\" \n}, \n \nYou will then need to restage (or re-push) your application.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-09T04:20:36", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM\u00ae SDK for Node.js\u2122 in IBM Bluemix", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2018-08-09T04:20:36", "id": "6808EC84BE4A9DD5A0B439C6FCE9D4EA1BDF91E3E0DEBF72E5BEFD925D973E99", "href": "https://www.ibm.com/support/pages/node/531301", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:38:26", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM SDK for Node.js for the Cordova tools in Rational Software Architect and Rational Software Architect for Websphere Software. RSA and RSA4WS have addressed the applicable CVEs \n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**CVEID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>) \n[](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \n \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n \n \n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>) \n \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n \n \n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n\n## Affected Products and Versions\n\nIBM Rational Software Architect and IBM Rational Software Architect for Websphere Software 9.1, 9.1.1 and 9.1.2 \n\n## Remediation/Fixes\n\nUpdate the IBM SDK for Node.js using by the Cordova platform in the product to address this vulnerability: \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation/Download FixCentral Link** \n---|---|---|--- \nRational Software Architect \nRational Software Architect for Websphere Software| 9.1, 9.1.1 and 9.1.2| \n| \n\n * Apply [IBM SDK for Node.js 1.1.0.15](<https://www.ibm.com/developerworks/web/nodesdk/>) to the Cordova platform in the product. The IBM SDK for Node.js package can be downloaded from the [IBM SDK for Node.js developerWorks community page](<https://www.ibm.com/developerworks/web/nodesdk/>). \n \nAfter the executable package for your platform is downloaded then launch the installation wizard, specify &lt;installation folder&gt;/cordova_cli/ as the installation location, and follow the wizard to complete the installation. The value of &lt;installation folder&gt; is your Software Delivery Platform product installation folder. \n \n**For **[**CVE-2015-4000**](<https://vulners.com/cve/CVE-2015-4000>)**: **As the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-10T17:03:14", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Rational Software Architect and Rational Software Architect for Websphere Software", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2020-09-10T17:03:14", "id": "2F044E6D3403CF1CE244F404A02D2A1E0F016AD4BEEC5C72C153F07E02439876", "href": "https://www.ibm.com/support/pages/node/531837", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:38:38", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by Sterling Connect:Express for UNIX. Sterling Connect:Express for UNIX has addressed the applicable CVEs. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n**CVEID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n**CVEID:** [_CVE-2015-1788 \n_](<https://vulners.com/cve/CVE-2015-1788>)**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1789 \n_](<https://vulners.com/cve/CVE-2015-1789>)**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791 \n_](<https://vulners.com/cve/CVE-2015-1791>)**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM Sterling Connect:Express for UNIX 1.4.6 \n\\- All versions prior to 1.4.6.1 iFix 146-110 \n \nIBM Sterling Connect:Express for UNIX 1.5.0.12 \n\\- All versions prior to 1.5.0.12\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix as soon as practical. Please see below for information about the available fixes \n \n\n\nVRMF| Remediation \n---|--- \n1.4.6| Please contact your local [IBM Remote Technical Support Center ](<https://www-304.ibm.com/webapp/set2/sas/f/handbook/contacts.html>)to request Connect:Express 1.4.6.1 iFix 146-111 \n1.5.0.12| Apply 1.5.0.12 iFix 150-1201, available on [_Fix Central_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Sterling+Connect%3AExpress+for+UNIX&release=All&platform=All&function=all>) \n \nFor CVE-2015-4000: As the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n \nFor CVE-2015-4000: In addition to the fix installation and in order to protect Connect:Express from the CVE-2015-4000 vulnerability, EDH ciphers must be disabled in all SSL server definitions. Refer to the Chapter 4 of [IBM Sterling Connect:Express for UNIX Option SSL](<ftp://public.dhe.ibm.com/software/commerce/doc/mft/cexpress/cxunix/15/CXUX15_SSL_fr.pdf>) documentation to learn how to specify a cipher list in a SSL server definition. In the cipher list, all EDH ciphers must be disabled. See [https://www.openssl.org/ ](<https://www.openssl.org/>)to learn how to use the OpenSSL cipher list tool. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone, fix must be applied and EDH ciphers must be disabled in all SSL server definitions. \n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-24T22:49:37", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Sterling Connect:Express for UNIX (CVE-2015-4000, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2020-07-24T22:49:37", "id": "09EFBF1EDC3D056A4C55B6D328B0019A52124F7A8C7DCA88E25031BCFD79F86E", "href": "https://www.ibm.com/support/pages/node/528605", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:54:31", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM Image Construction and Composition Tool. IBM Image Construction and Composition Tool has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n \n**CVEID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM Image Construction and Composition Tool v2.3.2.0 \nIBM Image Construction and Composition Tool v2.3.1.0 \nIBM Image Construction and Composition Tool v2.2.1.3 \n\n## Remediation/Fixes\n\nThe solution is to apply the following IBM Image Construction and Composition Tool version fixes. \n \nUpgrade the IBM Image Construction and Composition Tool to the following fix levels or higher: \n \n\u00b7 For IBM Image Construction and Composition Tool v2.3.2.0 \nIBM Image Construction and Composition Tool v2.3.2.0 Build 21 \n \n[\u00b7 __http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&amp;product=ibm/WebSphere/PureApplication+System&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=ICCT_IM_Repository_2.3.2.0-21&amp;includeRequisites=1&amp;includeSupersedes=0__](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_IM_Repository_2.3.2.0-21&includeRequisites=1&includeSupersedes=0>) \n \n[\u00b7 __http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&amp;product=ibm/WebSphere/PureApplication+System&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=ICCT_efix_Repository_2.3.2.0-21&amp;includeRequisites=1&amp;includeSupersedes=0__](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.2.0-21&includeRequisites=1&includeSupersedes=0>) \n \n\u00b7 For IBM Image Construction and Composition Tool v2.3.1.0 \nIBM Image Construction and Composition Tool v2.3.1.0 Build 44 \n \n[\u00b7 __http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&amp;product=ibm/WebSphere/PureApplication+System&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=ICCT_IM_Repository_2.3.1.0-44&amp;includeRequisites=1&amp;includeSupersedes=0__](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_IM_Repository_2.3.1.0-44&includeRequisites=1&includeSupersedes=0>)_ _ \n_ _ \n[\u00b7 __http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&amp;product=ibm/WebSphere/PureApplication+System&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=ICCT_efix_Repository_2.3.1.0-44&amp;includeRequisites=1&amp;includeSupersedes=0__](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.1.0-44&includeRequisites=1&includeSupersedes=0>) \n \n \n\u00b7 For IBM Image Construction and Composition Tool v2.2.1.3 \nContact IBM support for upgrade options.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-15T07:04:19", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM Image Construction and Composition Tool. (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2018-06-15T07:04:19", "id": "573D5194C5FA6D57BF7D7107395D0823BF59A24F4A6BFB8961AB7839F18340F7", "href": "https://www.ibm.com/support/pages/node/273157", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:54:42", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM PureApplication System. IBM PureApplication System has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n**CVEID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n \n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM PureApplication System V2.1 \nIBM PureApplication System V2.0 \n\n## Remediation/Fixes\n\nIBM PureApplication System V2.1 \nThe solution is to update to IBM PureApplication System V2.1.0.2 or IBM PureApplication System V2.1.1 \n \nIBM PureApplication System V2.0 \nThe solution is to upgrade to IBM PureApplication System V2.0.0.1 Interim Fix 5 \n \n \nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-15T07:03:47", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM PureApplication System. (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2018-06-15T07:03:47", "id": "D798A2662F653C58B07EF7AB7952BA9F9D262CA55D27B779D34C5A7F3DECACDF", "href": "https://www.ibm.com/support/pages/node/269989", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:54:49", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM Workload Deployer. IBM Workload Deployer has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n \n**CVEID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM Workload Deployer version 3.1 and later\n\n## Remediation/Fixes\n\nThe solution is to apply the following IBM Workload Deployer fix: \n \nUpgrade the IBM Workload Deployer to the following fix level: \n \n\n\n_Product_\n\n| \n\n_VRMF_\n\n| \n\n_Remediation/First Fix_ \n \n---|---|--- \nIBM Workload Deployer System| Release V3.1.0.7| V3.1.0.7 Interim fix9, \n \n[_http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Workload+Deployer&amp;release=3.1.0.7&amp;platform=All&amp;function=fixId&amp;fixids=3.1.0.7-ifix9-IBM_Workload_Deployer&amp;includeSupersedes=0_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Workload+Deployer&release=3.1.0.7&platform=All&function=fixId&fixids=3.1.0.7-ifix9-IBM_Workload_Deployer&includeSupersedes=0>) \n \n \nFor CVE-2015-4000: As the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n \n \nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-15T07:03:36", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSLincluding Logjam affect IBM Workload Deployer. (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2018-06-15T07:03:36", "id": "AFB18C01001C1ED3C57D258D7EAEF5E63B8016D0093506248A32EF21FB399220", "href": "https://www.ibm.com/support/pages/node/265651", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:39:36", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM SDK for Node.js for the Cordova tools in Rational Application Developer for WebSphere Software. Rational Application Developer for WebSphere Software has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>) \n \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n \n \n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>) \n[](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \n \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n \n \n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM Rational Application Developer for WebSphere Software 9.1, 9.1.0.1, and 9.1.1\n\n## Remediation/Fixes\n\nUpdate the IBM SDK for Node.js using by the Cordova platform in the product to address this vulnerability: \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nRational Application Developer| 9.1, 9.1.0.1, and 9.1.1| \n| \n\n * Apply [IBM SDK for Node.js 1.1.0.15](<https://www.ibm.com/developerworks/web/nodesdk/>) to the Cordova platform in the product. \n \nInstallation instructions for applying the update to the Cordova platform in the product can be found here: \n \n[Upgrading the IBM SDK for Node.js used by Cordova](<http://www.ibm.com/support/docview.wss?uid=swg21684946>) \n \nFor CVE-2015-4000: As the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-05T00:09:48", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Rational Application Developer for WebSphere Software (CVE-2015-1791, CVE-2015-1792, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2020-02-05T00:09:48", "id": "7D8FF151823F9B967307D922CFD4A9025D96759EDDCD392AB7E59A523521BE8F", "href": "https://www.ibm.com/support/pages/node/531471", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:41:09", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes the Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM SDK for Node.js. IBM SDK for Node.js has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n**CVEID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)\n\n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nThese vulnerabilities affect IBM SDK for Node.js v1.1.0.14** **and previous releases. \nThese vulnerabilities affect IBM SDK for Node.js v1.2.0.2** **and previous releases.\n\n## Remediation/Fixes\n\nThe fixes for these vulnerabilities are included in IBM SDK for Node.js v1.1.0.15** **and subsequent releases. \nThe fixes for these vulnerabilities are included in IBM SDK for Node.js v1.2.0.3** **and subsequent releases. \n \nFor CVE-2015-4000: Further information on the changes associated with this vulnerability can be found [here](<https://developer.ibm.com/node/sdk/>). \n \nIBM SDK for Node.js can be downloaded, subject to the terms of the developerWorks license, from [here](<https://developer.ibm.com/node/sdk/>). \n \nIBM customers requiring an update for an SDK shipped with an IBM product should contact [_IBM support_](<http://www.ibm.com/support/>), and/or refer to the appropriate product security bulletin.\n\n## Workarounds and Mitigations\n\nFor CVE-2015-4000 on v1.2.0.6 or earlier, documentation for ensuring that secure key sizes are deployed on the server side can be found [here](<https://developer.ibm.com/node/sdk/>). For v1.2.0.7 and later, the IBM SDK for Node.js enforces a lower limit of 768-bits for DHE keys for server applications. \n \nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. You should verify applying this configuration change does not cause any compatibility issues. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-09T04:20:36", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM\u00ae SDK for Node.js\u2122", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2018-08-09T04:20:36", "id": "3F49FAB071AC220CFD95C66066F1E79691E4808BDCDA190649941EBBCE120D6E", "href": "https://www.ibm.com/support/pages/node/528869", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:41:00", "description": "## Summary\n\nPortions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for i (RPG and COBOL + Modernization Tools, Java and EGL editions), and Rational Developer for AIX and Linux. \nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM SDK for Node.js for the Cordova tools in Rational Application Developer for WebSphere Software. Rational Application Developer for WebSphere Software has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**CVEID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>) \n[](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \n \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n \n \n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n \n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>) \n \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n \n \n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>) \n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\n**Affected Product and Version(s)**\n\n| **Product and Version shipped as a component** \n---|--- \nIBM Rational Developer for i v9.1, v9.1.1 and v9.1.1.1 RPG and COBOL + Modernization Tools, Java Edition| Rational Application Developer 9.1, 9.1.1 \nIBM Rational Developer for i v9.1, v9.1.1 and v9.1.1.1, RPG and COBOL + Modernization Tools, EGL Edition| Rational Application Developer 9.1, 9.1.1 \nIBM Rational Developer for AIX and Linux v9.1 and v9.1.1, AIX COBOL Edition| Rational Application Developer 9.1, 9.1.1 \nIBM Rational Developer for AIX and Linux v9.1 and v9.1.1, C/C++ Edition| Rational Application Developer 9.1, 9.1.1 \n \n## Remediation/Fixes\n\nReview the Remediation/Fixes section of [Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Rational Application Developer for WebSphere Software (CVE-2015-1791, CVE-2015-1792, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790)](<http://www.ibm.com/support/docview.wss?uid=swg21961569>) for instructions on obtaining the fix for this issue.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-03T04:23:43", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect the Cordova platform packaged with Rational Application Developer affecting Rational Developer for i and Rational Developer for AIX and Linux", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2018-08-03T04:23:43", "id": "DD1039AD603CD497738F840D32655E5B15E168D7E31F54FA722E4A3C3742244E", "href": "https://www.ibm.com/support/pages/node/266311", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:51:50", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM System x, BladeCenter and Flex Systems Unified Extensible Firmware Interface. IBM System x, BladeCenter and Flex Systems Unified Extensible Firmware Interface (UEFI) have addressed the applicable CVEs.\n\n## Vulnerability Details\n\n## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM System x, BladeCenter and Flex Systems Unified Extensible Firmware Interface. IBM System x, BladeCenter and Flex Systems Unified Extensible Firmware Interface (UEFI) have addressed the applicable CVEs.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103780> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nSystem | Affected Version \n---|--- \nBladeCenter HS23 7875/1929 | tke148b-1.80 \nBladeCenter HS23E 8038/8039 | ahe148a-2.20 \nFlex System x220 7906/2585 | kse146a-1.70 \nFlex x222 7916 | cce1146d-1.30 \nFlex System x240 8737/8738/7863/8956 | b2e150e-1.70 \nFlex System x440 7917 | cne148b-1.60 \nNeXtScale nx360 M4 5455 | fhe112a-1.50 \nSystem x280, x480, x880 X6 7903 | n2e114c-1.10 \nSystem x3100 M5 5457 | j9e120e-1.20 \nSystem x3250 M5 5458 | jue120e-1.20 \nSystem x3300 M4 7382 | yae144a-1.50 \nSystem x3500 M4 7383 | y5e144c-1.92 \nSystem x3550 M4 7914 | d7e148b-1.91 \nSystem x3630 M4 7158/7160 | bee148b-2.21 \nSystem x3650 M4 BD 5466 | yoe108c-1.30 \nSystem x3650 M4 7915 | vve146a-2.00 \nSystem x3750 M4 8722/8752/8733/8718 | koe148c-1.70 \nSystem x3850 X6 (4S) 3837/3839, \nSystem x3950 X6 (8S) 3839 | a8e116c-1.10 \nSystem x iDataPlex dx360 M4 7912 | tde146a-1.70 \n \n## Remediation/Fixes:\n\nIt is recommended to update to the firmware level listed below, or later version. Firmware updates are available through IBM Fix Central: <http://www.ibm.com/support/fixcentral/>.\n\nYou should verify applying this fix does not cause any compatibility issues.\n\nTIP: To locate UEFI fix versions on Fix Central search on the version prefix, such as \"b2e1,\" \"fhe1,\" or \"koe1.\"\n\nSystem | Fixed Version \n---|--- \nBladeCenter HS23 7875/1929 | tke150b-1.90 \nBladeCenter HS23E 8038/8039 | ahe150b-2.31 \nFlex System x220 7906/2585 | kse148b-1.81 \nFlex x222 7916 | cce150b-1.50 \nFlex System x240 8737/8738/7863/8956 | b2e152c-1.80 \nFlex System x440 7917 | cne150b-1.70 \nNeXtScale nx360 M4 5455 | fhe114c01.60 \nSystem x280, x480, x880 X6 7903 | n2e116c-1.20 \nSystem x3100 M5 5457 | j9e122d-1.30 \nSystem x3250 M5 5458 | jue122d-1.30 \nSystem x3300 M4 7382 | yae146b-1.60 \nSystem x3500 M4 7383 | y5e146b-2.01 \nSystem x3550 M4 7914 | d7e150c-2.02 \nSystem x3630 M4 7158/7160 | bee150b-2.31 \nSystem x3650 M4 BD 5466 | yoe110b-1.40 \nSystem x3650 M4 7915 | vve148b-2.11 \nSystem x3750 M4 8722/8752/8733/8718 | koe150b-1.80 \nSystem x3850 X6 (4S) 3837/3839, \nSystem x3950 X6 (8S) 3839 | a8e118d-1.21 \nSystem x iDataPlex dx360 M4 7912 | tde148b-1.81 \n| \n \nNote: A fix for CVE-2014-8176 was provided in OpenSSL versions 0.9.8za, 1.0.0m, and 1.0.1h.\n\n## Workarounds and Mitigations:\n\nNone.\n\n## References:\n\n * [Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide.html>)\n * [On-line Calculator v2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n11 April 2016: Original version published \n\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:25:02", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM System x, BladeCenter and Flex Systems Unified Extensible Firmware Interface (UEFI) (CVE-2015-1789 CVE-2015-1790 CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1792"], "modified": "2019-01-31T02:25:02", "id": "77344783FD73BE0D0C50AD925B8C713FFC1AE91A30818A2E3D45D382E0AE643C", "href": "https://www.ibm.com/support/pages/node/868458", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-13T05:37:49", "description": "## Summary\n\nThere are vulnerabilities in the Open Source OpenSSL version that is used by the IBM\u00ae FlashSystem\u2122 V9000. An exploit of these vulnerabilities could result in a denial of service. One vulnerability can result in a race condition, the result of which is of unknown impact.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-3216_](<https://vulners.com/cve/CVE-2015-3216>) \n**DESCRIPTION:** OpenSSL shipped with Red Hat Enterprise Linux is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103915_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103915>) \nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\n_FlashSystem V9000 including machine type and models (MTMs) for all available code levels._ MTMs affected include 9846-AC2 and 9848-AC2. \n\n## Remediation/Fixes\n\nYou should verify that applying this fix does not cause any compatibility issues.\n\n_Product_| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n**V9000 MTMs:** \n9846-AE2, \n9848-AE2, \n9846-AC2, \n9848-AC2| _A code fix is now available, the VRMF of this code level is 7.5.1.0 (or later) for both the storage enclosure nodes (-AEx) and the control nodes (-ACx)_| _ __N/A_| _No workarounds or mitigations, other than applying this code fix, are known for this vulnerability_ \n \n \n**7.5.1.0** is available @ IBM\u2019s Fix Central**: **[**_V9000 fixes, download 7.5.1.0 or later_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%2Bhigh%2Bavailability%2Bsystems&product=ibm/StorageSoftware/IBM+FlashSystem+V9000&release=All&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-18T00:09:58", "type": "ibm", "title": "Security Bulletin:Vulnerabilities in Open Source OpenSSL affects the IBM FlashSystem V9000 (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791, and CVE-2015-3216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791", "CVE-2015-3216"], "modified": "2018-06-18T00:09:58", "id": "C98742B877B2C201166B837BC2C23F231BE604BF071711015BA45A10D5709CDE", "href": "https://www.ibm.com/support/pages/node/690661", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T05:32:41", "description": "## Summary\n\nThere are vulnerabilities in the Open Source OpenSSL version that is used by the IBM\u00ae FlashSystem\u2122 840 and IBM FlashSystem 900. An exploit of these vulnerabilities could result in a denial of service. One vulnerability can result in a race condition, the result of which is of unknown impact.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-3216_](<https://vulners.com/cve/CVE-2015-3216>) \n**DESCRIPTION:** OpenSSL shipped with Red Hat Enterprise Linux is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103915_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103915>) \nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P) \n \n--- \n \n## Affected Products and Versions\n\n_FlashSystem 840 including machine type and models (MTMs) for all available code levels._ MTMs affected include 9840-AE1 and 9843-AE1. \n \n_FlashSystem 900 including machine type and models (MTMs) for all available code levels._ MTMs affected include 9840-AE2 and 9843-AE2.\n\n## Remediation/Fixes\n\n_FS840 &amp; FS900 MTMs_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n**FlashSystem ****840 MTM: ** \n9840-AE1 9843-AE1 \n \n**FlashSystem 900 MTMs:** \n9840-AE2 &amp; \n9843-AE2| _A code fix is now available, the VRMF of this code level is 1.3.0.2 (or later)_| _ __N/A_| _No workarounds or mitigations, other than applying this code fix, are known for this vulnerability_ \n \n \n1.3.0.2 is available @ IBM\u2019s Fix Central **: **[**_840 fixes, download 1.3.0.2 or later_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%2Bhigh%2Bavailability%2Bsystems&product=ibm/StorageSoftware/IBM+FlashSystem+840&release=All&platform=All&function=all>) \n1.3.0.2 is available @ IBM\u2019s Fix Central **: **[**_900 fixes, download 1.3.0.2 or later_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%2Bhigh%2Bavailability%2Bsystems&product=ibm/StorageSoftware/IBM+FlashSystem+900&release=All&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-02-18T01:45:50", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Open Source OpenSSL affects the IBM FlashSystem models 840 and 900 (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791, and CVE-2015-3216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791", "CVE-2015-3216"], "modified": "2023-02-18T01:45:50", "id": "0B963717F89450DA332A8F619DDD9CE7A603E588666B7A5DE7227A89ADD7D81D", "href": "https://www.ibm.com/support/pages/node/690651", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-13T05:37:46", "description": "## Summary\n\nThere are vulnerabilities in the Open Source OpenSSL version that is used by the IBM\u00ae FlashSystem\u2122 V840. An exploit of these vulnerabilities could result in a denial of service. One vulnerability can result in a race condition, the result of which is of unknown impact.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-3216_](<https://vulners.com/cve/CVE-2015-3216>) \n**DESCRIPTION:** OpenSSL shipped with Red Hat Enterprise Linux is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103915_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103915>) \nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\n_FlashSystem V840 including machine type and models (MTMs) for all available code levels._ MTMs affected include 9846-AE1, 9848-AE1, 9846-AC0, 9848-AC0, 9846-AC1, and 9848-AC1. \n\n\n## Remediation/Fixes\n\n_V840 MTMs_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n**Storage nodes:** \n9846-AE1 &amp; \n9848-AE1 \n \n**Control nodes:** 9846-AC0, \n9846-AC1, \n9848-AC0, \n9848-AC1| _A code fix is now available, the VRMF of this code level is 1.3.0.2 (or later) for the storage enclosure nodes and 7.5.0.3 for the control nodes._| _ __N/A_| _No workarounds or mitigations, other than applying this code fix, are known for this vulnerability_ \n \n \n1.3.0.2 is available @ IBM\u2019s Fix Central **: **[**_V840 fixes, download 1.3.0.2 or later_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash+high+availability+systems&product=ibm/StorageSoftware/IBM+FlashSystem+V840&release=All&platform=All&function=all>) \n7.5.0.3 is available @ IBM\u2019s Fix Central**: **[**_V840 fixes, download 7.5.0.3 or later_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash+high+availability+systems&product=ibm/StorageSoftware/IBM+FlashSystem+V840&release=All&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-18T00:09:57", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Open Source OpenSSL affects the IBM FlashSystem V840 (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791, and CVE-2015-3216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791", "CVE-2015-3216"], "modified": "2018-06-18T00:09:57", "id": "86A0EA0159959C48BE8EE2EC91274A454DF3095B67D0C80CF9DB99E4B05F7F88", "href": "https://www.ibm.com/support/pages/node/690655", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:52:07", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM InfoSphere Guardium. IBM InfoSphere Guardium has addressed the applicable CVEs\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n \n**CVEID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\n8.2, 9x\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nIBM InfoSphere Guardium _ _| _8.2 _| _PSIRT 57680_| [http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=SqlGuard_8.2p6014_SecurityUpdate&amp;includeSupersedes=0&amp;source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_8.2p6014_SecurityUpdate&includeSupersedes=0&source=fc>) \nIBM InfoSphere Guardium| _9.x_| _PSIRT 57680_| [http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=SqlGuard_9.0p6014_SecurityUpdate&amp;includeSupersedes=0&amp;source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_9.0p6014_SecurityUpdate&includeSupersedes=0&source=fc>) \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-16T21:26:56", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM InfoSphere Guardium", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2018-06-16T21:26:56", "id": "ADF65B4A474E1421F71559C3F519C310FC36B59F7BDDCDE5839099E428CDBDB6", "href": "https://www.ibm.com/support/pages/node/533669", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:46:09", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM MessageSight. IBM MessageSight has addressed the applicable CVEs. \n\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \n\nCVSS Base Score: 5\n\n \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>)\n\n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \n\nCVSS Base Score: 5\n\n \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>)\n\n \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \n\nCVSS Base Score: 5\n\n \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n\n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>)\n\n \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \n\nCVSS Base Score: 5\n\n \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n## Affected Products and Versions\n\nIBM MessageSight 1.2.0.1 and earlier\n\n## Remediation/Fixes\n\n_Product_\n\n| \n_VRMF_| \n_APAR_| \n_Remediation/First Fix_ \n---|---|---|--- \n \n_IBM MessageSight_| \n_1.2_| \n_IT09765_| [_1.2.0.1-IBM-IMA-Physical-IFIT09765_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EOther%2Bsoftware&product=ibm/Other+software/MessageSight&release=All&platform=All&function=fixId&fixids=1.2.0.1-IBM-IMA-Physical-IFIT09765&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n[_1.2.0.1-IBM-IMA-VirtualEdition-IFIT09765_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EOther%2Bsoftware&product=ibm/Other+software/MessageSight&release=All&platform=All&function=fixId&fixids=1.2.0.1-IBM-IMA-VirtualEdition-IFIT09765&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n[_1.2.0.1-IBM-IMA-SoftLayerVirtual-IFIT09765_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EOther%2Bsoftware&product=ibm/Other+software/MessageSight&release=All&platform=All&function=fixId&fixids=1.2.0.1-IBM-IMA-SoftLayerVirtual-IT09765&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n[_1.2.0.1-IBM-IMA-BareMetal-IFIT09765_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EOther%2Bsoftware&product=ibm/Other+software/MessageSight&release=All&platform=All&function=fixId&fixids=1.2.0.1-IBM-IMA-BareMetal-IFIT09765&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n \n_IBM MessageSight_| \n_1.1_| \n_IT09765_| [_1.1.0.1-IBM-IMA-IFIT09765_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EOther%2Bsoftware&product=ibm/Other+software/MessageSight&release=All&platform=All&function=fixId&fixids=1.1.0.1-IBM-IMA-IFIT09765&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T15:12:15", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM MessageSight (CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2018-06-17T15:12:15", "id": "C87EDBA378406E58F4E29296C3C83DCAC416951C78E0B1CE14417659E78B8A76", "href": "https://www.ibm.com/support/pages/node/531561", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:52:54", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM Tealeaf Customer Experience. IBM Tealeaf Customer Experience has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>)** \nDESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Tealeaf Customer Experience: v8.0-v9.0.2\n\n## Remediation/Fixes\n\nProduct \n\n| \n\nVRMF \n\n| \n\nRemediation/First Fix \n \n---|---|--- \n \nIBM Tealeaf Customer Experience\n\n| \n\n9.0.2A \n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2A_IBMTealeaf_PCA-3732-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2A_IBMTealeaf_PCA-3732-4_SecurityRollup_FixPack>) \n`Tealeaf CX: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2.5168_9.0.2A_IBMTealeaf_CXUpgrade_FixPack2`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2.5168_9.0.2A_IBMTealeaf_CXUpgrade_FixPack2>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n9.0.2 \n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2_IBMTealeaf_PCA-3682-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2_IBMTealeaf_PCA-3682-4_SecurityRollup_FixPack>) \n`Tealeaf CX: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2.1118_IBMTealeaf_CXUpgrade_FixPack2`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2.1118_IBMTealeaf_CXUpgrade_FixPack2>) \n \nIBM Tealeaf Customer Experience\n\n| \n\n9.0.1A \n\n| PCA: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1A_IBMTealeaf_PCA-3724-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1A_IBMTealeaf_PCA-3724-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.5091_9.0.1A_IBMTealeaf_CXUpgrade_FixPack4`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.5091_9.0.1A_IBMTealeaf_CXUpgrade_FixPack4>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n9.0.1\n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1_IBMTealeaf_PCA-3673-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1_IBMTealeaf_PCA-3673-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.1097_IBMTealeaf_CXUpgrade_FixPack4`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.1097_IBMTealeaf_CXUpgrade_FixPack4>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n9.0.0, 9.0.0A \n\n| You can contact the [_Technical Support_](<http://www.ibm.com/software/marketing-solutions/tealeaf/support>) team for guidance. \n \nIBM Tealeaf Customer Experience \n\n| \n\n8.8 \n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8_IBMTealeaf_PCA-3625-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8_IBMTealeaf_PCA-3625-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8.0.9034_IBMTealeaf_CXUpgrade_FixPack8`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8.0.9034_IBMTealeaf_CXUpgrade_FixPack8>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n8.7 \n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7_IBMTealeaf_PCA-3615-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7_IBMTealeaf_PCA-3615-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7.1.8830_IBMTealeaf_CXUpgrade_FixPack9`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7.1.8830_IBMTealeaf_CXUpgrade_FixPack9>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n8.6 and earlier \n\n| You can contact the [_Technical Support_](<http://www.ibm.com/software/marketing-solutions/tealeaf/support>) team for guidance. \nFor v9.0.0, 9.0.0A, and versions before v8.7, IBM recommends upgrading to a later supported version of the product. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-16T19:45:48", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Tealeaf Customer Experience", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2018-06-16T19:45:48", "id": "82C91EE8B7C5AB72849CBFAA179C46D63EF5F9AAAEDD96E3D54F211CADA74041", "href": "https://www.ibm.com/support/pages/node/530433", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:42:55", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM i and IBM i has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n \n**CVEID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1793_](<https://vulners.com/cve/CVE-2015-1793>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to bypass security restrictions, caused by an implementation error of the alternative certificate chain logic. An attacker could exploit this vulnerability to bypass the CA flag and other specific checks on untrusted certificates and issue an invalid certificate. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104500_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104500>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nReleases V5R3, V5R4, 6.1, 7.1 and 7.2 of IBM i are affected. \n\n## Remediation/Fixes\n\nThe issue can be fixed by applying a PTF to the IBM i Operating System. \n \nReleases 6.1, 7.1 and 7.2 of IBM i are supported and will be fixed. Releases V5R3 and V5R4 are unsupported and will not be fixed. \n \nThe IBM i PTF numbers are: \n \n**Release 6.1 \u2013 SI57527** \n**Release 7.1 \u2013 SI57473** \n**Release 7.2 \u2013 SI57468** \n \nFor CVE-2015-4000: As the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n \nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n \n**_Important note: _**_IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone known\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-18T14:26:38", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM i", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-1793", "CVE-2015-4000"], "modified": "2019-12-18T14:26:38", "id": "7560A74E2926246941C9FBAEBB3EC98EF899CD0E877EBB53F3C2438F3C7CB29A", "href": "https://www.ibm.com/support/pages/node/666355", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:39:04", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed by the OpenSSL Project and affect IBM GPFS V3.5 . This includes the Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). This also includes the alternate chains certificate forgery vulnerability (CVE-2015-1793). IBM GPFS V3.5 has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n**CVEID:** [_CVE-2015-1793_](<https://vulners.com/cve/CVE-2015-1793>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to bypass security restrictions, caused by an implementation error of the alternative certificate chain logic. An attacker could exploit this vulnerability to bypass the CA flag and other specific checks on untrusted certificates and issue an invalid certificate. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104500_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104500>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n \n**CVEID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n\n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nOpenSSH for GPFS V3.5 for Windows\n\n## Remediation/Fixes\n\nIn GPFS V3.5.0.26 dated August 4, 2015, IBM upgraded OpenSSH for GPFS on Windows to use OpenSSL 1.0.1p to address these vulnerabilities. System administrators should update their systems to GPFS V3.5.0.26 by following the steps below. \n \n1\\. Download the GPFS 3.5.0.26 update package dated August 2015 into any directory on your system from [http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%2Bsoftware&amp;product=ibm/power/IBM+General+Parallel+File+System&amp;release=3.5.0&amp;platform=Windows&amp;function=all](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%2Bsoftware&product=ibm/power/IBM+General+Parallel+File+System&release=3.5.0&platform=Windows&function=all>) \n \n2\\. Extract the contents of the ZIP archive so that the .msi file it includes is directly accessible to your system. \n \n3\\. Follow the instructions in the README included in the update package in order to install the OpenSSH msi package. This updated OpenSSH msi package is built using OpenSSL 1.0.1p. \n \nIf GPFS multiclustering is configured on Windows nodes, upgrade all OpenSSL packages that may have been installed. The following can be done on a small group of nodes at each time (ensuring that quorum is maintained) to maintain file system availability: \n \na. Stop GPFS on the node \nb. Install the version of OpenSSL \nc. Restart GPFS on the node \n \nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-25T16:46:35", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM GPFS V3.5 for Windows (CVE-2015-4000, CVE-2015-1793, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-1793", "CVE-2015-4000"], "modified": "2021-06-25T16:46:35", "id": "E9A3E2EA3AE2ADD4620D37196036A6030F0C51283082B6F6903A10C2A73E5C49", "href": "https://www.ibm.com/support/pages/node/681125", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:52:11", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM Flex System FC43171 8Gb SAN Switchand SAN Pass-thru firmware, QLogic 8Gb Intelligent Pass-thru Module &amp;amp; SAN Switch Module for BladeCenter and QLogic Virtual Fabric Extension Module for IBM BladeCenter which have addressed the applicable CVEs.\n\n## Vulnerability Details\n\n## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM Flex System FC43171 8Gb SAN Switch and SAN Pass-thru firmware, QLogic 8Gb Intelligent Pass-thru Module &amp; SAN Switch Module for BladeCenter and QLogic Virtual Fabric Extension Module for IBM BladeCenter which have addressed the applicable CVEs.\n\n**Vulnerability Details**\n\n**CVE-ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\".\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**CVE-ID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103778> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103780> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>)\n\n**Description:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103609> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected products and versions\n\nProduct | Affected Version \n---|--- \nIBM Flex System FC43171 8Gb SAN Switch and SAN Pass-thru | 9.1.5.03.00 \nQLogic 8Gb Intelligent Pass-thru Module &amp; SAN Switch Module for BladeCenter | 7.10.1.31.00 \nQLogic Virtual Fabric Extension Module for IBM BladeCenter | 9.0.3.10.00 \n \n## Remediation/Fixes\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\nProduct | Fixed Version \n---|--- \nIBM Flex System FC43171 8Gb SAN Switch and SAN Pass-thru \n(published in qlgc_fw_flex_9.1.7.01.00) | 9.1.5.04.00 \nQLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for BladeCenter \n(qlgc_fw_bcsw_7.10.1.35_anyos_noarch) | 7.10.1.35.00 \nQLogic Virtual Fabric Extension Module for IBM BladeCenter \n(qlgc_fw_bcsw_9.0.3.12.00_anyos_noarch) | 9.0.3.12.0 \n \nFor **CVE-2015-4000**: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone.\n\n## References\n\n * [Complete CVSS V2 Guide](<http://www.first.org/cvss/v2/guide>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n11 December 2015: Original Version Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL, including Logjam, affect IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware, QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module and QLogic Virtual Fabric Extension Module", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2019-01-31T02:10:01", "id": "45A391F0E1CE99679546039D2F1C0C8B6B2EDCC706278DE6C16010592663C5F8", "href": "https://www.ibm.com/support/pages/node/868200", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:37:36", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by Informix Genero. Informix Genero has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n \n\n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nInformix Genero 2.3x, 2.4x, and 2.5x \n\n## Remediation/Fixes\n\nInformix Genero component products with version numbers of 2.50.12.P4 and v2.50.14.P4 address these vulnerabilities. These versions can be downloaded from IBM\u2019s Fix Central web site at the locations indicated below. \n\n**Informix Genero Version**\n\n| \n\n**_Remediation/Fix by OS / Platform_**\n\n| \n \n---|---|--- \n \n**2.50.14.P4**\n\n| \n\n[**Linux-32;**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.14.P4&platform=Linux+32-bit,x86&function=all>)** **[**Linux-64**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.14.P4&platform=Linux+64-bit,x86_64&function=all>) \n[**Linux (pSeries)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.14.P4&platform=Linux+64-bit,pSeries&function=all>) \n[**HP-UX (Risc-64)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.14.P4&platform=HPUX+64-bit,+PA+RISC&function=all>) \n[**HP-UX (IA-64)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.14.P4&platform=HPUX+64-bit,+IA64&function=all>) \n[**Mac OSX 10.5**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.14.P4&platform=Mac+OSX+10.5&function=all>) \n[**Solaris (SPARC)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.14.P4&platform=Solaris+64-bit,SPARC&function=all>) \n[**Solaris (Intel)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.14.P4&platform=Solaris+64-bit,x86&function=all>) \n[**AIX (pSeries)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.14.P4&platform=AIX+64-bit,+pSeries&function=all>)\n\n| \n \n \n**2.50.12.P4**\n\n| \n\n[**Windows(32);**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=Windows+32-bit,+x86&function=all>)** **[**Windows(64**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=Windows+64-bit,+x86&function=all>)**)** \n[**Linux-32;**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=Linux+32-bit,x86&function=all>)** **[**Linux-64**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=Linux+64-bit,x86_64&function=all>) \n[**Linux (pSeries)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=Linux+64-bit,pSeries&function=all>) \n[**HP-UX (Risc-64)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=HPUX+64-bit,+PA+RISC&function=all>) \n[**HP-UX (IA-64)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=HPUX+64-bit,+IA64&function=all>) \n[**Mac OSX 10.5**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=Mac+OSX+10.5&function=all>) \n[**Solaris (SPARC)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=Solaris+64-bit,SPARC&function=all>) \n[**Solaris (Intel)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=Solaris+64-bit,x86&function=all>)[](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=AIX+64-bit,+pSeries&function=all>) \n[**AIX (pSeries)**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Informix+Tools&release=GEN2.50.12&platform=AIX+64-bit,+pSeries&function=all>)\n\n| \n \nThis fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. You should verify applying this fix does not cause any compatibility issues. \n\nFor Informix Genero versions 2.3x and 2.4x, IBM recommends an upgrade to a fixed, supported version of the product.\n\n## Workarounds and Mitigations\n\nIBM recommends the fix described above. If the fix cannot be applied, the mitigation is to configure the Informix Genero Web Services (GWS) server to disable the Diffie-Hellman ciphers. The steps to perform this action are as follows: \n\n \nOpen your fglprofile file. This will be in your HOME directory with this name, or will be a file referenced by the FGLPROFILE environment variable. \n\n \nCreate the entry \"security.global.cipher\" with the following content (the fglprofile entry below must be on 1 line): \n \n`security.global.cipher = \"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA\"`\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-03T16:41:46", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Informix Genero (CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792 & CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2021-06-03T16:41:46", "id": "0CB790755A86B581A38C5E6BE6E3A26223CD5CF0D217D9AF43702EEF9E45DABD", "href": "https://www.ibm.com/support/pages/node/529155", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:52:07", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM QRadar SIEM, and QRadar Incident Forensics. IBM QRadar SIEM, and Incident Forensics has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n \n\n\n \n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\n\u00b7 IBM QRadar SIEM 7.2.x \n\n\u00b7 IBM QRadar SIEM 7.1.x\n\n\u00b7 IBM QRadar Incident Forensics 7.2.x\n\n## Remediation/Fixes\n\n[\u00b7 _IBM QRadar/QRM/QVM/QRIF 7.2.5 Patch 3 Interim Fix 01_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Security%2BSystems&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.2.0&platform=Linux&function=fixId&fixids=7.2.5-QRADAR-QRSIEM-20150722144420INT%3Ahidden&includeSupersedes=0&source=>)\n\n[\u00b7 _IBM QRadar SIEM 7.1 MR2 Patch 11 Interim Fix 02_](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.1.0&platform=Linux&function=fixId&fixids=7.1.0-QRADAR-QRSIEM-1104233INT&includeSupersedes=0&source=fc>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-16T21:25:55", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM QRadar SIEM, and QRadar Incident Forensics. (CVE-2015-4000, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2018-06-16T21:25:55", "id": "172D3E3C5C882F5D472A4A74B4E53BDADD9B0BCA3C3A708F78EF6029720B4088", "href": "https://www.ibm.com/support/pages/node/532691", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-13T01:34:36", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed in June 2015 by the OpenSSL Project. OpenSSL is used by SAN Volume Controller and Storwize Family. SAN Volume Controller and Storwize Family has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#__/__vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>)** \nDESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM SAN Volume Controller \nIBM Storwize V7000 \nIBM Storwize V5000 \nIBM Storwize V3700 \nIBM Storwize V3500 \n \nAll products are affected when running supported releases 1.1 to 7.5 except for versions 7.3.0.12, 7.4.0.6 and 7.5.0.3 and above.\n\n## Remediation/Fixes\n\nIBM recommends that you fix this vulnerability by upgrading affected versions of IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500 to the following code levels or higher: \n \n7.3.0.12 \n7.4.0.6 \n7.5.0.3 \n \n[_Latest SAN Volume Controller Code_](<http://www-01.ibm.com/support/docview.wss?rs=591&uid=ssg1S1001707>) \n[_Latest Storwize V7000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003705>) \n[_Latest Storwize V5000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004336>) \n[_Latest Storwize V3700 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004172>) \n[_Latest Storwize V3500 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004171>)\n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-18T00:10:09", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affects SAN Volume Controller and Storwize Family (CVE-2015-1789 CVE-2015-1791 CVE-2015-1788 )", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791"], "modified": "2018-06-18T00:10:09", "id": "C95E77161B48C2969E6AAB743AAD921249B05B139C9E6DB99D47B8254D0339E9", "href": "https://www.ibm.com/support/pages/node/690729", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:54:47", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by WebSphere MQ 5.3 (HPNSS) has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM WebSphere MQ V5.3 for HP NonStop \n\n## Remediation/Fixes\n\n**_ \nIBM WebSphere MQ V5.3 for HP NonStop_** \nA patched version of OpenSSL will be made available in WebSphere MQ v531.11 Patch 1, which will be available from your IBM Support representative.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-15T07:03:37", "type": "ibm", "title": "Security Bulletin: Multiple OpenSSL Vulnerabilities affect IBM WebSphere MQ 5.3 on HP NonStop (CVE-2015-1788) (CVE-2015-1789) (CVE-2015-1791)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791"], "modified": "2018-06-15T07:03:37", "id": "2B57635893A008B30DACCBFC585DFBEFC6815B10A081CE771A451CBB98704E62", "href": "https://www.ibm.com/support/pages/node/266093", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:42:08", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Rational ClearCase versions: \n \n\n\n**Version**\n\n| \n\n**Status** \n \n---|--- \n \n8.0.1 through 8.0.1.8\n\n| \n\nAffected \n \n8.0 through 8.0.0.15\n\n| \n\nAffected \n \n7.1.0.x, 7.1.1.x (all versions) \n7.1.2 through 7.1.2.18\n\n| \n\nAffected \n \n \nNot all deployments of Rational ClearCase use OpenSSL in a way that is affected by these vulnerabilities. \n \nYou are vulnerable if your use of Rational ClearCase includes _any_ of these configurations: \n\n\n 1. You use the base ClearCase/ClearQuest integration client on any platform, configured to use SSL to communicate with a ClearQuest server. \n\n 2. You use the UCM/ClearQuest integration on UNIX/Linux clients, configured to use SSL to communicate with a ClearQuest server. \n**Note:** Windows clients using the UCM/ClearQuest integration are not vulnerable. \n\n 3. On UNIX/Linux clients, you use the Change Management Integrations for base ClearCase with ClearQuest or Rational Team Concert (RTC), or for UCM with ClearQuest or RTC, or for Jira, when configured to use SSL to communicate with the server. \n**Note:** Windows clients using the CMI integration are not vulnerable. \n\n 4. You use ratlperl, ccperl, or cqperl to run your own perl scripts, **and** those scripts use SSL connections.\n\n## Remediation/Fixes\n\nApply a fix pack as listed in the table below. The fix pack includes OpenSSL 1.0.1p. \n \n\n\n**Affected Versions**\n\n| \n\n** Applying the fix** \n \n---|--- \n \n8.0.1 through 8.0.1.8\n\n| Install [Rational ClearCase Fix Pack 9 (8.0.1.9) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24040516>) \n \n8.0 through 8.0.0.15\n\n| Install [Rational ClearCase Fix Pack 16 (8.0.0.16) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24040514>) \n \n7.1.2 through 7.1.2.18 \n7.1.1.x (all fix packs) \n7.1.0.x (all fix packs)\n\n| Customers on extended support contracts should install [Rational ClearCase Fix Pack 19 (7.1.2.19) for 7.1.2](<http://www.ibm.com/support/docview.wss?uid=swg24040512>) \n \n_For 7.0.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-10T08:34:12", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearCase (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791"], "modified": "2018-07-10T08:34:12", "id": "7F7D42194E4015B776224531EE3852B2B585177034C5ECE3EE02E228E4FE686D", "href": "https://www.ibm.com/support/pages/node/530347", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:49:05", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest . IBM Rational ClearQuest has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Rational ClearQuest versions: \n \n\n\n**Version**\n\n| \n\n**Status** \n \n---|--- \n \n8.0.1 through 8.0.1.8\n\n| \n\nAffected \n \n8.0 through 8.0.0.15\n\n| \n\nAffected \n \n7.1.0.x, 7.1.1.x (all versions) \n7.1.2 through 7.1.2.18\n\n| \n\nAffected \n \n \nNot all deployments of Rational ClearQuest use OpenSSL in a way that is affected by these vulnerabilities. \n \nYou are vulnerable if your use of Rational ClearQuest includes _any_ of these configurations: \n\n 1. You use SSL connections in perl scripts run by ratlperl or cqperl, or by ClearQuest hooks. In this situation, you should review all the fixes provided by the OpenSSL project to see which ones apply to your use of OpenSSL. See the references link below.\n 2. You integrate with ClearCase.\n\n## Remediation/Fixes\n\nThe solution is to update to the latest fix pack. The fix pack includes OpenSSL 1.0.1p. \n \n\n\n**Affected Versions**\n\n| \n\n** Applying the fix** \n \n---|--- \n \n8.0.1 through 8.0.1.8\n\n| Install [Rational ClearQuest Fix Pack 9 (8.0.1.9) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24040515>) \n \n8.0 through 8.0.0.14\n\n| Install [Rational ClearQuest Fix Pack 16 (8.0.0.16) for 8.0](<http://www-01.ibm.com/support/docview.wss?uid=swg24040513>) \n \n7.1.2 through 7.1.2.17\n\n| Customers on extended support contracts should install [Rational ClearQuest Fix Pack 19 (7.1.2.19) for 7.1.2](<http://www-01.ibm.com/support/docview.wss?uid=swg24040511>) \n \n7.1.1.x (all fix packs) \n7.1.0.x (all fix packs)\n\n| Customers on extended support contracts should contact Rational Customer Support \n \n_For 7.0.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T05:04:24", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791"], "modified": "2018-06-17T05:04:24", "id": "C3DE321F78B4C8F5AC5B1E58A1D07302D3EF4CC60E15AAA9DC7F80835BF64230", "href": "https://www.ibm.com/support/pages/node/533065", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:49:10", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM Rational RequisitePro. RequisitePro has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Rational RequisitePro versions: \n \n\n\n**Version**\n\n| \n\n**Status** \n \n---|--- \n \n7.1.4 through 7.1.4.7\n\n| \n\nAffected \n \n7.1.3 through 7.1.3.14\n\n| \n\nAffected \n \n7.1.2 through 7.1.2.17\n\n| \n\nAffected \n \n7.1.1.x (all versions)\n\n| \n\nAffected \n \n \nNot all deployments of Rational RequisitePro use OpenSSL in a way that is affected by these vulnerabilities. \n \nYou are vulnerable if your use of Rational RequisitePro includes _any_ of these configurations: \n\n\n 1. You use SSL connections in perl scripts run by ratlperl or cqperl.\n 2. You integrate with ClearQuest.\n\n## Remediation/Fixes\n\n**Affected Versions**\n\n| \n\n** Prerequisite before applying the fix** \n \n---|--- \n \n7.1.4 through 7.1.4.7\n\n| Install [Rational RequisitePro Fix Pack 8 (7.1.4.8) for 7.1.4](<http://www-01.ibm.com/support/docview.wss?uid=swg24040133>) \n \n7.1.3 through 7.1.3.14\n\n| Install [Rational RequisitePro Fix Pack 15 (7.1.3.15) for 7.1.3](<http://www-01.ibm.com/support/docview.wss?uid=swg24040132>) \n \n7.1.2.x (all fix packs) \n7.1.1.x (all fix packs) \n7.1.0.x (all fix packs)\n\n| Install [Rational RequisitePro Fix Pack 18 (7.1.2.18) for 7.1.2](<http://www-01.ibm.com/support/docview.wss?uid=swg24040131>). **Note: **7.1.2.18 interoperates with all 7.1.1.x and 7.1.0.x systems, and can be installed in the same way as 7.1.1.x and 7.1.0.x fix packs. \n \nThe fix is to install the latest version of RequisitePro, then contact Rational Support for instructions to apply the rest of the fix, which contains an updated version of OpenSSL. \n \nYou should verify applying this fix does not cause any compatibility issues. \n\n_For unsupported versions, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nDisable the integrations and any custom defined ratlperl or cqperl scripts with SSL until you apply the fixes listed above.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T05:03:07", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect Rational RequisitePro (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791"], "modified": "2018-06-17T05:03:07", "id": "4B1403A2A854C3358EEDF7DDEBB346B2846BD8FAB7B18701B8EF4F762A75BEE5", "href": "https://www.ibm.com/support/pages/node/535199", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:52:05", "description": "## Summary\n\nThe following OpenSSL vulnerabilities are addressed by the IBM BladeCenter Switches listed below.\n\n## Vulnerability Details\n\n## Summary\n\nThe following OpenSSL vulnerabilities are addressed by the IBM BladeCenter Switches listed below.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103778> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected products and versions\n\nProduct | Affected Version | Fix Version \n---|---|--- \nIBM 1/10Gb Uplink Ethernet Switch Module \nibm_fw_bcsw_110gup-6.8.22.0_anyos_noarch | 6.8.21.0 | 6.8.22.0 \nIBM 1/10Gb Uplink Ethernet Switch Module \nibm_fw_bcsw_110gup-7.4.12.0_anyos_noarch | 7.4.11.0 | 7.4.12.0 \nIBM Virtual Fabric 10Gb Switch Module \nibm_fw_bcsw_24-10g-6.8.22.0_anyos_noarch | 6.8.21.0 | 6.8.22.0 \nIBM Virtual Fabric 10Gb Switch Module \nibm_fw_bcsw_24-10g-7.8.8.0_anyos_noarch | 7.8.7.0 | 7.8.8.0 \n \n## Remediation/Fixes:\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\n## Workarounds and Mitigations:\n\nNone.\n\n## References:\n\n * [Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide.html>)\n * [On-line Calculator v2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n02 November 2015: Original version published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM BladeCenter Switches (CVE-2015-1788, CVE-2015-1789, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1792"], "modified": "2019-01-31T02:10:01", "id": "4D12E5BE07979EF0E8D6872D8803DB6EC73BE7AC4A1682631BC85622BE9A7B7F", "href": "https://www.ibm.com/support/pages/node/868036", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:52:06", "description": "## Summary\n\nThe following OpenSSL vulnerabilities are addressed by the IBM System Networking RackSwitch products listed below.\n\n## Vulnerability Details\n\n## Summary\n\nThe following OpenSSL vulnerabilities are addressed by the IBM System Networking RackSwitch products listed below.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103778> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM System Networking RackSwitch | Affected Version \n---|--- \nG8052 | 7.9.14.0 \nG8052 | 7.11.4.0 \nG8124/G8124-E | 7.11.4.0 \nG8264 | 7.11.4.0 \nG8264 | 7.9.14.0 \nG8264CS | 7.8.11.0 \nG8264T | 7.9.14.0 \nG8316 | 7.9.14.0 \nG8332 | 7.7.20.0 \n \n## Remediation/Fixes:\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\nIBM System Networking RackSwitch | Fix Version \n---|--- \nG8052 ([ G8052-7.9.15.0.zip](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Ethernet+switches&product=ibm/Systems_Networking/IBM+BNT+RackSwitch+G8052R,F+G8264R,F&release=All&platform=All&function=fixId&fixids=G8052_Image_7.9.15.0&includeSupersedes=0&source=fc>)) | 7.9.15.0 \nG8052 ([ G8052-7.11.5.0.zip](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Ethernet+switches&product=ibm/Systems_Networking/IBM+BNT+RackSwitch+G8052R,F+G8264R,F&release=All&platform=All&function=fixId&fixids=G8052_Image_7.9.15.0&includeSupersedes=0&source=fc>)) | 7.11.5.0 \nG8124/G8124-E ([ G8124_G8124E-7.11.5.0.zip](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Ethernet+switches&product=ibm/Systems_Networking/IBM+BNT+RackSwitch+G8124&release=All&platform=All&function=fixId&fixids=G8124_G8124E_Image_7.11.5.0&includeSupersedes=0&source=fc>)) | 7.11.5.0 \nG8264 ([ G8264-7.11.5.0.zip](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Ethernet+switches&product=ibm/Systems_Networking/IBM+BNT+RackSwitch+G8264&release=All&platform=All&function=fixId&fixids=G8264_Image_7.11.5.0&includeSupersedes=0&source=fc>)) | 7.11.5.0 \nG8264 ([ G8264-7.9.15.0.zip](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Ethernet+switches&product=ibm/Systems_Networking/IBM+BNT+RackSwitch+G8264&release=All&platform=All&function=fixId&fixids=G8264_Image_7.9.15.0&includeSupersedes=0&source=fc>)) | 7.9.15.0 \nG8264CS ([ G8264CS-7.8.12.0.zip](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Converged+switches&product=ibm/Systems_Networking/IBM+RackSwitch+G8264CS&release=All&platform=All&function=fixId&fixids=G8264CS_Image_7.8.12.0&includeSupersedes=0&source=fc>)) | 7.8.12.0 \nG8264T ([ G8264T-7.9.15.0.zip](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Ethernet+switches&product=ibm/Systems_Networking/IBM+RackSwitch+G8264T&release=All&platform=All&function=fixId&fixids=G8264T_Image_7.9.15.0&includeSupersedes=0&source=fc>)) | 7.9.15.0 \nG8316 ([ G8316-7.9.15.0.zip](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Ethernet+switches&product=ibm/Systems_Networking/IBM+System+Networking+RackSwitch+G8316&release=All&platform=All&function=fixId&fixids=G8316_Image_7.9.15.0&includeSupersedes=0&source=fc>)) | 7.9.15.0 \nG8332 ([ G8332-7.7.21.0.zip](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Ethernet+switches&product=ibm/Systems_Networking/IBM+RackSwitch+G8332&release=All&platform=All&function=fixId&fixids=G8332_Image_7.7.21.0&includeSupersedes=0&source=fc>)) | 7.7.21.0 \n \n## Workarounds and Mitigations:\n\nNone.\n\n## References:\n\n * [Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide.html>)\n * [On-line Calculator v2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n02 November 2015: Original version published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM System Networking RackSwitch (CVE-2015-1788, CVE-2015-1789, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1792"], "modified": "2019-01-31T02:10:01", "id": "45F1C26D25DC54B1111841C7E8AF4B04A66D3C9CACBB5F447E428D3CDDC00C57", "href": "https://www.ibm.com/support/pages/node/868038", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:52:07", "description": "## Summary\n\nThe following OpenSSL vulnerabilities are addressed by the IBM Flex System Networking Switches listed below.\n\n## Vulnerability Details\n\n## Summary\n\nThe following OpenSSL vulnerabilities are addressed by the IBM Flex System Networking Switches listed below.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103778> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected products and Versions\n\nProduct | Affected Version | Fix Version \n---|---|--- \nIBM Flex System Fabric EN4093R 10Gb Scalable Switch (ibm_fw_scsw_en4093r-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System Fabric CN4093 10Gb Converged Scalable Switch (ibm_fw_scsw_cn4093-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System Fabric SI4093 System Interconnect Module (ibm_fw_scsw_si4093-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System EN2092 1Gb Ethernet Scalable Switch (ibm_fw_scsw_en2092-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System Interconnect Fabric (G8264CS_SI_Fabric_Image_7.8.12.0) | 7.8.11.0 | 7.8.12.0 \n \n## Remediation/Fixes:\n\nFirmware fix versions are available on Fix Central: \n<http://www-933.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\n## Workarounds and Mitigations:\n\nNone\n\n## References:\n\n * [Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide.html>)\n * [On-line Calculator v2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n29 October 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System Networking Switches (CVE-2015-1788, CVE-2015-1789, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1792"], "modified": "2019-01-31T02:10:01", "id": "CC8C9E3E213B252611C58A980B905CDA01579A3982393A03C0CA88E7D0247D07", "href": "https://www.ibm.com/support/pages/node/868024", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:52:08", "description": "## Summary\n\nThe following OpenSSL vulnerabilities are addressed by the IBM Flex System Networking Switches listed below.\n\n## Vulnerability Details\n\n## Summary\n\nThe following OpenSSL vulnerabilities are addressed by the IBM Flex System Networking Switches listed below.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103778> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected products and Versions\n\nProduct | Affected Version | Fix Version \n---|---|--- \nIBM Flex System Fabric EN4093R 10Gb Scalable Switch (ibm_fw_scsw_en4093r-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System Fabric CN4093 10Gb Converged Scalable Switch (ibm_fw_scsw_cn4093-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System Fabric SI4093 System Interconnect Module (ibm_fw_scsw_si4093-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System EN2092 1Gb Ethernet Scalable Switch (ibm_fw_scsw_en2092-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System Interconnect Fabric (G8264CS_SI_Fabric_Image_7.8.12.0) | 7.8.11.0 | 7.8.12.0 \n \n## Remediation/Fixes:\n\nFirmware fix versions are available on Fix Central: \n<http://www-933.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\n## Workarounds and Mitigations:\n\nNone\n\n## References:\n\n * [Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide.html>)\n * [On-line Calculator v2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>) \n\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n29 October 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System Networking Switches (CVE-2015-1788, CVE-2015-1789, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1792"], "modified": "2019-01-31T02:10:01", "id": "C48BCCCB9C9D9824A3691807D1186751538A4148C753DE0274ECBC66A45D9086", "href": "https://www.ibm.com/support/pages/node/868034", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:52:08", "description": "## Summary\n\nThe following OpenSSL vulnerabilities are addressed by the IBM Flex System Networking Switches listed below.\n\n## Vulnerability Details\n\n## Summary\n\nThe following OpenSSL vulnerabilities are addressed by the IBM Flex System Networking Switches listed below.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103778> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected products and Versions\n\nProduct | Affected Version | Fix Version \n---|---|--- \nIBM Flex System Fabric EN4093R 10Gb Scalable Switch (ibm_fw_scsw_en4093r-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System Fabric CN4093 10Gb Converged Scalable Switch (ibm_fw_scsw_cn4093-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System Fabric SI4093 System Interconnect Module (ibm_fw_scsw_si4093-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System EN2092 1Gb Ethernet Scalable Switch (ibm_fw_scsw_en2092-7.8.12.0) | 7.8.11.0 | 7.8.12.0 \nIBM Flex System Interconnect Fabric (G8264CS_SI_Fabric_Image_7.8.12.0) | 7.8.11.0 | 7.8.12.0 \n \n## Remediation/Fixes:\n\nFirmware fix versions are available on Fix Central: \n<http://www-933.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\n## Workarounds and Mitigations:\n\nNone\n\n## References:\n\n * [Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide.html>)\n * [On-line Calculator v2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>) \n\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n29 October 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System Networking Switches (CVE-2015-1788, CVE-2015-1789, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1792"], "modified": "2019-01-31T02:10:01", "id": "F77D882E57D3DF8BFA32289B35EE8D46A1AD0E81EF2A1D59F10C3294CA99EAFD", "href": "https://www.ibm.com/support/pages/node/868032", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:51:36", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by Integrated Management Module II (IMM2).\n\n## Vulnerability Details\n\n## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by Integrated Management Module II (IMM2).\n\nIntegrated Management Module II (IMM2) has addressed the vulnerabilities listed below.\n\n**Vulnerability Details**\n\n**CVE-ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\".\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**CVE-ID:** [CVE-2014-8176](<https://vulners.com/cve/CVE-2014-8176>)\n\n**Description:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system.\n\nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103782> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103780> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>)\n\n**Description:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103609> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103778> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1781](<https://vulners.com/cve/CVE-2015-1781>)\n\n**Description:** GNU C Library (glibc) is vulnerable to a buffer overflow, caused by improper bounds checking by the gethostbyname_r() and other related functions. By sending a specially-crafted argument, a remote attacker could overflow a buffer and execute arbitrary code on the system elevated privileges or cause the application to crash.\n\nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/102500> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P)\n\n**CVE-ID:** [CVE-2013-2207](<https://vulners.com/cve/CVE-2013-2207>)\n\n**Description:** The GNU C Library (glibc) could allow a local attacker to bypass security restrictions, caused by an error in the pt_chown() function. An attacker could exploit this vulnerability to gain unauthorized access to the pseudoterminal of other users.\n\nCVSS Base Score: 2.1 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/86914> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVE-ID:** [CVE-2014-8121](<https://vulners.com/cve/CVE-2014-8121>)\n\n**Description:** GNU C Library (glibc) is vulnerable to a denial of service, caused by the failure to properly check if a file is open by DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS). By performing a look-up on a database while iterating over it, an attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/102652> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-5600](<https://vulners.com/cve/CVE-2015-5600>)\n\n**Description:** OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive authentication mechanism that allows successive authentications that exceed the MaxAuthTries setting. An attacker could exploit this vulnerability using brute-force techniques to crack the victim's password.\n\nCVSS Base Score: 4 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/104877> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected products and versions\n\nProduct | Affected Version \n---|--- \nIntegrated Management Module 2 (IMM2) for BladeCenter | 1AOO66M \nIntegrated Management Module 2 (IMM2) for System x | 1AOO66M \nIntegrated Management Module 2 (IMM2) for Flex Systems | 1AOO66O \n \n## Remediation/Fixes\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\nProduct | Fixed Version \n---|--- \nIntegrated Management Module 2 (IMM2) for BladeCenter \n(ibm_fw_imm2_1aoo68l-5.20_bc_anyos_noarch) | 1AOO68L \u2014 5.20 \nIntegrated Management Module 2 (IMM2) for System x \n(ibm_fw_imm2_1aoo68l-5.20_anyos_noarch) | 1AOO68L \u2014 5.20 \nIntegrated Management Module 2 (IMM2) for Flex Systems \n(ibm_fw_imm2_1aoo68l-5.20_anyos_noarch) | 1AOO68L \u2014 5.20 \n \nFor **CVE-2015-4000**: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone.\n\n## References\n\n * [Complete CVSS V2 Guide](<http://www.first.org/cvss/v2/guide>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n * [Complete CVSS V3 Guide](<http://www.first.org/cvss/user-guide>)\n * [On-line Calculator V3](<http://www.first.org/cvss/calculator/3.0>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>)\n\n**Acknowledgement**\n\nReported to IBM by The WeakDH team at <https://weakdh.org>.\n\n**Change History** \n01 December 2015: Original Version Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:25:02", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSH, GNU C Library (glibc), and OpenSSL, including Logjam, affect Integrated Management Module II (IMM2)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2207", "CVE-2014-8121", "CVE-2014-8176", "CVE-2015-1781", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000", "CVE-2015-5600"], "modified": "2019-01-31T02:25:02", "id": "B48A934A561B5DA138A664173E19E268F2190EB9B23DD117254F13BA1342F809", "href": "https://www.ibm.com/support/pages/node/868230", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2023-02-21T05:46:20", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM Tivoli Composite Application Manager for Transactions. IBM Tivoli Composite Application Manager for Transactions has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>) \n**DESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Tivoli Composite Application Manager (ITCAM) for Transactions is affected. ITCAM for Transactions contains multiple sub components (Agents). Only the Internet Service Monitor (ISM \u2013 Agent code \u2018IS\u2019) is affected. \n\nVersions:\n\n\u00b7 7.4 \u2013 Affected by CVE (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791 and CVE-2015-4000)\n\n\u00b7 7.3 \u2013 Affected by CVE (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791 and CVE-2015-4000)\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_7.4.0.0-TIV-CAMIS-FP0001_| _7.4.0.1_| _None_| [__http://www.ibm.com/support/docview.wss?uid=isg400002269__](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=isg400002269>) \n_7.3.0.1-TIV-CAMIS-IF0036_| _7.3.0.1_| _None_| [**_http://www-01.ibm.com/support/docview.wss?rs=0&amp;uid=isg400002358_**](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=isg400002358>) \n \nFor CVE-2015-4000: As the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n\n\nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n \n\n\nFor ISM 7.1 and 7.2 IBM recommends upgrading to a fixed, supported version/release/platform of the productAdded th.\n\n## Workarounds and Mitigations\n\nFor CVE-2015-4000, ISM disable the DHE/EDH ciphers in all monitors. To disable the DHE/EDH ciphers, update the monitor properties: _SSLCipherSuite_ and _BridgeSSLCipherSet_. For example, to disable DHE/EDH ciphers in the HTTPS monitor, update the https.props file to include \n \nSSLCipherSuite : \"AES:3DES:DES:!EXP:!DHE:!EDH\" \nBridgeSSLCipherSet : \"AES:3DES:DES:!EXP:!DHE:!EDH\" \n\n\nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T15:03:40", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM Tivoli Composite Application Manager for Transactions (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791, CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791", "CVE-2015-4000"], "modified": "2018-06-17T15:03:40", "id": "5893BCC8180A72A564BE6328A5CE8FFBF90BC8FCCA1FC50585DDD39A15C2CEFA", "href": "https://www.ibm.com/support/pages/node/529577", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:49:06", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by Rational Insight. Rational Insight has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nRational Insight 1.1, 1.1.1, 1.1.1.1, 1.1.1.2, 1.1.1.3, 1.1.1.4, 1.1.1.5, 1.1.1.6 and 1.1.1.7\n\n## Remediation/Fixes\n\nApply the recommended fixes to all affected versions of Rational Insight. \n \n**Rational Insight 1.1 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 14 (Implemented by file 10.1.6305.508)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040520>). \nReview technote [1679272: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Insight 1.1](<http://www-01.ibm.com/support/docview.wss?uid=swg21679272>) for detailed instructions.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1, 1.1.1.1 and 1.1.1.2 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 14 (Implemented by file 10.1.6305.508)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040520>). \nRead technote [1679281: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Reporting for Development Intelligence 2.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679281>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1.3 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.2.1 Interim Fix 12 (Implemented by file 10.2.5000.506)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040519>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1.4 and 1.1.1.5 and 1.1.1.6 and 1.1.1.7 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.2.1.1 Interim Fix 11 (Implemented by file 10.2.5008.512)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040519>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n \n \nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T05:04:30", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Rational Insight (CVE-2015-4000, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2018-06-17T05:04:30", "id": "8151FE1FC38F66BEE7F9FD2111E006A127DE4CA50ED34DCBB8E1BE0AB2FFAB6B", "href": "https://www.ibm.com/support/pages/node/533713", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-21T21:53:32", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by FSM. FSM has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2014-8176_](<https://vulners.com/cve/CVE-2014-8176>)** \nDESCRIPTION:** OpenSSL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an invalid free error when application data between the ChangeCipherSpec and Finished messages is received by the DTLS peer. An attacker could exploit this vulnerability to trigger a segmentation fault or possibly corrupt memory and execute arbitrary code on the system. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103782>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P) \n \n**CVEID:** [_CVE-2015-0209_](<https://vulners.com/cve/CVE-2015-0209>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error in the d2i_ECPrivateKey or EVP_PKCS82PKEY function. An attacker could exploit this vulnerability using a malformed Elliptic Curve (EC) private-key file to corrupt memory and execute arbitrary code on the system and cause a denial of service. \nCVSS Base Score: 6.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101674_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101674>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n\n**CVEID:** [_CVE-2015-0286_](<https://vulners.com/cve/CVE-2015-0286>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the ASN1_TYPE_cmp function when attempting to compare ASN.1 boolean types. An attacker could exploit this vulnerability to crash any certificate verification operation and cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101666_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101666>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-0287_](<https://vulners.com/cve/CVE-2015-0287>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error related to the reuse of a structure in ASN.1 parsing. An attacker could exploit this vulnerability using an invalid write to corrupt memory and cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101668_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101668>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-0288_](<https://vulners.com/cve/CVE-2015-0288>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the X509_to_X509_REQ function. An attacker could exploit this vulnerability to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101675_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101675>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-0289_](<https://vulners.com/cve/CVE-2015-0289>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to properly handle missing outer ContentInfo by the PKCS#7 parsing code. An attacker could exploit this vulnerability using a malformed ASN.1-encoded PKCS#7 blob to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101669_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101669>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-0292_](<https://vulners.com/cve/CVE-2015-0292>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an error when processing base64 encoded data. An attacker could exploit this vulnerability using specially-crafted base 64 data to corrupt memory and execute arbitrary code on the system and cause a denial of service. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101670_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101670>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n \n \n**CVEID:** [_CVE-2015-1788_](<https://vulners.com/cve/CVE-2015-1788>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-1789_](<https://vulners.com/cve/CVE-2015-1789>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1790_](<https://vulners.com/cve/CVE-2015-1790>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-1791_](<https://vulners.com/cve/CVE-2015-1791>)** \nDESCRIPTION:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103609>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-1792_](<https://vulners.com/cve/CVE-2015-1792>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n \n \n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nFlex System Manager 1.1.x.x \nFlex System Manager 1.2.x.x \nFlex System Manager 1.3.0.x \nFlex System Manager 1.3.1.x \nFlex System Manager 1.3.2.x \nFlex System Manager 1.3.3.x \nFlex System Manager 1.3.4.x\n\n## Remediation/Fixes\n\nIBM recommends updating the FSM using the instructions referenced in this table. \n \n**Warning**: Agents older than version 6.3.5 must be updated using the Technote listed in these Remediation plans before this FSM fix is installed or you will permanently lose contact with the endpoint with agents older than version 6.3.5 \n \n\n\nProduct | \n\nVRMF | \n\nAPAR | \n\nRemediation \n---|---|---|--- \nFlex System Manager| \n\n1.3.4.x | \n\nIT12596 | Verify the required Java updates have been completed, then install [fsmfix1.3.4.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602](<http://www-933.ibm.com/support/fixcentral/systemx/selectFix?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.4.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602&function=fixId&parent=Flex%20System%20Manager%20Node>)\n\nInstructions for verifying installation of the Java updates can be found in the \"Confirm the fixes were applied properly\" section of Technote [761981453](<http://www-01.ibm.com/support/docview.wss?uid=nas777e5323a516f40f286257f03006ae4b5>). \n \nFlex System Manager| \n\n1.3.3.x | \n\nIT12596 | Verify the required Java updates have been completed, then install [fsmfix1.3.3.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602](<http://www-933.ibm.com/support/fixcentral/systemx/selectFix?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.3.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602&function=fixId&parent=Flex%20System%20Manager%20Node>)\n\nInstructions for verifying installation of the Java updates can be found in the \"Confirm the fixes were applied properly\" section of [](<http://www-01.ibm.com/support/docview.wss?uid=nas777e5323a516f40f286257f03006ae4b5>)Technote [736218441](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=nas724cb521f58c4126286257dfd005c1958>) \n \nFlex System Manager| \n\n1.3.2.x | \n\nIT12596 | Verify the required Java updates have been completed, then install [fsmfix1.3.2.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602](<http://www-933.ibm.com/support/fixcentral/systemx/selectFix?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.2.0_IT11636_IT12081_IT12596_IT12597_IT12599_IT12601_IT12602&function=fixId&parent=Flex%20System%20Manager%20Node>)\n\nInstructions for verifying installation of the Java updates can be found in the \"Confirm the fixes were applied properly\" section of [](<http://www-01.ibm.com/support/docview.wss?uid=nas777e5323a516f40f286257f03006ae4b5>)Technote [736218441](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=nas724cb521f58c4126286257dfd005c1958>) \n \nFlex System Manager| \n\n1.3.1.x | \n\nIT12596 | IBM recommends upgrading to a fixed, supported version/release and following the appropriate remediation for all vulnerabilities. \nFlex System Manager| \n\n1.3.0.x | \n\nIT12596 | IBM recommends upgrading to a fixed, supported version/release and following the appropriate remediation for all vulnerabilities. \nFlex System Manager| \n\n1.2.x.x | \n\nIT12596 | IBM recommends upgrading to a fixed, supported version/release and following the appropriate remediation for all vulnerabilities. \nFlex System Manager| \n\n1.1.x.x | \n\nIT12596 | IBM recommends upgrading to a fixed, supported version/release and following the appropriate remediation for all vulnerabilities. \n \nFor CVE-2015-4000: You should verify applying this fix does not cause any compatibility issues. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-18T01:30:12", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL including Logjam affect IBM Flex System Manager (FSM)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2018-06-18T01:30:12", "id": "DEC8B1857975B965D873A8BB6F56B19058C4EFA0C242EB808E499279F11EE7B2", "href": "https://www.ibm.com/support/pages/node/681865", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:50:38", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM BladeCenter Integrated Management Module (IMM) for System x and BladeCenter.\n\n## Vulnerability Details\n\n## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM BladeCenter Integrated Management Module (IMM) for System x and BladeCenter.\n\nIBM Integrated Management Module (IMM) for System x and BladeCenter has addressed the CVEs listed below.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam.\"\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**CVE-ID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103779> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103780> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1791](<https://vulners.com/cve/CVE-2015-1791>)\n\n**Description:** A double-free memory error in OpenSSL in the ssl3_get_new_session_ticket() function has an unknown impact. By returning a specially crafted NewSessionTicket message, an attacker could cause the client to reuse a previous ticket resulting in a race condition.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103609> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVE-ID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103781> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-3216](<https://vulners.com/cve/CVE-2015-3216>)\n\n**Description:** OpenSSL shipped with Red Hat Enterprise Linux is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103915> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103778> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-0209](<https://vulners.com/cve/CVE-2015-0209>)\n\n**Description:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error in the d2i_ECPrivateKey or EVP_PKCS82PKEY function. An attacker could exploit this vulnerability using a malformed Elliptic Curve (EC) private-key file to corrupt memory and execute arbitrary code on the system and cause a denial of service.\n\nCVSS Base Score: 6.8 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101674> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n**CVE-ID:** [CVE-2015-0286](<https://vulners.com/cve/CVE-2015-0286>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error in the ASN1_TYPE_cmp function when attempting to compare ASN.1 boolean types. An attacker could exploit this vulnerability to crash any certificate verification operation and cause a denial of service.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101666> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-0287](<https://vulners.com/cve/CVE-2015-0287>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error related to the reuse of a structure in ASN.1 parsing. An attacker could exploit this vulnerability using an invalid write to corrupt memory and cause a denial of service.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101668> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-0288](<https://vulners.com/cve/CVE-2015-0288>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error in the X509_to_X509_REQ function. An attacker could exploit this vulnerability to trigger a NULL pointer dereference.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101675> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-0289](<https://vulners.com/cve/CVE-2015-0289>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the failure to properly handle missing outer ContentInfo by the PKCS#7 parsing code. An attacker could exploit this vulnerability using a malformed ASN.1-encoded PKCS#7 blob to trigger a NULL pointer dereference.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101669> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVE-ID:** [CVE-2015-0292](<https://vulners.com/cve/CVE-2015-0292>)\n\n**Description:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by an error when processing base64 encoded data. An attacker could exploit this vulnerability using specially-crafted base 64 data to corrupt memory and execute arbitrary code on the system and cause a denial of service.\n\nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101670> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVE-ID:** [CVE-2015-0293](<https://vulners.com/cve/CVE-2015-0293>)\n\n**Description:** OpenSSL is vulnerable to a denial of service. By sending a specially-crafted SSLv2 CLIENT-MASTER-KEY message, a remote attacker could exploit this vulnerability to trigger an assertion.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101671> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nProduct | Affected Version \n---|--- \nIntegrated Management Module (IMM) for System x and BladeCenter | 1.4x \n \n## Remediation/Fixes:\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\nProduct | Affected Version \n---|--- \nIntegrated Management Module (IMM) for System x and BladeCenter | 1.49 \n(YUOOG9A) \n \nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations:\n\nNone.\n\n## References:\n\n * [Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide.html>)\n * [On-line Calculator v2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n02 December 2015: Original version published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:25:02", "type": "ibm", "title": "Security Bulletin: IBM Integrated Management Module (IMM) is affected by multiple vulnerabilities in OpenSSL including Logjam", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216", "CVE-2015-4000"], "modified": "2019-01-31T02:25:02", "id": "B0AEB074FFA0854656EFE3CAF612805ED0F2B662B12263D2B3084481427FAB2B", "href": "https://www.ibm.com/support/pages/node/868264", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:54:51", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM Cognos Controller. IBM Cognos Controller has addressed the applicable CVEs. \n \nThere are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 6 and IBM Runtime Environment Java Technology Edition, Version 7 that is used by IBM Cognos Controller. These issues were disclosed as part of the IBM Java SDK updates in July 2015.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1792](<https://vulners.com/cve/CVE-2015-1792>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when verifying a signedData message. An attacker could exploit this vulnerability using an unknown hash function OID to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103781_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103781>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2015-4748_](<https://vulners.com/cve/CVE-2015-4748>)** \nDESCRIPTION:** An unspecified vulnerability related to the Security component has complete confidentiality impact, complete integrity impact, and complete availability impact. \nCVSS Base Score: 7.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104729_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104729>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C) \n\n**CVEID:** [_CVE-2015-4749_](<https://vulners.com/cve/CVE-2015-4749>)** \nDESCRIPTION:** An unspecified vulnerability related to the JNDI component could allow a remote attacker to cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104740_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104740>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2015-2625_](<https://vulners.com/cve/CVE-2015-2625>)** \nDESCRIPTION:** An unspecified vulnerability related to the JSSE component could allow a remote attacker to obtain sensitive information. \nCVSS Base Score: 2.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/104743_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104743>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Cognos Controller 10.2.1 \n\nIBM Cognos Controller 10.2\n\nIBM Cognos Controller 10.1.1\n\nIBM Cognos Controller 10.1\n\nIBM Cognos Controller 8.5.1\n\nIBM Cognos Controller 8.5\n\n## Remediation/Fixes\n\n[IBM Cognos Controller 10.2.1 FP2 IF1](<http://www-01.ibm.com/support/docview.wss?uid=swg24041250>)\n\n[IBM Cognos Controller 10.2 FP1 IF3](<http://www-01.ibm.com/support/docview.wss?uid=swg24041249>)\n\n[IBM Cognos Controller 10.1.1 FP3 IF4](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cognos&product=ibm/Information+Management/Cognos+8+Controller&release=10.1.1&platform=Windows+32-bit,+x86&function=fixId&fixids=10.1.1-BA-CNTRL-Win32-IF004>)\n\n[IBM Cognos Controller 10.1 IF5](<http://www-01.ibm.com/support/docview.wss?uid=swg24041247>)\n\n[IBM Cognos Controller 8.5.1 FP1 IF2](<http://www-01.ibm.com/support/docview.wss?uid=swg24041246>)\n\nUsers of IBM Cognos Controller 8.5 are advised to contact IBM Customer Support.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-15T22:38:49", "type": "ibm", "title": "Security Bulletin: : IBM Cognos Controller is affected by multiple vulnerabilities (CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-2625, CVE-2015-4748, CVE-2015-4749)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1792", "CVE-2015-2625", "CVE-2015-4748", "CVE-2015-4749"], "modified": "2018-06-15T22:38:49", "id": "B12649723FE3BE03431408E88916DBAC1978DE8ACF5D0E585C9C1BB9AC7B99ED", "href": "https://www.ibm.com/support/pages/node/535705", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-13T01:35:30", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM MQ Light. IBM MQ Light has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-1788](<https://vulners.com/cve/CVE-2015-1788>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103778_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103778>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n**CVEID:** [CVE-2015-1789](<https://vulners.com/cve/CVE-2015-1789>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in X509_cmp_time. An attacker could exploit this vulnerability using a specially crafted certificate or CRL to trigger a segmentation fault. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103779_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103779>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nThe vulnerabilities affect users of the [mqlight](<https://www.npmjs.com/package/mqlight>) IBM MQ Light Client Module for Node.js\u00ae on all platforms at the following versions: \n1.0.2014090800 \n1.0.2014090801 \n1.0.2014091000-red \n1.0.2014091001 \n \nIt also affects users of the [mqlight-dev](<https://www.npmjs.com/package/mqlight-dev>) IBM MQ Light Client Module for Node.js between versions 1.0.2014090300 and 1.0.2014111002 inclusive.\n\n## Remediation/Fixes\n\nUsers of the IBM MQ Light Client Module for Node.js at an affected version should update to the latest version of the IBM MQ Light Client Module for Node.js as found on [https://www.npmjs.com](<https://www.npmjs.com/>). \n \nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. This includes the Node.js runtime environment.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-15T07:03:21", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM MQ Light (CVE-2015-1788, CVE-2015-1789, CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-4000"], "modified": "2018-06-15T07:03:21", "id": "F55ABDFF87575503ED1A594C10571C58606CD661947C9F188A65571C4868F922", "href": "https://www.ibm.com/support/pages/node/531117", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-21T05:42:06", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on December 3, 2015 and March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-3194](<https://vulners.com/cve/CVE-2015-3194>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference when verifying certificates via a malformed routine. An attacker could exploit this vulnerability using signature verification routines with an absent PSS parameter to cause any certificate verification operation to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/108503> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [CVE-2015-3196](<https://vulners.com/cve/CVE-2015-3196>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a race condition when PSK identity hints are received by a multi-threaded client and the SSL_CTX structure is updated with the incorrect value. An attacker could exploit this vulnerability to possibly corrupt memory and cause a denial of service. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/108505> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-0702_](<https://vulners.com/cve/CVE-2016-0702>)** \nDESCRIPTION:** OpenSSL could allow a local attacker to obtain sensitive information, caused by a side-channel attack against a system based on the Intel Sandy-Bridge microarchitecture. An attacker could exploit this vulnerability to recover RSA keys. \nCVSS Base Score: 2.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111144_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111144>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Rational ClearCase versions: \n \n\n\n**Version**\n\n| \n\n**Status** \n \n---|--- \n \n9.0\n\n| \n\nAffected only by CVE-2016-0702 \n \n8.0.1 through 8.0.1.10\n\n| \n\nAffected \n \n8.0 through 8.0.0.17\n\n| \n\nAffected \n \n7.1.0.x, 7.1.1.x (all versions) \n7.1.2 through 7.1.2.18\n\n| \n\nAffected \n \n \nNot all deployments of Rational ClearCase use OpenSSL in a way that is affected by these vulnerabilities. \n \nYou are vulnerable if your use of Rational ClearCase includes _any_ of these configurations: \n\n\n 1. You use the base ClearCase/ClearQuest integration client on any platform, configured to use SSL to communicate with a ClearQuest server. \n\n 2. You use the UCM/ClearQuest integration on UNIX/Linux clients, configured to use SSL to communicate with a ClearQuest server. \n**Note:** Windows clients using the UCM/ClearQuest integration are not vulnerable. \n\n 3. On UNIX/Linux clients, you use the Change Management Integrations for base ClearCase with ClearQuest or Rational Team Concert (RTC), or for UCM with ClearQuest or RTC, or for Jira, when configured to use SSL to communicate with the server. \n**Note:** Windows clients using the CMI integration are not vulnerable. \n\n 4. You use ratlperl, ccperl, or cqperl to run your own perl scripts, **and** those scripts use SSL connections.\n\n## Remediation/Fixes\n\nApply a fix pack as listed in the table below. The fix pack includes OpenSSL 1.0.1s. \n \n\n\n**Affected Versions**\n\n| \n\n** Applying the fix** \n \n---|--- \n \n9.0\n\n| Install [Rational ClearCase Fix Pack 1 (9.0.0.01) for 9.0](<http://www.ibm.com/support/docview.wss?uid=swg24042131>) \n \n8.0.1 through 8.0.1.10\n\n| Install [Rational ClearCase Fix Pack 11 (8.0.1.11) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24042128>) \n \n8.0 through 8.0.0.17\n\n| Install [Rational ClearCase Fix Pack 18 (8.0.0.18) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24042126>) \n \n7.1.2.x (all fix packs) \n7.1.1.x (all fix packs) \n7.1.0.x (all fix packs)\n\n| Customers on extended support contracts should contact Customer Support. \n \n**Note:** A fix for CVE-2016-2108 was provided in OpenSSL version 1.0.1o and a fix for CVE-2015-3196 was provided in OpenSSL version 1.0.1p. Both issues were previously addressed by the fixes listed in [Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearCase (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791)](<http://www.ibm.com/support/docview.wss?uid=swg21960633>).\n\n_For 7.0.x, 7.1.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-07-10T08:34:12", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearCase (CVE-2015-3194, CVE-2015-3196, CVE-2016-0702)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791", "CVE-2015-3194", "CVE-2015-3196", "CVE-2016-0702", "CVE-2016-2108"], "modified": "2018-07-10T08:34:12", "id": "B7714F51B8CFAA4234497F491ECC215FC91BAB3D7CF96F228B974B661D0E0297", "href": "https://www.ibm.com/support/pages/node/541709", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:48:39", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on December 3, 2015 and March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM Rational RequisitePro. IBM Rational RequisitePro has addressed the applicable CVEs. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-3194_](<https://vulners.com/cve/CVE-2015-3194>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference when verifying certificates via a malformed routine. An attacker could exploit this vulnerability using signature verification routines with an absent PSS parameter to cause any certificate verification operation to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108503_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108503>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n** \nCVEID:** [_CVE-2015-3196_](<https://vulners.com/cve/CVE-2015-3196>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a race condition when PSK identity hints are received by a multi-threaded client and the SSL_CTX structure is updated with the incorrect value. An attacker could exploit this vulnerability to possibly corrupt memory and cause a denial of service. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108505_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108505>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [_CVE-2016-0702_](<https://vulners.com/cve/CVE-2016-0702>)** \nDESCRIPTION:** OpenSSL could allow a local attacker to obtain sensitive information, caused by a side-channel attack against a system based on the Intel Sandy-Bridge microarchitecture. An attacker could exploit this vulnerability to recover RSA keys. \nCVSS Base Score: 2.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111144_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111144>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\n**Version**\n\n| \n\n**Status** \n \n---|--- \n \n7.1.4 through 7.1.4.10\n\n| \n\nAffected \n \n7.1.3 through 7.1.3.17\n\n| \n\nAffected \n \n7.1.0.x, 7.1.1.x (all versions) \n7.1.2 through 7.1.2.18\n\n| \n\nAffected \n \n## Remediation/Fixes\n\nApply a fix pack as listed in the table below. The fix pack includes OpenSSL 1.0.1s. \n\n**Affected Version**\n\n| \n\n**Applying the fix** \n \n---|--- \n \n7.1.4 through 7.1.4.10\n\n| \n\nInstall [Rational RequisitePro Fix Pack 11 (7.1.4.11) for 7.1.4](<http://www-01.ibm.com/support/docview.wss?uid=swg24042286>) \n \n7.1.3 through 7.1.3.17\n\n| \n\nInstall [Rational RequisitePro Fix Pack 18 (7.1.3.18) for 7.1.3](<http://www-01.ibm.com/support/docview.wss?uid=swg24042291>) \n \n7.1.0.x, 7.1.1.x (all versions) \n7.1.2 through 7.1.2.18\n\n| \n\nCustomers on extended support contracts should contact Customer Support \n \n**Note:** A fix for CVE-2016-2108 was provided in OpenSSL version 1.0.1o and a fix for CVE-2015-3196 was provided in OpenSSL version 1.0.1p. Both fixes were addressed by the fixes listed in [Security Bulletin: Vulnerabilities in OpenSSL affect Rational RequisitePro (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791)](<http://www.ibm.com/support/docview.wss?uid=swg21964441>) \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-17T05:13:41", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational RequisitePro (CVE-2015-3194, CVE-2015-3196, CVE-2016-0702)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791", "CVE-2015-3194", "CVE-2015-3196", "CVE-2016-0702", "CVE-2016-2108"], "modified": "2018-06-17T05:13:41", "id": "B84251E3C31E8FAF9BA0B73449F8A92CA84F7B802070A7A5FB283B62300DC251", "href": "https://www.ibm.com/support/pages/node/280319", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:40:16", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-3196_](<https://vulners.com/cve/CVE-2015-3196>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a race condition when PSK identity hints are received by a multi-threaded client and the SSL_CTX structure is updated with the incorrect value. An attacker could exploit this vulnerability to possibly corrupt memory and cause a denial of service. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108505_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108505>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2015-3193_](<https://vulners.com/cve/CVE-2015-3193>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the x86_64 Montgomery squaring procedure. An attacker with online access to an unpatched system could exploit this vulnerability to obtain private key information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108502_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108502>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2015-3194_](<https://vulners.com/cve/CVE-2015-3194>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference when verifying certificates via a malformed routine. An attacker could exploit this vulnerability using signature verification routines with an absent PSS parameter to cause any certificate verification operation to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108503_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108503>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-3195_](<https://vulners.com/cve/CVE-2015-3195>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory leak in a malformed X509_ATTRIBUTE structure. An attacker could exploit this vulnerability to obtain CMS data and other sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108504_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108504>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\n * IBM Rational ClearQuest, versions 7.1.0.x, 7.1.1.x, 7.1.2.x, 8.0.0.x, 8.0.1.x, and 9.0 in the following components: \n\n\n * ClearQuest hooks and cqperl/ratlperl scripts that use SSL.\n * Database drivers configured to use SSL connections to the database.\n\n**ClearQuest version**\n\n| \n\n**Status** \n \n---|--- \n \n9.0\n\n| \n\nAffected \n \n8.0.1 through 8.0.1.10\n\n| \n\nAffected \n \n8.0 through 8.0.0.17\n\n| \n\nAffected \n \n7.1.0.x \n7.1.1.x \n7.1.2.x \n(all versions and fix packs)\n\n| \n\nAffected \n \n## Remediation/Fixes\n\n**Affected Versions**\n\n| \n\n** Fixes** \n \n---|--- \n \n9.0\n\n| Install [Rational ClearQuest Fix Pack 1 (9.0.0.1) for 9.0](<http://www-01.ibm.com/support/docview.wss?uid=swg24042129>) \n \n8.0.1 through 8.0.1.10\n\n| Install [Rational ClearQuest Fix Pack 11 (8.0.1.11) for 8.0.1](<http://www-01.ibm.com/support/docview.wss?uid=swg24042127>) \n \n8.0 through 8.0.0.17\n\n| Install [Rational ClearQuest Fix Pack 18 (8.0.0.18) for 8.0](<http://www-01.ibm.com/support/docview.wss?uid=swg24042125>) \n \n7.1.2.x (all fix packs) \n7.1.1.x (all fix packs) \n7.1.0.x (all fix packs)\n\n| Customers on extended support contracts should contact customer support. \n \nNote: A fix for CVE-2016-2108 was provided in OpenSSL version 1.0.1o and a fix for CVE-2015-3196 was provided in OpenSSL version 1.0.1p. Both issues were previously addressed by the fixes listed in [Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791)](<http://www.ibm.com/support/docview.wss?uid=swg21962775>)**.**\n\n_For 7.0.x, 7.1.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-09-29T18:04:03", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2015-3196, CVE-2015-3193, CVE-2015-3194, CVE-2015-3195)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1791", "CVE-2015-3193", "CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196", "CVE-2016-2108"], "modified": "2018-09-29T18:04:03", "id": "8EEBB0B8FAC8DFA33C0405E2C48BAF0FD71BF64FEE9E71DFF45B1738CA5A7E36", "href": "https://www.ibm.com/support/pages/node/279583", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-13T01:34:37", "description": "## Summary\n\nReal time compression appliance affected by one Open SSL issue.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-3216_](<https://vulners.com/cve/CVE-2015-3216>)\n\nDESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds memory read error in ssleay_rand_bytes() function. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to crash.\n\n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/#/vulnerabilities/103915_](<https://exchange.xforce.ibmcloud.com/>) for the current score \n\nCVSS Environmental Score*: Undefined\n\n \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n## Affected Products and Versions\n\n**Version**\n\n| **Release**| **_Remediation/First Fix_** \n---|---|--- \n4.1.2| 4.1.2.14| [_4.1.2.14_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Real-time%2BCompression%2Bfor%2BNAS&product=ibm/NetworkAttachedStorage/Real-time+Compression+Appliances+STN6500-STN6800+%282452-650,680%29&release=All&platform=All&function=all>) \n3.9.1| NA| NA \n3.8.0| NA| NA \n \n## Remediation/Fixes\n\n**4.1.2.14** Fix is now available - [_4.1.2.14_](<file:///\\\\\\\\\\\\\\\\rtcafs01\\\\\\\\dev\\\\\\\\RtCA\\\\\\\\PSIRT\\\\\\\\933.ibm.com\\\\\\\\support\\\\\\\\fixcentral\\\\\\\\swg\\\\\\\\doSelectFixes%3foptions.selectedFixes=IBM_Real-time_Compression_4.1.2.14&continue=1>)\n\n_For 3.8 IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n_For 3.9 IBM recommends upgrading to a fixed, supported version/release/platform of the product_\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-18T00:09:58", "type": "ibm", "title": "Security Bulletin: Real-time compression appliance (CVE-CVE-2015-3216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3216"], "modified": "2018-06-18T00:09:58", "id": "A21160CD167CEB07B665A0A9788C062C19FA75832274194D0CFF1E816F29CA4D", "href": "https://www.ibm.com/support/pages/node/690667", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-21T05:49:03", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by Rational Automation Framework. Rational Automation Framework has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-1790](<https://vulners.com/cve/CVE-2015-1790>)\n\n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the improper handling of missing inner EncryptedContent by the PKCS#7 parsing code. An attacker could exploit this vulnerability using specially crafted ASN.1-encoded PKCS#7 blobs with missing content to trigger a NULL pointer dereference.\n\nCVSS Base Score: 5\n\nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103780>) for the current score\n\nCVSS Environmental Score*: Undefined\n\nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nRational Automation Framework 3.0.1, 3.0.1.1, 3.0.1.2.x, 3.0.1.3.x on all supported platforms.\n\n## Remediation/Fixes\n\nUpgrade to [RAF 3.0.1.3 ifix5](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ERational&product=ibm/Rational/Rational+Automation+Framework&release=3.0.1.3i5&platform=All&function=all>) or later.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T05:05:14", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect Rational Automation Framework (CVE-2015-1790)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1790"], "modified": "2018-06-17T05:05:14", "id": "8976330D24BA16C6597AF93C67C2A46121ECFA13975E064BAC48376E8563DA89", "href": "https://www.ibm.com/support/pages/node/536409", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:49", "description": "Check the version of openssl", "cvss3": {}, "published": "2015-06-16T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:1115 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882199", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882199", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2015:1115 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882199\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\",\n \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-16 06:13:56 +0200 (Tue, 16 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2015:1115 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\n Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a DTLS\nserver or client using OpenSSL to crash or, potentially, execute arbitrary\ncode. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash. (CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL. This\nissue could possibly cause a multi-threaded TLS/SSL client using OpenSSL\nto double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax\n(CMS) messages. A CMS message with an unknown hash function identifier\ncould cause an application using OpenSSL to enter an infinite loop.\n(CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash.\n(CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan\nFratric as the original reporters of CVE-2014-8176, Robert Swiecki and\nHanno Bck as the original reporters of CVE-2015-1789, Michal Zalewski as\nthe original reporter of CVE-2015-1790, Emilia Ksper as the original\nreport of CVE-2015-1791 and Johannes Bauer as the original reporter of\nCVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1115\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021172.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~42.el7.8\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~42.el7.8\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~42.el7.8\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~42.el7.8\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~42.el7.8\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:04", "description": "Check the version of openssl", "cvss3": {}, "published": "2015-06-16T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:1115 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882198", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882198", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2015:1115 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882198\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\",\n \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-16 06:13:40 +0200 (Tue, 16 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2015:1115 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\n Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a DTLS\nserver or client using OpenSSL to crash or, potentially, execute arbitrary\ncode. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash. (CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL. This\nissue could possibly cause a multi-threaded TLS/SSL client using OpenSSL\nto double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax\n(CMS) messages. A CMS message with an unknown hash function identifier\ncould cause an application using OpenSSL to enter an infinite loop.\n(CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash.\n(CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan\nFratric as the original reporters of CVE-2014-8176, Robert Swiecki and\nHanno Bck as the original reporters of CVE-2015-1789, Michal Zalewski as\nthe original reporter of CVE-2015-1790, Emilia Ksper as the original\nreport of CVE-2015-1791 and Johannes Bauer as the original reporter of\nCVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1115\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021173.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~30.el6.11\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~30.el6.11\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~30.el6.11\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~30.el6.11\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-16T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2015:1115-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871376", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871376", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2015:1115-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871376\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-16 06:12:09 +0200 (Tue, 16 Jun 2015)\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for openssl RHSA-2015:1115-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a DTLS\nserver or client using OpenSSL to crash or, potentially, execute arbitrary\ncode. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash. (CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL. This\nissue could possibly cause a multi-threaded TLS/SSL client using OpenSSL\nto double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax\n(CMS) messages. A CMS message with an unknown hash function identifier\ncould cause an application using OpenSSL to enter an infinite loop.\n(CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash.\n(CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan\nFratric as the original reporters of CVE-2014-8176, Robert Swiecki and\nHanno Bck as the original reporters of CVE-2015-1789, Michal Zalewski as\nthe original reporter of CVE-2015-1790, Emilia Ksper as the original\nreport of CVE-2015-1791 and Johannes Bauer as the original reporter of\nCVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1115-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-June/msg00019.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~42.el7_1.8\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~42.el7_1.8\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~42.el7_1.8\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~42.el7_1.8\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~30.el6_6.11\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~30.el6_6.11\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~30.el6_6.11\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:37", "description": "Oracle Linux Local Security Checks ELSA-2015-1115", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1115", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123099", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123099", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1115.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123099\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:59:21 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1115\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1115 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1115\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1115.html\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~42.el7_1.8\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~42.el7_1.8\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~42.el7_1.8\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~42.el7_1.8\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~42.el7_1.8\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~30.el6_6.11\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~30.el6_6.11\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~30.el6_6.11\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~30.el6_6.11\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-2639-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842242", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842242", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for openssl USN-2639-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842242\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-12 06:09:14 +0200 (Fri, 12 Jun 2015)\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\",\n \"CVE-2015-1791\", \"CVE-2015-1792\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for openssl USN-2639-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Praveen Kariyanahalli, Ivan Fratric and\nFelix Groebert discovered that OpenSSL incorrectly handled memory when buffering\nDTLS data. A remote attacker could use this issue to cause OpenSSL to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2014-8176)\n\nJoseph Barr-Pixton discovered that OpenSSL incorrectly handled malformed\nECParameters structures. A remote attacker could use this issue to cause\nOpenSSL to hang, resulting in a denial of service. (CVE-2015-1788)\n\nRobert Swiecki and Hanno B&#246 ck discovered that OpenSSL incorrectly handled\ncertain ASN1_TIME strings. A remote attacker could use this issue to cause\nOpenSSL to crash, resulting in a denial of service. (CVE-2015-1789)\n\nMichal Zalewski discovered that OpenSSL incorrectly handled missing content\nwhen parsing ASN.1-encoded PKCS#7 blobs. A remote attacker could use this\nissue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-1790)\n\nEmilia K&#228 sper discovered that OpenSSL incorrectly handled NewSessionTicket\nwhen being used by a multi-threaded client. A remote attacker could use\nthis issue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-1791)\n\nJohannes Bauer discovered that OpenSSL incorrectly handled verifying\nsignedData messages using the CMS code. A remote attacker could use this\nissue to cause OpenSSL to hang, resulting in a denial of service.\n(CVE-2015-1792)\n\nAs a security improvement, this update also modifies OpenSSL behaviour to\nreject DH key sizes below 768 bits, preventing a possible downgrade\nattack.\");\n script_tag(name:\"affected\", value:\"openssl on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2639-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2639-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1f-1ubuntu9.8\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1f-1ubuntu9.8\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1f-1ubuntu2.15\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1f-1ubuntu2.15\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1-4ubuntu5.31\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-09T15:20:32", "description": "On June 11, 2015, the OpenSSL Project released a security advisory detailing six distinct\n vulnerabilities, and another fix that provides hardening protections against exploits as described in the Logjam research.\n\n Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow\n an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory.\n\n Cisco will release software updates that address these vulnerabilities.\n\n Workarounds that mitigate these vulnerabilities may be available.", "cvss3": {}, "published": "2016-05-10T00:00:00", "type": "openvas", "title": "Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-10-09T00:00:00", "id": "OPENVAS:1361412562310105678", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105678", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/o:cisco:ios_xe\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105678\");\n script_cve_id(\"CVE-2015-1791\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1792\", \"CVE-2014-8176\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"2019-10-09T06:43:33+0000\");\n\n script_name(\"Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products\");\n\n script_xref(name:\"URL\", value:\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n script_tag(name:\"summary\", value:\"On June 11, 2015, the OpenSSL Project released a security advisory detailing six distinct\n vulnerabilities, and another fix that provides hardening protections against exploits as described in the Logjam research.\n\n Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow\n an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory.\n\n Cisco will release software updates that address these vulnerabilities.\n\n Workarounds that mitigate these vulnerabilities may be available.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2019-10-09 06:43:33 +0000 (Wed, 09 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-05-10 10:53:28 +0200 (Tue, 10 May 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"CISCO\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_cisco_ios_xe_version.nasl\");\n script_mandatory_keys(\"cisco_ios_xe/version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) ) exit( 0 );\n\naffected = make_list(\n '3.3.0S',\n '3.3.1S',\n '3.3.2S',\n '3.4.0S',\n '3.4.1S',\n '3.4.2S',\n '3.4.3S',\n '3.4.4S',\n '3.4.5S',\n '3.4.6S',\n '3.5.0S',\n '3.5.1S',\n '3.5.2S',\n '3.6.0S',\n '3.6.1S',\n '3.6.2S',\n '3.7.0S',\n '3.7.1S',\n '3.7.2S',\n '3.7.3S',\n '3.7.4S',\n '3.7.5S',\n '3.7.6S',\n '3.8.0S',\n '3.8.1S',\n '3.8.2S',\n '3.9.0S',\n '3.9.1S',\n '3.9.2S' );\n\nforeach af ( affected )\n{\n if( version == af )\n {\n report = report_fixed_ver( installed_version:version, fixed_version: \"See advisory\" );\n security_message( port:0, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-09T15:19:27", "description": "On June 11, 2015, the OpenSSL Project released a security advisory detailing six distinct\n vulnerabilities, and another fix that provides hardening protections against exploits as described\n in the Logjam research.\n\n Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more\n vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service\n (DoS) condition or corrupt portions of OpenSSL process memory.\n\n Cisco will release software updates that address these vulnerabilities.\n\n Workarounds that mitigate these vulnerabilities may be available.", "cvss3": {}, "published": "2016-05-12T00:00:00", "type": "openvas", "title": "Cisco NX-OS: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-10-09T00:00:00", "id": "OPENVAS:1361412562310105692", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105692", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/o:cisco:nx-os\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105692\");\n script_cve_id(\"CVE-2015-1791\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1792\", \"CVE-2014-8176\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"2019-10-09T06:43:33+0000\");\n\n script_name(\"Cisco NX-OS: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products\");\n\n script_xref(name:\"URL\", value:\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n script_tag(name:\"summary\", value:\"On June 11, 2015, the OpenSSL Project released a security advisory detailing six distinct\n vulnerabilities, and another fix that provides hardening protections against exploits as described\n in the Logjam research.\n\n Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more\n vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service\n (DoS) condition or corrupt portions of OpenSSL process memory.\n\n Cisco will release software updates that address these vulnerabilities.\n\n Workarounds that mitigate these vulnerabilities may be available.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2019-10-09 06:43:33 +0000 (Wed, 09 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-05-12 15:26:53 +0200 (Thu, 12 May 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"CISCO\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_cisco_nx_os_version.nasl\");\n script_mandatory_keys(\"cisco_nx_os/version\", \"cisco_nx_os/model\", \"cisco_nx_os/device\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) ) exit( 0 );\n\nif( ! device = get_kb_item( \"cisco_nx_os/device\" ) ) exit( 0 );\nif( \"Nexus\" >!< device ) exit( 0 );\n\nif ( ! nx_model = get_kb_item( \"cisco_nx_os/model\" ) ) exit( 0 );\n\nif( \"1000V\" >< nx_model )\n{\n affected = make_list(\n \"4.0(4)SV1(1)\",\n \"4.0(4)SV1(2)\",\n \"4.0(4)SV1(3)\",\n \"4.0(4)SV1(3a)\",\n \"4.0(4)SV1(3b)\",\n \"4.0(4)SV1(3c)\",\n \"4.0(4)SV1(3d)\",\n \"4.2(1)SV1(4)\",\n \"4.2(1)SV1(4a)\",\n \"4.2(1)SV1(4b)\",\n \"4.2(1)SV1(5.1)\",\n \"4.2(1)SV1(5.1a)\",\n \"4.2(1)SV1(5.2)\",\n \"4.2(1)SV1(5.2b)\",\n \"4.2(1)SV2(1.1)\",\n \"4.2(1)SV2(1.1a)\",\n \"4.2(1)SV2(2.1)\",\n \"4.2(1)SV2(2.1a)\"\n );\n}\n\nif( nx_model =~ \"^3[0-9]+\" )\n{\n affected = make_list(\n \"5.0(3)U1(1)\",\n \"5.0(3)U1(1a)\",\n \"5.0(3)U1(1b)\",\n \"5.0(3)U1(1d)\",\n \"5.0(3)U1(2)\",\n \"5.0(3)U1(2a)\",\n \"5.0(3)U2(1)\",\n \"5.0(3)U2(2)\",\n \"5.0(3)U2(2a)\",\n \"5.0(3)U2(2b)\",\n \"5.0(3)U2(2c)\",\n \"5.0(3)U2(2d)\",\n \"5.0(3)U3(1)\",\n \"5.0(3)U3(2)\",\n \"5.0(3)U3(2a)\",\n \"5.0(3)U3(2b)\",\n \"5.0(3)U4(1)\",\n \"5.0(3)U5(1)\",\n \"5.0(3)U5(1a)\",\n \"5.0(3)U5(1b)\",\n \"5.0(3)U5(1c)\",\n \"5.0(3)U5(1d)\",\n \"5.0(3)U5(1e)\",\n \"5.0(3)U5(1f)\",\n \"5.0(3)U5(1g)\",\n \"5.0(3)U5(1h)\",\n \"6.0(2)U1(1)\",\n \"6.0(2)U1(1a)\",\n \"6.0(2)U1(2)\",\n \"6.0(2)U1(3)\",\n \"6.0(2)U1(4)\",\n \"6.0(2)U2(1)\",\n \"6.0(2)U2(2)\",\n \"6.0(2)U2(3)\",\n \"6.0(2)U2(4)\",\n \"6.0(2)U2(5)\",\n \"6.0(2)U2(6)\",\n \"6.0(2)U3(1)\",\n \"6.0(2)U3(2)\",\n \"6.0(2)U3(3)\",\n \"6.0(2)U3(4)\",\n \"6.0(2)U3(5)\",\n \"6.0(2)U4(1)\",\n \"6.0(2)U4(2)\",\n \"6.0(2)U4(3)\",\n \"6.0(2)U5(1)\"\n );\n}\n\nif( nx_model =~ \"^4[0-9]+\" )\n{\n affected = make_list(\n \"4.1(2)E1(1)\",\n \"4.1(2)E1(1b)\",\n \"4.1(2)E1(1d)\",\n \"4.1(2)E1(1e)\",\n \"4.1(2)E1(1f)\",\n \"4.1(2)E1(1g)\",\n \"4.1(2)E1(1h)\",\n \"4.1(2)E1(1i)\",\n \"4.1(2)E1(1j)\"\n );\n}\n\nif( nx_model =~ \"^5[0-9]+\" )\n{\n affected = make_list(\n \"4.0(0)N1(1a)\",\n \"4.0(0)N1(2)\",\n \"4.0(0)N1(2a)\",\n \"4.0(1a)N1(1)\",\n \"4.0(1a)N1(1a)\",\n \"4.0(1a)N2(1)\",\n \"4.0(1a)N2(1a)\",\n \"4.1(3)N1(1)\",\n \"4.1(3)N1(1a)\",\n \"4.1(3)N2(1)\",\n \"4.1(3)N2(1a)\",\n \"4.2(1)N1(1)\",\n \"4.2(1)N2(1)\",\n \"4.2(1)N2(1a)\",\n \"5.0(2)N1(1)\",\n \"5.0(2)N2(1)\",\n \"5.0(2)N2(1a)\",\n \"5.0(3)N1(1c)\",\n \"5.0(3)N2(1)\",\n \"5.0(3)N2(2)\",\n \"5.0(3)N2(2a)\",\n \"5.0(3)N2(2b)\",\n \"5.1(3)N1(1)\",\n \"5.1(3)N1(1a)\",\n \"5.1(3)N2(1)\",\n \"5.1(3)N2(1a)\",\n \"5.1(3)N2(1b)\",\n \"5.1(3)N2(1c)\",\n \"5.2(1)N1(1)\",\n \"5.2(1)N1(1a)\",\n \"5.2(1)N1(1b)\",\n \"5.2(1)N1(2)\",\n \"5.2(1)N1(2a)\",\n \"5.2(1)N1(3)\",\n \"5.2(1)N1(4)\",\n \"5.2(1)N1(5)\",\n \"5.2(1)N1(6)\",\n \"5.2(1)N1(7)\",\n \"5.2(1)N1(8)\",\n \"5.2(1)N1(8a)\",\n \"6.0(2)N1(1)\",\n \"6.0(2)N1(2)\",\n \"6.0(2)N1(2a)\",\n \"6.0(2)N2(1)\",\n \"6.0(2)N2(1b)\",\n \"6.0(2)N2(2)\",\n \"6.0(2)N2(3)\",\n \"6.0(2)N2(4)\",\n \"6.0(2)N2(5)\",\n \"7.0(0)N1(1)\",\n \"7.0(1)N1(1)\",\n \"7.0(2)N1(1)\",\n \"7.0(3)N1(1)\"\n );\n}\n\nif( nx_model =~ \"^6[0-9]+\" )\n{\n affected = make_list(\n \"6.0(2)N1(2)\",\n \"6.0(2)N1(2a)\",\n \"6.0(2)N2(1)\",\n \"6.0(2)N2(1b)\",\n \"6.0(2)N2(2)\",\n \"6.0(2)N2(3)\",\n \"6.0(2)N2(4)\",\n \"6.0(2)N2(5)\",\n \"7.0(0)N1(1)\",\n \"7.0(1)N1(1)\",\n \"7.0(2)N1(1)\",\n \"7.0(3)N1(1)\"\n );\n}\n\nif( nx_model =~ \"^7[0-9]+\" )\n{\n affected = make_list(\n \"4.1.(2)\",\n \"4.1.(3)\",\n \"4.1.(4)\",\n \"4.1.(5)\",\n \"4.2(3)\",\n \"4.2(4)\",\n \"4.2(6)\",\n \"4.2(8)\",\n \"4.2.(2a)\",\n \"5.0(2a)\",\n \"5.0(3)\",\n \"5.0(5)\",\n \"5.1(1)\",\n \"5.1(1a)\",\n \"5.1(3)\",\n \"5.1(4)\",\n \"5.1(5)\",\n \"5.1(6)\",\n \"5.2(1)\",\n \"5.2(3a)\",\n \"5.2(4)\",\n \"5.2(5)\",\n \"5.2(7)\",\n \"5.2(9)\",\n \"6.0(1)\",\n \"6.0(2)\",\n \"6.0(3)\",\n \"6.0(4)\",\n \"6.1(1)\",\n \"6.1(2)\",\n \"6.1(3)\",\n \"6.1(4)\",\n \"6.1(4a)\",\n \"6.2(10)\",\n \"6.2(2)\",\n \"6.2(2a)\",\n \"6.2(6)\",\n \"6.2(6b)\",\n \"6.2(8)\",\n \"6.2(8a)\",\n \"6.2(8b)\"\n );\n}\n\nif( nx_model =~ \"^N9K\" )\n{\n affected = make_list(\n \"11.0(1b)\",\n \"11.0(1c)\",\n \"6.1(2)I2(1)\",\n \"6.1(2)I2(2)\",\n \"6.1(2)I2(2a)\",\n \"6.1(2)I2(2b)\",\n \"6.1(2)I2(3)\",\n \"6.1(2)I3(1)\",\n \"6.1(2)I3(2)\",\n \"6.1(2)I3(3)\"\n );\n}\n\nforeach af ( affected )\n{\n if( version == af )\n {\n report = report_fixed_ver( installed_version:version, fixed_version: \"See advisory\" );\n security_message( port:0, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T22:59:12", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-550)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120033", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120033", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120033\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:15:46 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-550)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in OpenSSL. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update openssl to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-550.html\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2014-8176\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1k~10.86.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1k~10.86.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~10.86.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1k~10.86.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1k~10.86.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:03", "description": "Gentoo Linux Local Security Checks GLSA 201506-02", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201506-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121379", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121379", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201506-02.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121379\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:51 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201506-02\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in OpenSSL. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201506-02\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201506-02\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(\"ge 1.0.1o\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(\"ge 0.9.8z_p7\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(), vulnerable: make_list(\"lt 1.0.1o\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:52:22", "description": "Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\nCVE-2014-8176 \nPraveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered\nthat an invalid memory free could be triggered when buffering DTLS\ndata. This could allow remote attackers to cause a denial of service\n(crash) or potentially execute arbitrary code. This issue only\naffected the oldstable distribution (wheezy).\n\nCVE-2015-1788 \nJoseph Barr-Pixton discovered that an infinite loop could be triggered\ndue to incorrect handling of malformed ECParameters structures. This\ncould allow remote attackers to cause a denial of service.\n\nCVE-2015-1789 \nRobert Swiecki and Hanno Bck discovered that the X509_cmp_time\nfunction could read a few bytes out of bounds. This could allow remote\nattackers to cause a denial of service (crash) via crafted\ncertificates and CRLs.\n\nCVE-2015-1790 \nMichal Zalewski discovered that the PKCS#7 parsing code did not\nproperly handle missing content which could lead to a NULL pointer\ndereference. This could allow remote attackers to cause a denial of\nservice (crash) via crafted ASN.1-encoded PKCS#7 blobs.\n\nCVE-2015-1791 \nEmilia Ksper discovered that a race condition could occur due to\nincorrect handling of NewSessionTicket in a multi-threaded client,\nleading to a double free. This could allow remote attackers to cause\na denial of service (crash).\n\nCVE-2015-1792 \nJohannes Bauer discovered that the CMS code could enter an infinite\nloop when verifying a signedData message, if presented with an\nunknown hash function OID. This could allow remote attackers to cause\na denial of service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters\nshorter than 768 bits as a countermeasure against the Logjam attack\n(CVE-2015-4000 \n).", "cvss3": {}, "published": "2015-06-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3287-1 (openssl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703287", "href": "http://plugins.openvas.org/nasl.php?oid=703287", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3287.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3287-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703287);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\",\n \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-4000\");\n script_name(\"Debian Security Advisory DSA 3287-1 (openssl - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-06-13 00:00:00 +0200 (Sat, 13 Jun 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3287.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"openssl on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package contains the openssl binary and related tools.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy), these problems have been fixed\nin version 1.0.1e-2+deb7u17.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1k-3+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 1.0.2b-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2b-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name: \"summary\", value: \"Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\nCVE-2014-8176 \nPraveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered\nthat an invalid memory free could be triggered when buffering DTLS\ndata. This could allow remote attackers to cause a denial of service\n(crash) or potentially execute arbitrary code. This issue only\naffected the oldstable distribution (wheezy).\n\nCVE-2015-1788 \nJoseph Barr-Pixton discovered that an infinite loop could be triggered\ndue to incorrect handling of malformed ECParameters structures. This\ncould allow remote attackers to cause a denial of service.\n\nCVE-2015-1789 \nRobert Swiecki and Hanno Bck discovered that the X509_cmp_time\nfunction could read a few bytes out of bounds. This could allow remote\nattackers to cause a denial of service (crash) via crafted\ncertificates and CRLs.\n\nCVE-2015-1790 \nMichal Zalewski discovered that the PKCS#7 parsing code did not\nproperly handle missing content which could lead to a NULL pointer\ndereference. This could allow remote attackers to cause a denial of\nservice (crash) via crafted ASN.1-encoded PKCS#7 blobs.\n\nCVE-2015-1791 \nEmilia Ksper discovered that a race condition could occur due to\nincorrect handling of NewSessionTicket in a multi-threaded client,\nleading to a double free. This could allow remote attackers to cause\na denial of service (crash).\n\nCVE-2015-1792 \nJohannes Bauer discovered that the CMS code could enter an infinite\nloop when verifying a signedData message, if presented with an\nunknown hash function OID. This could allow remote attackers to cause\na denial of service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters\nshorter than 768 bits as a countermeasure against the Logjam attack\n(CVE-2015-4000 \n).\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:02", "description": "Potential security vulnerabilities in OpenSSL have been addressed with HPE network products including iMC, VCX, Comware 5 and Comware 7. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access.", "cvss3": {}, "published": "2016-07-06T00:00:00", "type": "openvas", "title": "HPE Network Products Remote Denial of Service (DoS), Unauthorized Access", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1793", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2018-11-20T00:00:00", "id": "OPENVAS:1361412562310105798", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105798", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_comware_platform_hpsbhf03613.nasl 12431 2018-11-20 09:21:00Z asteins $\n#\n# HPE Network Products Remote Denial of Service (DoS), Unauthorized Access\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:hp:comware';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105798\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-1793\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 12431 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-20 10:21:00 +0100 (Tue, 20 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-06 12:05:47 +0200 (Wed, 06 Jul 2016)\");\n script_name(\"HPE Network Products Remote Denial of Service (DoS), Unauthorized Access\");\n\n script_tag(name:\"summary\", value:\"Potential security vulnerabilities in OpenSSL have been addressed with HPE network products including iMC, VCX, Comware 5 and Comware 7. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access.\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"vuldetect\", value:\"Check the release version\");\n\n script_xref(name:\"URL\", value:'https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05184351');\n\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_hp_comware_platform_detect_snmp.nasl\");\n script_mandatory_keys(\"hp/comware_device\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\ninclude(\"version_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE, nofork: TRUE) ) exit( 0 );\nif( ! model = get_kb_item( \"hp/comware_device/model\" ) ) exit( 0 );\nif( ! release = get_kb_item( \"hp/comware_device/release\" ) ) exit( 0 );\n\nif( model =~ '^1950-(24|48)G' )\n{\n report_fix = 'R3109P16';\n fix = '3109P16';\n}\n\nelse if( model =~ '^(A|A-?)95(0|1)(8|5|2)' )\n{\n report_fix = 'R1829P01';\n fix = '1829P01';\n}\n\nelse if( model =~ '^(A-)?MSR9(0|2)' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^MSR93' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^59(0|2)0' )\n{\n report_fix = 'R2422P01';\n fix = '2422P01';\n}\n\nelse if( model =~ '^58(0|2)0' )\n{\n report_fix = 'R1809P11';\n fix = '1809P11';\n}\n\nelse if( model =~ '(A-)?^MSR20-(2|4)' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^(A-)?MSR20-1[0-5]' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^(A|A-)?5500-' && \"EI Switch\" >< model )\n{\n report_fix = 'R2221P19';\n fix = '2221P19';\n}\n\nelse if( model =~ '^(A|A-)?5500-' && \"HI Switch\" >< model )\n{\n report_fix = 'R5501P17';\n fix = '5501P17';\n}\n\nelse if( model =~ '^(A-)?MSR20-(2|4)(0|1)' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ 'MSR20-1[0-5]' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^(A)?58(0|2)0(AF)?-(14|24|48)(G|XG)' )\n{\n report_fix = 'R1809P11';\n fix = '1809P11';\n}\n\nelse if( model =~ '870 ' )\n{\n report_fix = 'R2607P46';\n fix = '2607P46';\n}\n\nelse if( model =~ '^(A-)?MSR50' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^(A)?5500-(24|48)-(4SFP|PoE+|SFP)' && ( \"HI Switch\" >< model || 'HI TAA-compliant Switch' >< model ) )\n{\n report_fix = 'R5501P17';\n fix = '5501P17';\n}\n\nelse if( model =~ '^(A|HSR)?66(0|1)[0-8]' && \"router\" >< tolower( model ))\n{\n report_fix = 'R3303P23';\n fix = '3303P23';\n}\n\nelse if( model =~ '^(A|HSR)?680(0|2|4|8)' )\n{\n report_fix = 'R7103P05';\n fix = '7103P05';\n}\n\nelse if( model =~ '^(A)?5120'&& ( \"EI Switch\" >< model || \"EI TAA-compliant Switch\" >< model ) )\n{\n report_fix = 'R2221P20';\n fix = '2221P20';\n}\n\nelse if( model =~ 'MSR30(12|64|44|24)' )\n{\n report_fix = 'R0305P04';\n fix = '0305P04';\n}\n\nelse if( model =~ '^FF 5930' )\n{\n report_fix = 'R2422P01';\n fix = '2422P01';\n}\n\nelse if( model =~ 'Firewall (A-)F1000-S-EI' )\n{\n report_fix = 'R3734P08';\n fix = '3734P08';\n}\n\nelse if( model =~ '^(A-)MSR30-1(6|1|0|)' && \"VCX\" >!< model )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^MSR40(0|6|8)0' )\n{\n report_fix = 'R0305P04';\n fix = '0305P04';\n}\n\nelse if( model =~ '^MSR100(2|3)-(4|8)' )\n{\n if( version =~ '^7\\\\.' )\n {\n report_fix = 'R0305P04';\n fix = '0305P04';\n }\n else\n {\n report_fix = 'R2514P10';\n fix = '2514P10';\n }\n}\n\nelse if( model =~ '^(A|A-)?125(0|1)(0|8|4)' )\n{\n report_fix = 'R1829P01';\n fix = '1829P01';\n}\n\nelse if( model =~ '(A|A-)?105(0|1)(8|4|2)^' || model =~ 'FF 1190(0|8)' )\n{\n report_fix = 'R7170';\n fix = '7170';\n}\n\nelse if( ( model =~ '^12500' || model =~ '^9500' || model =~ '^(7|10)500' || model =~ '^6600' || model =~ '^8800' || model =~ '^5820' ) && ( \"firewall\" >< tolower( model ) || 'vpn' >< tolower( model ) ) )\n{\n report_fix = 'R3181P07';\n fix = '3181P07';\n}\n\nelse if( model =~ '^129(0|1)[0-8]' )\n{\n report_fix = 'R1138P01';\n fix = '1138P01';\n}\n\nelse if( model =~ '^(FF )?79(0|1)(0|4)' )\n{\n report_fix = 'R2138P01';\n fix = '2138P01';\n}\n\nelse if( model =~ '^(A|A-)?5130-(24|48)-' )\n{\n report_fix = 'R3109P16';\n fix = '3109P16';\n}\n\nelse if( model =~ '^(A|A-)?5700-(48|40|32)' )\n{\n report_fix = 'R2422P01';\n fix = '2422P01';\n}\n\nelse if( model =~ '^75(0|1)(0|2|3|6)' )\n{\n if( version =~ '^7\\\\.' )\n {\n report_fix = 'R7170';\n fix = 'R7170';\n }\n else if( version =~ '^5\\\\.' )\n {\n report_fix = 'R6710P01';\n fix = '6710P01';\n }\n}\n\nif( ! fix ) exit( 0 );\n\nrelease = ereg_replace( pattern:'^R', string:release, replace:'' );\n\nif( revcomp( a:release, b:fix ) < 0 )\n{\n report = report_fixed_ver( installed_version:\"R\" + release, fixed_version:report_fix );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:07", "description": "Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\nCVE-2014-8176\nPraveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered\nthat an invalid memory free could be triggered when buffering DTLS\ndata. This could allow remote attackers to cause a denial of service\n(crash) or potentially execute arbitrary code. This issue only\naffected the oldstable distribution (wheezy).\n\nCVE-2015-1788\nJoseph Barr-Pixton discovered that an infinite loop could be triggered\ndue to incorrect handling of malformed ECParameters structures. This\ncould allow remote attackers to cause a denial of service.\n\nCVE-2015-1789\nRobert Swiecki and Hanno Bck discovered that the X509_cmp_time\nfunction could read a few bytes out of bounds. This could allow remote\nattackers to cause a denial of service (crash) via crafted\ncertificates and CRLs.\n\nCVE-2015-1790\nMichal Zalewski discovered that the PKCS#7 parsing code did not\nproperly handle missing content which could lead to a NULL pointer\ndereference. This could allow remote attackers to cause a denial of\nservice (crash) via crafted ASN.1-encoded PKCS#7 blobs.\n\nCVE-2015-1791\nEmilia Ksper discovered that a race condition could occur due to\nincorrect handling of NewSessionTicket in a multi-threaded client,\nleading to a double free. This could allow remote attackers to cause\na denial of service (crash).\n\nCVE-2015-1792\nJohannes Bauer discovered that the CMS code could enter an infinite\nloop when verifying a signedData message, if presented with an\nunknown hash function OID. This could allow remote attackers to cause\na denial of service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters\nshorter than 768 bits as a countermeasure against the Logjam attack\n(CVE-2015-4000\n).", "cvss3": {}, "published": "2015-06-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3287-1 (openssl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703287", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703287", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3287.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3287-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703287\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\",\n \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-4000\");\n script_name(\"Debian Security Advisory DSA 3287-1 (openssl - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-13 00:00:00 +0200 (Sat, 13 Jun 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3287.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(7|9|8)\");\n script_tag(name:\"affected\", value:\"openssl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy), these problems have been fixed\nin version 1.0.1e-2+deb7u17.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1k-3+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 1.0.2b-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2b-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\nCVE-2014-8176\nPraveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered\nthat an invalid memory free could be triggered when buffering DTLS\ndata. This could allow remote attackers to cause a denial of service\n(crash) or potentially execute arbitrary code. This issue only\naffected the oldstable distribution (wheezy).\n\nCVE-2015-1788\nJoseph Barr-Pixton discovered that an infinite loop could be triggered\ndue to incorrect handling of malformed ECParameters structures. This\ncould allow remote attackers to cause a denial of service.\n\nCVE-2015-1789\nRobert Swiecki and Hanno Bck discovered that the X509_cmp_time\nfunction could read a few bytes out of bounds. This could allow remote\nattackers to cause a denial of service (crash) via crafted\ncertificates and CRLs.\n\nCVE-2015-1790\nMichal Zalewski discovered that the PKCS#7 parsing code did not\nproperly handle missing content which could lead to a NULL pointer\ndereference. This could allow remote attackers to cause a denial of\nservice (crash) via crafted ASN.1-encoded PKCS#7 blobs.\n\nCVE-2015-1791\nEmilia Ksper discovered that a race condition could occur due to\nincorrect handling of NewSessionTicket in a multi-threaded client,\nleading to a double free. This could allow remote attackers to cause\na denial of service (crash).\n\nCVE-2015-1792\nJohannes Bauer discovered that the CMS code could enter an infinite\nloop when verifying a signedData message, if presented with an\nunknown hash function OID. This could allow remote attackers to cause\na denial of service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters\nshorter than 768 bits as a countermeasure against the Logjam attack\n(CVE-2015-4000\n).\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:37:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl (openSUSE-SU-2015:1139-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850661", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850661", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850661\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\",\n \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-06-26 06:23:36 +0200 (Fri, 26 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for openssl (openSUSE-SU-2015:1139-1)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"openssl was updated to fix six security issues.\n\n The following vulnerabilities were fixed:\n\n * CVE-2015-4000: The Logjam Attack / weakdh.org. Rject connections with DH\n parameters shorter than 768 bits, generates 2048-bit DH parameters by\n default. (boo#931698)\n\n * CVE-2015-1788: Malformed ECParameters causes infinite loop (boo#934487)\n\n * CVE-2015-1789: Exploitable out-of-bounds read in X509_cmp_time\n (boo#934489)\n\n * CVE-2015-1790: PKCS7 crash with missing EnvelopedContent (boo#934491)\n\n * CVE-2015-1792: CMS verify infinite loop with unknown hash function\n (boo#934493)\n\n * CVE-2015-1791: race condition in NewSessionTicket (boo#933911)\n\n * CVE-2015-3216: Crash in ssleay_rand_bytes due to locking regression\n (boo#933898)\");\n\n script_tag(name:\"affected\", value:\"openssl on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:1139-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel-32bit\", rpm:\"libopenssl-devel-32bit~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1184-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851077", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851077", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851077\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 19:35:01 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1184-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'OpenSSL'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL 0.9.8j was updated to fix several security issues.\n\n * CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed\n by rejecting connections with DH parameters shorter than 1024 bits.\n We now also generate 2048-bit DH parameters by default.\n\n * CVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\n * CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\n * CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent\n was fixed.\n\n * CVE-2015-1792: A CMS verification infinite loop when using an\n unknown hash function was fixed.\n\n * CVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\n * CVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to\n locking regression.\n\n * fixed a timing side channel in RSA decryption (bnc#929678)\n\n Additional changes:\n\n * In the default SSL cipher string EXPORT ciphers are now disabled.\n This will only get active if applications get rebuilt and actually\n use this string. (bnc#931698)\n\n * Added the ECC ciphersuites to the DEFAULT cipher class (bnc#879179)\");\n\n script_tag(name:\"affected\", value:\"OpenSSL on SUSE Linux Enterprise Server 11 SP1 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1184-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP1\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac\", rpm:\"libopenssl0_9_8-hmac~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac-32bit\", rpm:\"libopenssl0_9_8-hmac-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:37:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for compat-openssl098 (SUSE-SU-2015:1150-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850914", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850914", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850914\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 14:14:23 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for compat-openssl098 (SUSE-SU-2015:1150-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'compat-openssl098'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update fixes the following security issues:\n\n - CVE-2015-4000 (boo#931698)\n\n * The Logjam Attack / weakdh.org\n\n * reject connections with DH parameters shorter than 1024 bits\n\n * generates 2048-bit DH parameters by default\n\n - CVE-2015-1788 (boo#934487)\n\n * Malformed ECParameters causes infinite loop\n\n - CVE-2015-1789 (boo#934489)\n\n * Exploitable out-of-bounds read in X509_cmp_time\n\n - CVE-2015-1790 (boo#934491)\n\n * PKCS7 crash with missing EnvelopedContent\n\n - CVE-2015-1792 (boo#934493)\n\n * CMS verify infinite loop with unknown hash function\n\n - CVE-2015-1791 (boo#933911)\n\n * race condition in NewSessionTicket\n\n - CVE-2015-3216 (boo#933898)\n\n * Crash in ssleay_rand_bytes due to locking regression\n\n * modified openssl-1.0.1i-fipslocking.patch\n\n - fix timing side channel in RSA decryption (bnc#929678)\n\n - add ECC ciphersuites to DEFAULT (bnc#879179)\n\n - Disable EXPORT ciphers by default (bnc#931698, comment #3)\");\n\n script_tag(name:\"affected\", value:\"compat-openssl098 on SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1150-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLED12\\.0SP0\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"compat-openssl098-debugsource\", rpm:\"compat-openssl098-debugsource~0.9.8j~78.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8j~78.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8j~78.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo\", rpm:\"libopenssl0_9_8-debuginfo~0.9.8j~78.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo-32bit\", rpm:\"libopenssl0_9_8-debuginfo-32bit~0.9.8j~78.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-13T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1182-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850749", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850749", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850749\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-13 14:25:01 +0530 (Tue, 13 Oct 2015)\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\",\n \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1182-2)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'OpenSSL'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL 0.9.8k was updated to fix several security issues:\n\n * CVE-2015-4000: The Logjam Attack (weakdh.org) has been addressed by\n rejecting connections with DH parameters shorter than 1024 bits.\n 2048-bit DH parameters are now generated by default.\n\n * CVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\n * CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\n * CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent\n was fixed.\n\n * CVE-2015-1792: A CMS verification infinite loop when using an\n unknown hash function was fixed.\n\n * CVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\n * CVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to\n locking regression.\n\n * Fixed a timing side channel in RSA decryption. (bsc#929678)\n\n Additional changes:\n\n * In the default SSL cipher string EXPORT ciphers are now disabled.\n This will only get active if applications get rebuilt and actually\n use this string. (bsc#931698)\n\n * Added the ECC ciphersuites to the DEFAULT cipher class. (bsc#879179)\n\n Security Issues:\n\n * CVE-2015-1788\n\n * CVE-2015-1789\n\n * CVE-2015-1790\n\n * CVE-2015-1791\n\n * CVE-2015-1792\n\n * CVE-2015-3216\n\n * CVE-2015-4000\");\n\n script_tag(name:\"affected\", value:\"OpenSSL on SUSE Linux Enterprise Server 11 SP3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1182-2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac\", rpm:\"libopenssl0_9_8-hmac~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac-32bit\", rpm:\"libopenssl0_9_8-hmac-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-x86\", rpm:\"libopenssl0_9_8-x86~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for openssl (SUSE-SU-2015:1143-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850964", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850964", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850964\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 15:07:49 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for openssl (SUSE-SU-2015:1143-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update of openssl fixes the following security issues:\n\n - CVE-2015-4000 (bsc#931698)\n\n * The Logjam Attack / weakdh.org\n\n * reject connections with DH parameters shorter than 1024 bits\n\n * generates 2048-bit DH parameters by default\n\n - CVE-2015-1788 (bsc#934487)\n\n * Malformed ECParameters causes infinite loop\n\n - CVE-2015-1789 (bsc#934489)\n\n * Exploitable out-of-bounds read in X509_cmp_time\n\n - CVE-2015-1790 (bsc#934491)\n\n * PKCS7 crash with missing EnvelopedContent\n\n - CVE-2015-1792 (bsc#934493)\n\n * CMS verify infinite loop with unknown hash function\n\n - CVE-2015-1791 (bsc#933911)\n\n * race condition in NewSessionTicket\n\n - CVE-2015-3216 (bsc#933898)\n\n * Crash in ssleay_rand_bytes due to locking regression\n\n - fix a timing side channel in RSA decryption (bnc#929678)\");\n\n script_tag(name:\"affected\", value:\"openssl on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1143-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(SLED12\\.0SP0|SLES12\\.0SP0)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"SLES12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac\", rpm:\"libopenssl1_0_0-hmac~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac-32bit\", rpm:\"libopenssl1_0_0-hmac-32bit~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:37:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1184-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850877", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850877", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850877\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 13:21:44 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1184-2)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'OpenSSL'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL 0.9.8j was updated to fix several security issues.\n\n * CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed\n by rejecting connections with DH parameters shorter than 1024 bits.\n We now also generate 2048-bit DH parameters by default.\n\n * CVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\n * CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\n * CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent\n was fixed.\n\n * CVE-2015-1792: A CMS verification infinite loop when using an\n unknown hash function was fixed.\n\n * CVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\n * CVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to\n locking regression.\n\n * fixed a timing side channel in RSA decryption (bnc#929678)\n\n Additional changes:\n\n * In the default SSL cipher string EXPORT ciphers are now disabled.\n This will only get active if applications get rebuilt and actually\n use this string. (bnc#931698)\n\n * Added the ECC ciphersuites to the DEFAULT cipher class (bnc#879179)\");\n\n script_tag(name:\"affected\", value:\"OpenSSL on SUSE Linux Enterprise Server 11 SP2 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1184-2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP2\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac\", rpm:\"libopenssl0_9_8-hmac~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac-32bit\", rpm:\"libopenssl0_9_8-hmac-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:46", "description": "This host is running OpenSSL and is prone\n to multiple denial of service vulnerabilities.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "openvas", "title": "OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-02-27T00:00:00", "id": "OPENVAS:1361412562310806744", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806744", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_mult_dos_vuln02_dec15_win.nasl 13898 2019-02-27 08:37:43Z cfischer $\n#\n# OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806744\");\n script_version(\"$Revision: 13898 $\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\");\n script_bugtraq_id(75156, 75157, 75161, 75154);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-27 09:37:43 +0100 (Wed, 27 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-01 09:41:47 +0530 (Tue, 01 Dec 2015)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and is prone\n to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - An out-of-bounds read vulnerability in 'X509_cmp_time' function in\n 'crypto/x509/x509_vfy.c' script.\n\n - NULL pointer dereference vulnerability in 'PKCS7_dataDecodefunction' in\n 'crypto/pkcs7/pk7_doit.c' script.\n\n - 'ssl3_get_new_session_ticket' function in 'ssl/s3_clnt.c' script causes\n race condition while handling NewSessionTicket.\n\n - 'do_free_upto' function in 'crypto/cms/cms_smime.c' script verify infinite\n loop with unknown hash function.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to cause a denial of service or possibly have unspecified other impact.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions before 0.9.8zg, 1.0.0\n before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to OpenSSL 0.9.8zg, or 1.0.0s or\n 1.0.1n or 1.0.2b or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20150611.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^0\\.9\\.8\")\n{\n if(version_is_less(version:vers, test_version:\"0.9.8zg\"))\n {\n fix = \"0.9.8zg\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.0\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.0s\"))\n {\n fix = \"1.0.0s\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.1\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.1n\"))\n {\n fix = \"1.0.1n\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.2\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.2b\"))\n {\n fix = \"1.0.2b\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:49", "description": "This host is running OpenSSL and is prone\n to multiple denial of service vulnerabilities.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "openvas", "title": "OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-02-27T00:00:00", "id": "OPENVAS:1361412562310806745", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806745", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_mult_dos_vuln02_dec15_lin.nasl 13898 2019-02-27 08:37:43Z cfischer $\n#\n# OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806745\");\n script_version(\"$Revision: 13898 $\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\");\n script_bugtraq_id(75156, 75157, 75161, 75154);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-27 09:37:43 +0100 (Wed, 27 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-01 09:41:47 +0530 (Tue, 01 Dec 2015)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and is prone\n to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - An out-of-bounds read vulnerability in 'X509_cmp_time' function in\n 'crypto/x509/x509_vfy.c' script.\n\n - NULL pointer dereference vulnerability in 'PKCS7_dataDecodefunction' in\n 'crypto/pkcs7/pk7_doit.c' script.\n\n - 'ssl3_get_new_session_ticket' function in 'ssl/s3_clnt.c' script causes\n race condition while handling NewSessionTicket.\n\n - 'do_free_upto' function in 'crypto/cms/cms_smime.c' script verify infinite\n loop with unknown hash function.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to cause a denial of service or possibly have unspecified other impact.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions before 0.9.8zg, 1.0.0\n before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to OpenSSL 0.9.8zg, or 1.0.0s or\n 1.0.1n or 1.0.2b or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20150611.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^0\\.9\\.8\")\n{\n if(version_is_less(version:vers, test_version:\"0.9.8zg\"))\n {\n fix = \"0.9.8zg\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.0\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.0s\"))\n {\n fix = \"1.0.0s\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.1\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.1n\"))\n {\n fix = \"1.0.1n\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.2\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.2b\"))\n {\n fix = \"1.0.2b\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:06", "description": "IPFire 2.17 - Core Update 91 fixes multiple security vulnerabilities.", "cvss3": {}, "published": "2015-06-30T00:00:00", "type": "openvas", "title": "IPFire 2.17 - Core Update 91", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2015-4171", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-3991", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310105308", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105308", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ipfire_2_17_core_91.nasl 12106 2018-10-26 06:33:36Z cfischer $\n#\n# IPFire 2.17 - Core Update 91\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105308\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1792\", \"CVE-2015-1791\", \"CVE-2014-8176\", \"CVE-2015-3991\", \"CVE-2015-4171\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 12106 $\");\n\n script_name(\"IPFire 2.17 - Core Update 91\");\n\n script_xref(name:\"URL\", value:\"http://www.ipfire.org/news/ipfire-2-17-core-update-91-released\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The followinig vulnerabilities are fixed with IPFire 2.17 - Core Update 91:\nOpenSSL security vulnerabilities:\n\nThere are six security vulnerabilities that are fixed in version 1.0.2b of openssl. This version contained an ABI\nbreakage bug that required us to wait for a fix for that and rebuild this Core Update.\n\nAmong these are fixes for the Logjam vulnerability and others that are filed under CVE-2015-1788, CVE-2015-1789,\nCVE-2015-1790, CVE-2015-1792, CVE-2015-1791, and CVE-2014-8176.\n\nStrongSwan IPsec security vulnerability:\n\nIn strongSwan 5.3.1, a security vulnerability that is filed under CVE-2015-3991 was fixed. A denial-of-service and\npotential code execution was possible with specially crafted IKE messages.\n\nIPFire ships now version 5.3.2 which fixes an second vulnerability (CVE-2015-4171).\");\n\n script_tag(name:\"solution\", value:\"Update to IPFire 2.17 - Core Update 91\");\n script_tag(name:\"summary\", value:\"IPFire 2.17 - Core Update 91 fixes multiple security vulnerabilities.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 08:33:36 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-30 12:19:16 +0200 (Tue, 30 Jun 2015)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ipfire/system-release\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nif( ! rls = get_kb_item( \"ipfire/system-release\" ) ) exit( 0 );\nif( \"IPFire\" >!< rls ) exit( 0 );\n\nvers = eregmatch( pattern:'IPFire ([0-9.]+[^ ]*)', string:rls );\nif( ! isnull( vers[1] ) ) version = vers[1];\n\nif( ! version ) exit( 0 );\n\nc = eregmatch( pattern:'core([0-9]+)', string:rls );\nif( ! isnull( c[1] ) )\n core = c[1];\nelse\n core = 0;\n\nchk_version = version + '.' + core;\n\nif( version_is_less( version:chk_version, test_version: \"2.17.91\" ) )\n{\n report = 'Installed version: ' + version + ' core' + core +'\\n' +\n 'Fixed version: 2.17 core91\\n';\n\n security_message( data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:52", "description": "The OpenSSL library used in Junos OS is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2015-11-24T00:00:00", "type": "openvas", "title": "Junos Multiple OpenSSL Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1793", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310106048", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106048", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_junos_cve-2015-1791.nasl 12106 2018-10-26 06:33:36Z cfischer $\n#\n# Junos Multiple OpenSSL Vulnerabilities\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/o:juniper:junos';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106048\");\n script_version(\"$Revision: 12106 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 08:33:36 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-24 11:15:58 +0700 (Tue, 24 Nov 2015)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2015-1791\", \"CVE-2015-1793\", \"CVE-2015-1790\", \"CVE-2015-1792\", \"CVE-2015-1788\",\n \"CVE-2015-1789\");\n\n script_name(\"Junos Multiple OpenSSL Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_family(\"JunOS Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gb_ssh_junos_get_version.nasl\", \"gb_junos_snmp_version.nasl\");\n script_mandatory_keys(\"Junos/Version\");\n\n script_tag(name:\"summary\", value:\"The OpenSSL library used in Junos OS is prone to multiple\nvulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable OS build is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL library used in Junos OS is prone to multiple\nvulnerabilities.\nCVE-2015-1791: Race condition in the ssl3_get_new_session_ticket function.\nCVE-2015-1793: Error in the implementation of the alternative certificate chain logic.\nCVE-2015-1790: DoS vulnerability in the PKCS7_dataDecode function.\nCVE-2015-1792: DoS vulnerability in the do_free_upto function.\nCVE-2015-1788: DoS vulnerability in the BN_GF2m_mod_inv function.\nCVE-2015-1789: DoS vulnerability in the X509_cmp_time function.\");\n\n script_tag(name:\"impact\", value:\"The vulnerabilities range from denial of service to security bypass.\");\n\n script_tag(name:\"affected\", value:\"Junos OS 12.1, 12.3, 13.2, 13.3, 14.1, 14.2 and 15.1\");\n\n script_tag(name:\"solution\", value:\"New builds of Junos OS software are available from Juniper. As a\nworkaround disable J-Web and disable SSL service for JUNOScript and only use Netconf.\");\n\n script_xref(name:\"URL\", value:\"http://kb.juniper.net/JSA10694\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\n\nif (!version = get_app_version(cpe: CPE, nofork: TRUE))\n exit(0);\n\nif (version =~ \"^12\") {\n if ((revcomp(a: version, b: \"12.1X44-D55\") < 0) &&\n (revcomp(a: version, b: \"12.1X44\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.1X46-D40\") < 0) &&\n (revcomp(a: version, b: \"12.1X46\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.1X47-D25\") < 0) &&\n (revcomp(a: version, b: \"12.1X47\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.3R11\") < 0) &&\n (revcomp(a: version, b: \"12.3\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.3X48-D20\") < 0) &&\n (revcomp(a: version, b: \"12.3X48\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nif (version =~ \"^13\") {\n if (revcomp(a: version, b: \"13.2X51-D40\") < 0) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"13.3R7\") < 0) &&\n (revcomp(a: version, b: \"13.3\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nif (version =~ \"^14\") {\n if (revcomp(a: version, b: \"14.1R6\") < 0) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"14.2R4\") < 0) &&\n (revcomp(a: version, b: \"14.2\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nif (version =~ \"^15\") {\n if (revcomp(a: version, b: \"15.1R2\") < 0) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"15.1X49-D20\") < 0) &&\n (revcomp(a: version, b: \"15.1X49\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2015-10047", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-0209", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869732", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869732", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2015-10047\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869732\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:41:07 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\",\n \"CVE-2015-0209\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2015-10047\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-10047\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~10.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-14T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2015-11475", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1793", "CVE-2015-1789", "CVE-2015-0209", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869740", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869740", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2015-11475\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869740\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-14 06:35:46 +0200 (Tue, 14 Jul 2015)\");\n script_cve_id(\"CVE-2015-1793\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\",\n \"CVE-2015-1792\", \"CVE-2015-0209\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2015-11475\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-11475\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/161782.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~11.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:44", "description": "Cisco ASA is prone to multiple vulnerabilities in the OpenSSL\nlibrary.", "cvss3": {}, "published": "2015-11-25T00:00:00", "type": "openvas", "title": "Cisco ASA Multiple OpenSSL Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1790", "CVE-2015-1791"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310106049", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106049", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_cisco_asa_CSCuu83280.nasl 12106 2018-10-26 06:33:36Z cfischer $\n#\n# Cisco ASA Multiple OpenSSL Vulnerabilities\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:cisco:asa\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106049\");\n script_version(\"$Revision: 12106 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 08:33:36 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-25 11:40:51 +0700 (Wed, 25 Nov 2015)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2015-1790\", \"CVE-2015-1791\");\n\n script_name(\"Cisco ASA Multiple OpenSSL Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CISCO\");\n script_dependencies(\"gb_cisco_asa_version.nasl\", \"gb_cisco_asa_version_snmp.nasl\");\n script_mandatory_keys(\"cisco_asa/version\");\n\n script_tag(name:\"summary\", value:\"Cisco ASA is prone to multiple vulnerabilities in the OpenSSL\nlibrary.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"On June 11, 2015, the OpenSSL Project released a security advisory\ndetailing six distinct vulnerabilities, and another fix that provides hardening protections against exploits\nas described in the Logjam research. Two of the vulnerabilities apply to Cisco ASA products.\");\n\n script_tag(name:\"impact\", value:\"The vulnerability may lead to a denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Version 7.2, 8.2, 8.4, 8.5, 8.6, 8.7, 9.0, 9.1, 9.2, 9.3 and 9.4\");\n\n script_tag(name:\"solution\", value:\"Apply the appropriate updates from Cisco.\");\n\n script_xref(name:\"URL\", value:\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\n\nif( ! version = get_app_version( cpe:CPE, nofork: TRUE ) ) exit( 0 );\ncompver = ereg_replace(string:version, pattern:\"\\(([0-9.]+)\\)\", replace:\".\\1\");\n\nif (revcomp(a:compver, b:\"8.2.5.58\") < 0) {\n report = 'Installed Version: ' + version + '\\n' +\n 'Fixed Version: 8.2(5.58)\\n';\n security_message(port: 0, data:report);\n exit(0);\n}\n\nif ((revcomp(a:compver, b:\"8.4.7.29\") < 0) &&\n (revcomp(a:compver, b:\"8.3\") >= 0)) {\n report = 'Installed Version: ' + version + '\\n' +\n 'Fixed Version: 8.4(7.29)\\n';\n security_message(port: 0, data:report);\n exit(0);\n}\n\nif ((revcomp(a:compver, b:\"8.7.1.17\") < 0) &&\n (revcomp(a:compver, b:\"8.5\") >= 0)) {\n report = 'Installed Version: ' + version + '\\n' +\n 'Fixed Version: 8.7(1.17)\\n';\n security_message(port: 0, data:report);\n exit(0);\n}\n\nif ((revcomp(a:compver, b:\"9.0.4.36\") < 0) &&\n (revcomp(a:compver, b:\"9.0\") >= 0)) {\n report = 'Installed Version: ' + version + '\\n' +\n 'Fixed Version: 9.0(4.36)\\n';\n security_message(port: 0, data:report);\n exit(0);\n}\n\nif ((revcomp(a:compver, b:\"9.1.6.7\") < 0) &&\n (revcomp(a:compver, b:\"9.1\") >= 0)) {\n report = 'Installed Version: ' + version + '\\n' +\n 'Fixed Version: 9.1(6.7)\\n';\n security_message(port: 0, data:report);\n exit(0);\n}\n\nif ((revcomp(a:compver, b:\"9.2.4.1\") < 0) &&\n (revcomp(a:compver, b:\"9.2\") >= 0)) {\n report = 'Installed Version: ' + version + '\\n' +\n 'Fixed Version: 9.2(4.1)\\n';\n security_message(port: 0, data:report);\n exit(0);\n}\n\nif ((revcomp(a:compver, b:\"9.3.3.3\") < 0) &&\n (revcomp(a:compver, b:\"9.3\") >= 0)) {\n report = 'Installed Version: ' + version + '\\n' +\n 'Fixed Version: 9.3(3.3)\\n';\n security_message(port: 0, data:report);\n exit(0);\n}\n\nif ((revcomp(a:compver, b:\"9.4.1.6\") < 0) &&\n (revcomp(a:compver, b:\"9.4\") >= 0)) {\n report = 'Installed Version: ' + version + '\\n' +\n 'Fixed Version: 9.4(1.6)\\n';\n security_message(port: 0, data:report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:43", "description": "ScreenOS: Multiple Vulnerabilities in OpenSSL / Malformed SSL/TLS packet causes Denial of Service", "cvss3": {}, "published": "2016-04-15T00:00:00", "type": "openvas", "title": "Multiple Security issues with ScreenOS (JSA10732/JSA10733)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1789", "CVE-2015-3195", "CVE-2016-1268", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2018-10-25T00:00:00", "id": "OPENVAS:1361412562310105605", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105605", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_juniper_screenos_JSA10732.nasl 12096 2018-10-25 12:26:02Z asteins $\n#\n# Multiple Security issues with ScreenOS (JSA10732/JSA10733)\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/o:juniper:screenos\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105605\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-3195\", \"CVE-2016-1268\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_version(\"$Revision: 12096 $\");\n\n script_name(\"Multiple Security issues with ScreenOS (JSA10732/JSA10733)\");\n\n script_xref(name:\"URL\", value:\"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10732&actp=RSS\");\n script_xref(name:\"URL\", value:\"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733&actp=RSS\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A specially crafted malformed packet received on any interface targeted to the device's administrative web services interface may cause loss of administrative access to the system and can reboot the system causing a complete denial of service.\");\n\n script_tag(name:\"solution\", value:\"Update to ScreenOS 6.3.0r22 or newer\");\n\n script_tag(name:\"summary\", value:\"ScreenOS: Multiple Vulnerabilities in OpenSSL / Malformed SSL/TLS packet causes Denial of Service\");\n script_tag(name:\"affected\", value:\"These issues can affect any product or platform running ScreenOS prior to 6.3.0r22\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-25 14:26:02 +0200 (Thu, 25 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-04-15 14:21:00 +0200 (Fri, 15 Apr 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_screenos_version.nasl\");\n script_mandatory_keys(\"ScreenOS/version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) ) exit( 0 );\n\ndisplay_version = version;\n\nversion = str_replace( string:version, find:\"r\", replace:\".\" );\nversion = str_replace( string:version, find:\"-\", replace:\".\" );\n\ndisplay_fix = '6.3.0r22';\n\nif( version_is_less( version:version, test_version:'6.3.0.22' ) )\n{\n report = report_fixed_ver( installed_version:display_version, fixed_version:display_fix );\n\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:46", "description": "Check the version of openssl", "cvss3": {}, "published": "2015-07-03T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:1197 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1789", "CVE-2015-1790"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882215", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882215", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2015:1197 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882215\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-03 06:11:00 +0200 (Fri, 03 Jul 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2015:1197 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\n Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash.\n(CVE-2015-1790)\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them to decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2015-1789\nand CVE-2015-1790. Upstream acknowledges Robert Swiecki and Hanno Bock as\nthe original reporters of CVE-2015-1789, and Michal Zalewski as the\noriginal reporter of CVE-2015-1790.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1197\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-July/021230.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~36.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~36.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~36.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:18", "description": "Oracle Linux Local Security Checks ELSA-2015-1197", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1197", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1789", "CVE-2015-1790"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123086", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123086", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1197.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123086\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:59:12 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1197\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1197 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1197\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1197.html\");\n script_cve_id(\"CVE-2015-4000\", \"CVE-2015-1789\", \"CVE-2015-1790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~36.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~36.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~36.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-01T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2015:1197-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1789", "CVE-2015-1790"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871385", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871385", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2015:1197-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871385\");\n script_version(\"$Revision: 12497 $\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-01 06:28:09 +0200 (Wed, 01 Jul 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for openssl RHSA-2015:1197-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash.\n(CVE-2015-1790)\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them to decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2015-1789\nand CVE-2015-1790. Upstream acknowledges Robert Swiecki and Hanno Bock as\nthe original reporters of CVE-2015-1789, and Michal Zalewski as the\noriginal reporter of CVE-2015-1790.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1197-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-June/msg00042.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~36.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8e~36.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~36.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~36.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T18:37:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1183-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1789", "CVE-2015-1790"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851044", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851044", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851044\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 18:53:41 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1183-2)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'OpenSSL'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL was updated to fix several security issues.\n\n * CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed\n by rejecting connections with DH parameters shorter than 1024 bits.\n We now also generate 2048-bit DH parameters by default.\n\n * CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\n * CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent\n was fixed.\n\n * fixed a timing side channel in RSA decryption (bnc#929678)\n\n Additional changes:\n\n * In the default SSL cipher string EXPORT ciphers are now disabled.\n This will only get active if applications get rebuilt and actually\n use this string. (bnc#931698)\");\n\n script_tag(name:\"affected\", value:\"OpenSSL on SUSE Linux Enterprise Desktop 11 SP3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1183-2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLED11\\.0SP3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED11.0SP3\") {\n if(!isnull(res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~146.22.31.1\", rls:\"SLED11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"compat-openssl097g-32bit\", rpm:\"compat-openssl097g-32bit~0.9.7g~146.22.31.1\", rls:\"SLED11.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-25T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2015-10108", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-0286", "CVE-2015-0293", "CVE-2015-0209", "CVE-2015-1790", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-1791"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869465", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869465", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2015-10108\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869465\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-25 06:33:40 +0200 (Thu, 25 Jun 2015)\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\",\n \"CVE-2015-0209\", \"CVE-2015-4000\", \"CVE-2015-0286\", \"CVE-2015-0287\",\n \"CVE-2015-0289\", \"CVE-2015-0293\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2015-10108\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-10108\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~10.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-14T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2015-11414", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1793", "CVE-2015-1789", "CVE-2015-0286", "CVE-2015-0293", "CVE-2015-0209", "CVE-2015-1790", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-1791"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869742", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869742", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2015-11414\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869742\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-14 06:36:09 +0200 (Tue, 14 Jul 2015)\");\n script_cve_id(\"CVE-2015-1793\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\",\n \"CVE-2015-1792\", \"CVE-2015-0209\", \"CVE-2015-4000\", \"CVE-2015-0286\",\n \"CVE-2015-0287\", \"CVE-2015-0289\", \"CVE-2015-0293\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2015-11414\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-11414\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/161747.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~11.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:37:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-09-18T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for libressl (openSUSE-SU-2015:1277-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2014-3572", "CVE-2015-0206", "CVE-2015-1789", "CVE-2015-0286", "CVE-2015-0288", "CVE-2014-8275", "CVE-2014-3570", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-0209", "CVE-2015-1790", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-0205"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850678", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850678", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850678\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-09-18 10:33:35 +0200 (Fri, 18 Sep 2015)\");\n script_cve_id(\"CVE-2014-3570\", \"CVE-2014-3572\", \"CVE-2014-8176\", \"CVE-2014-8275\", \"CVE-2015-0205\", \"CVE-2015-0206\", \"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1792\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for libressl (openSUSE-SU-2015:1277-1)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libressl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"libressl was updated to version 2.2.1 to fix 16 security issues.\n\n LibreSSL is a fork of OpenSSL. Because of that CVEs affecting OpenSSL\n often also affect LibreSSL.\n\n These security issues were fixed:\n\n - CVE-2014-3570: The BN_sqr implementation in OpenSSL before 0.9.8zd,\n 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k did not properly calculate\n the square of a BIGNUM value, which might make it easier for remote\n attackers to defeat cryptographic protection mechanisms via unspecified\n vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c,\n and crypto/bn/bn_asm.c (bsc#912296).\n\n - CVE-2014-3572: The ssl3_get_key_exchange function in s3_clnt.c in\n OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k\n allowed remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks\n and trigger a loss of forward secrecy by omitting the ServerKeyExchange\n message (bsc#912015).\n\n - CVE-2015-1792: The do_free_upto function in crypto/cms/cms_smime.c in\n OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and\n 1.0.2 before 1.0.2b allowed remote attackers to cause a denial of\n service (infinite loop) via vectors that trigger a NULL value of a BIO\n data structure, as demonstrated by an unrecognized X.660 OID for a hash\n function (bsc#934493).\n\n - CVE-2014-8275: OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1\n before 1.0.1k did not enforce certain constraints on certificate data,\n which allowed remote attackers to defeat a fingerprint-based\n certificate-blacklist protection mechanism by including crafted data\n within a certificate's unsigned portion, related to\n crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c,\n and crypto/x509/x_all.c (bsc#912018).\n\n - CVE-2015-0209: Use-after-free vulnerability in the d2i_ECPrivateKey\n function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before\n 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allowed\n remote attackers to cause a denial of service (memory corruption and\n application crash) or possibly have unspecified other impact via a\n malformed Elliptic Curve (EC) private-key file that is improperly\n handled during import (bsc#919648).\n\n - CVE-2015-1789: The X509_cmp_time function in crypto/x509/x509_vfy.c in\n OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and\n 1.0.2 before 1.0.2b allowed remote attackers to cause a denial of\n service (out-of-bounds read and application crash) via a crafted length\n field in ASN1_TIME data, as demonstrated by an attack against a server\n that supports client authentication with a custom verific ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"libressl on openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:1277-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"libcrypto34\", rpm:\"libcrypto34~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcrypto34-debuginfo\", rpm:\"libcrypto34-debuginfo~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl\", rpm:\"libressl~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl-debuginfo\", rpm:\"libressl-debuginfo~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl-debugsource\", rpm:\"libressl-debugsource~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl-devel\", rpm:\"libressl-devel~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libssl33\", rpm:\"libssl33~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libssl33-debuginfo\", rpm:\"libssl33-debuginfo~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtls4\", rpm:\"libtls4~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtls4-debuginfo\", rpm:\"libtls4-debuginfo~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcrypto34-32bit\", rpm:\"libcrypto34-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcrypto34-debuginfo-32bit\", rpm:\"libcrypto34-debuginfo-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl-devel-32bit\", rpm:\"libressl-devel-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libssl33-32bit\", rpm:\"libssl33-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libssl33-debuginfo-32bit\", rpm:\"libssl33-debuginfo-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtls4-32bit\", rpm:\"libtls4-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtls4-debuginfo-32bit\", rpm:\"libtls4-debuginfo-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl-devel-doc\", rpm:\"libressl-devel-doc~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-07T18:45:54", "description": "The remote host is missing a security patch.", "cvss3": {}, "published": "2015-09-18T00:00:00", "type": "openvas", "title": "F5 BIG-IP - SOL16914 - OpenSSL vulnerability CVE-2015-1791", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1791"], "modified": "2020-04-03T00:00:00", "id": "OPENVAS:1361412562310105365", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105365", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# F5 BIG-IP - SOL16914 - OpenSSL vulnerability CVE-2015-1791\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/h:f5:big-ip\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105365\");\n script_cve_id(\"CVE-2015-1791\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"2020-04-03T06:15:47+0000\");\n\n script_name(\"F5 BIG-IP - SOL16914 - OpenSSL vulnerability CVE-2015-1791\");\n\n script_xref(name:\"URL\", value:\"https://support.f5.com/kb/en-us/solutions/public/16000/900/sol16914.html?sr=48315759\");\n\n script_tag(name:\"impact\", value:\"An attacker could cause a multi-threaded SSL/TLS server to become unresponsive.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier. (CVE-2015-1791)\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing a security patch.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2020-04-03 06:15:47 +0000 (Fri, 03 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-09-18 15:09:19 +0200 (Fri, 18 Sep 2015)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"F5 Local Security Checks\");\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gb_f5_big_ip_version.nasl\");\n script_mandatory_keys(\"f5/big_ip/version\", \"f5/big_ip/active_modules\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"list_array_func.inc\");\ninclude(\"f5.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) )\n exit( 0 );\n\ncheck_f5['LTM'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AAM'] = make_array( 'affected', '11.4.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AFM'] = make_array( 'affected', '11.3.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AVR'] = make_array( 'affected', '11.0.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['APM'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['ASM'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['LC'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['PEM'] = make_array( 'affected', '11.3.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\nif( report = f5_is_vulnerable( ca:check_f5, version:version ) ) {\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-07T18:46:15", "description": "The remote host is missing a security patch.", "cvss3": {}, "published": "2015-09-18T00:00:00", "type": "openvas", "title": "F5 BIG-IP - SOL16898 - PKCS #7 vulnerability CVE-2015-1790", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1790"], "modified": "2020-04-03T00:00:00", "id": "OPENVAS:1361412562310105363", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105363", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# F5 BIG-IP - SOL16898 - PKCS #7 vulnerability CVE-2015-1790\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/h:f5:big-ip\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105363\");\n script_cve_id(\"CVE-2015-1790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"2020-04-03T06:15:47+0000\");\n\n script_name(\"F5 BIG-IP - SOL16898 - PKCS #7 vulnerability CVE-2015-1790\");\n\n script_xref(name:\"URL\", value:\"https://support.f5.com/kb/en-us/solutions/public/16000/800/sol16898.html?sr=48315687\");\n\n script_tag(name:\"impact\", value:\"An attacker may be able to craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing.Note: This vulnerability is exploitable only through the BIG-IP control plane (non-Traffic Management Microkernel (TMM) related tasks).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data. (CVE-2015-1790)\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing a security patch.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2020-04-03 06:15:47 +0000 (Fri, 03 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-09-18 15:02:10 +0200 (Fri, 18 Sep 2015)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"F5 Local Security Checks\");\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gb_f5_big_ip_version.nasl\");\n script_mandatory_keys(\"f5/big_ip/version\", \"f5/big_ip/active_modules\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"list_array_func.inc\");\ninclude(\"f5.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) )\n exit( 0 );\n\ncheck_f5['LTM'] = make_array( 'affected', '11.0.0-11.6.0;10.0.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AAM'] = make_array( 'affected', '11.4.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AFM'] = make_array( 'affected', '11.3.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AVR'] = make_array( 'affected', '11.0.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['APM'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['ASM'] = make_array( 'affected', '11.0.0-11.6.0;10.0.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['LC'] = make_array( 'affected', '11.0.0-11.6.0;10.0.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['PEM'] = make_array( 'affected', '11.3.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\nif( report = f5_is_vulnerable( ca:check_f5, version:version ) ) {\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2023-01-28T14:37:23", "description": "An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Scientific Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-17T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20150615)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:openssl", "p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo", "p-cpe:/a:fermilab:scientific_linux:openssl-devel", "p-cpe:/a:fermilab:scientific_linux:openssl-libs", "p-cpe:/a:fermilab:scientific_linux:openssl-perl", "p-cpe:/a:fermilab:scientific_linux:openssl-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150615_OPENSSL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/84226", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84226);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20150615)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a\nDTLS server or client using OpenSSL to crash or, potentially, execute\narbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with\nScientific Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function\nof OpenSSL. A specially crafted X.509 certificate or a Certificate\nRevocation List (CRL) could possibly cause a TLS/SSL server or client\nusing OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using\nOpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message\nSyntax (CMS) messages. A CMS message with an unknown hash function\nidentifier could cause an application using OpenSSL to enter an\ninfinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to\ncrash. (CVE-2015-1790)\n\nFor the update to take effect, all services linked to the OpenSSL\nlibrary must be restarted, or the system rebooted.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1506&L=scientific-linux-errata&F=&S=&P=6990\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ed986b1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"openssl-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-debuginfo-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-devel-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-perl-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-static-1.0.1e-30.el6_6.11\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el7_1.8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-libs / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:22", "description": "From Red Hat Security Advisory 2015:1115 :\n\nUpdated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan Fratric as the original reporters of CVE-2014-8176, Robert Swiecki and Hanno Bock as the original reporters of CVE-2015-1789, Michal Zalewski as the original reporter of CVE-2015-1790, Emilia Kasper as the original report of CVE-2015-1791 and Johannes Bauer as the original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-16T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : openssl (ELSA-2015-1115)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl-libs", "p-cpe:/a:oracle:linux:openssl-perl", "p-cpe:/a:oracle:linux:openssl-static", "cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-1115.NASL", "href": "https://www.tenable.com/plugins/nessus/84202", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1115 and \n# Oracle Linux Security Advisory ELSA-2015-1115 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84202);\n script_version(\"2.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_bugtraq_id(73239, 75154, 75156, 75157, 75159, 75161);\n script_xref(name:\"RHSA\", value:\"2015:1115\");\n\n script_name(english:\"Oracle Linux 6 / 7 : openssl (ELSA-2015-1115)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1115 :\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a\nDTLS server or client using OpenSSL to crash or, potentially, execute\narbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function\nof OpenSSL. A specially crafted X.509 certificate or a Certificate\nRevocation List (CRL) could possibly cause a TLS/SSL server or client\nusing OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using\nOpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message\nSyntax (CMS) messages. A CMS message with an unknown hash function\nidentifier could cause an application using OpenSSL to enter an\ninfinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to\ncrash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and\nIvan Fratric as the original reporters of CVE-2014-8176, Robert\nSwiecki and Hanno Bock as the original reporters of CVE-2015-1789,\nMichal Zalewski as the original reporter of CVE-2015-1790, Emilia\nKasper as the original report of CVE-2015-1791 and Johannes Bauer as\nthe original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library must\nbe restarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-June/005125.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-June/005126.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"openssl-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-devel-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-perl-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-static-1.0.1e-30.el6_6.11\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el7_1.8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-libs / openssl-perl / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:40", "description": "Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan Fratric as the original reporters of CVE-2014-8176, Robert Swiecki and Hanno Bock as the original reporters of CVE-2015-1789, Michal Zalewski as the original reporter of CVE-2015-1790, Emilia Kasper as the original report of CVE-2015-1791 and Johannes Bauer as the original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-16T00:00:00", "type": "nessus", "title": "CentOS 6 / 7 : openssl (CESA-2015:1115)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl-libs", "p-cpe:/a:centos:centos:openssl-perl", "p-cpe:/a:centos:centos:openssl-static", "cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-1115.NASL", "href": "https://www.tenable.com/plugins/nessus/84199", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1115 and \n# CentOS Errata and Security Advisory 2015:1115 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84199);\n script_version(\"2.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_bugtraq_id(75154, 75156, 75157, 75159, 75161);\n script_xref(name:\"RHSA\", value:\"2015:1115\");\n\n script_name(english:\"CentOS 6 / 7 : openssl (CESA-2015:1115)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a\nDTLS server or client using OpenSSL to crash or, potentially, execute\narbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function\nof OpenSSL. A specially crafted X.509 certificate or a Certificate\nRevocation List (CRL) could possibly cause a TLS/SSL server or client\nusing OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using\nOpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message\nSyntax (CMS) messages. A CMS message with an unknown hash function\nidentifier could cause an application using OpenSSL to enter an\ninfinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to\ncrash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and\nIvan Fratric as the original reporters of CVE-2014-8176, Robert\nSwiecki and Hanno Bock as the original reporters of CVE-2015-1789,\nMichal Zalewski as the original reporter of CVE-2015-1790, Emilia\nKasper as the original report of CVE-2015-1791 and Johannes Bauer as\nthe original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library must\nbe restarted, or the system rebooted.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-June/021172.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?045df2f1\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-June/021173.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?30c569d9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8176\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x / 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-1.0.1e-30.el6.11\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-devel-1.0.1e-30.el6.11\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-perl-1.0.1e-30.el6.11\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-static-1.0.1e-30.el6.11\")) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7.8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-42.el7.8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.1e-42.el7.8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7.8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el7.8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-libs / openssl-perl / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-29T14:40:56", "description": "Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan Fratric as the original reporters of CVE-2014-8176, Robert Swiecki and Hanno Bock as the original reporters of CVE-2015-1789, Michal Zalewski as the original reporter of CVE-2015-1790, Emilia Kasper as the original report of CVE-2015-1791 and Johannes Bauer as the original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-16T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : openssl (RHSA-2015:1115)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2021-02-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-libs", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "p-cpe:/a:redhat:enterprise_linux:openssl-static", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.6", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.1", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2015-1115.NASL", "href": "https://www.tenable.com/plugins/nessus/84204", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1115. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84204);\n script_version(\"2.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/05\");\n\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_bugtraq_id(75154, 75156, 75157, 75159, 75161);\n script_xref(name:\"RHSA\", value:\"2015:1115\");\n\n script_name(english:\"RHEL 6 / 7 : openssl (RHSA-2015:1115)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a\nDTLS server or client using OpenSSL to crash or, potentially, execute\narbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function\nof OpenSSL. A specially crafted X.509 certificate or a Certificate\nRevocation List (CRL) could possibly cause a TLS/SSL server or client\nusing OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using\nOpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message\nSyntax (CMS) messages. A CMS message with an unknown hash function\nidentifier could cause an application using OpenSSL to enter an\ninfinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to\ncrash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and\nIvan Fratric as the original reporters of CVE-2014-8176, Robert\nSwiecki and Hanno Bock as the original reporters of CVE-2015-1789,\nMichal Zalewski as the original reporter of CVE-2015-1790, Emilia\nKasper as the original report of CVE-2015-1791 and Johannes Bauer as\nthe original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library must\nbe restarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20150611.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-8176\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3216\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1115\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-debuginfo-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-devel-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-perl-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-perl-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-static-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-static-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-30.el6_6.11\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"openssl-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-debuginfo-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-devel-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-libs-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"openssl-perl-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-static-1.0.1e-42.el7_1.8\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-libs / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:23", "description": "Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2014-8176)\n\nJoseph Barr-Pixton discovered that OpenSSL incorrectly handled malformed ECParameters structures. A remote attacker could use this issue to cause OpenSSL to hang, resulting in a denial of service.\n(CVE-2015-1788)\n\nRobert Swiecki and Hanno Bock discovered that OpenSSL incorrectly handled certain ASN1_TIME strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-1789)\n\nMichal Zalewski discovered that OpenSSL incorrectly handled missing content when parsing ASN.1-encoded PKCS#7 blobs. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-1790)\n\nEmilia Kasper discovered that OpenSSL incorrectly handled NewSessionTicket when being used by a multi-threaded client. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-1791)\n\nJohannes Bauer discovered that OpenSSL incorrectly handled verifying signedData messages using the CMS code. A remote attacker could use this issue to cause OpenSSL to hang, resulting in a denial of service.\n(CVE-2015-1792)\n\nAs a security improvement, this update also modifies OpenSSL behaviour to reject DH key sizes below 768 bits, preventing a possible downgrade attack.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-12T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : openssl vulnerabilities (USN-2639-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:canonical:ubuntu_linux:15.04"], "id": "UBUNTU_USN-2639-1.NASL", "href": "https://www.tenable.com/plugins/nessus/84148", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2639-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84148);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\");\n script_bugtraq_id(75159);\n script_xref(name:\"USN\", value:\"2639-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : openssl vulnerabilities (USN-2639-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that\nOpenSSL incorrectly handled memory when buffering DTLS data. A remote\nattacker could use this issue to cause OpenSSL to crash, resulting in\na denial of service, or possibly execute arbitrary code.\n(CVE-2014-8176)\n\nJoseph Barr-Pixton discovered that OpenSSL incorrectly handled\nmalformed ECParameters structures. A remote attacker could use this\nissue to cause OpenSSL to hang, resulting in a denial of service.\n(CVE-2015-1788)\n\nRobert Swiecki and Hanno Bock discovered that OpenSSL incorrectly\nhandled certain ASN1_TIME strings. A remote attacker could use this\nissue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-1789)\n\nMichal Zalewski discovered that OpenSSL incorrectly handled missing\ncontent when parsing ASN.1-encoded PKCS#7 blobs. A remote attacker\ncould use this issue to cause OpenSSL to crash, resulting in a denial\nof service. (CVE-2015-1790)\n\nEmilia Kasper discovered that OpenSSL incorrectly handled\nNewSessionTicket when being used by a multi-threaded client. A remote\nattacker could use this issue to cause OpenSSL to crash, resulting in\na denial of service. (CVE-2015-1791)\n\nJohannes Bauer discovered that OpenSSL incorrectly handled verifying\nsignedData messages using the CMS code. A remote attacker could use\nthis issue to cause OpenSSL to hang, resulting in a denial of service.\n(CVE-2015-1792)\n\nAs a security improvement, this update also modifies OpenSSL behaviour\nto reject DH key sizes below 768 bits, preventing a possible downgrade\nattack.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly