CVE-2015-0208
published 2015-03-19CVE-2015-0208: The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote…
PriorityP429medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
33.48%
98.2th percentile
The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | products | — | — |
| debian | openssl | — | — |
| openssl | openssl | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
vendor_cisco5.0MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SCALANCE X-200RNA Switch Devices
cisa_ics·2022-12-19
Siemens SCALANCE X-200RNA Switch Devices
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens SCALANCE X-200RNA Switch Devices
Last RevisedDecember 19, 2022
Alert CodeICSA-22-349-21
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity/public exploits are available
- Vendor: Siemens
- Equipment: SCALANCE X-200RNA switch devices before V3.2.7
- Vulnerabilities: Observable Timing Discrepancy; Race Condition; Improper Restriction of Operations within the Bounds of a Memory Buffer; Improper Input Validation; NULL Pointer Dereference; Use After Free; Cryptographic Issues; Comparison of Incompatible Types; Resource Management
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco·2015-03-20·CVSS 5.0
CVE-2015-0207 [MEDIUM] CWE-119 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows:
CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability
CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability
CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerability
CVE-2015-
Red Hat
openssl: segmentation fault for invalid PSS parameters
vendor_redhat·2015-03-19·CVSS 4.3
CVE-2015-0208 [MEDIUM] CWE-476 openssl: segmentation fault for invalid PSS parameters
openssl: segmentation fault for invalid PSS parameters
The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature.
Statement: This issue did not affect the versions of openssl as shipped with Red Hat Enterprise Linux 5, 6, and 7.
Package: openssl (Red Hat Enterprise Linux 5) - Not affected
Package: openssl097a (Red Hat Enterprise Linux 5) - Not affected
Package: openssl (Red Hat Enterprise Linux 6) - Not affected
Package: openssl098e (Red Hat Enterprise Linux 6) - Not affected
Package: openssl (Red Hat Enterprise L
Debian
CVE-2015-0208: openssl - The ASN.1 signature-verification implementation in the rsa_item_verify function ...
vendor_debian·2015·CVSS 4.3
CVE-2015-0208 [MEDIUM] CVE-2015-0208: openssl - The ASN.1 signature-verification implementation in the rsa_item_verify function ...
The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0286 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0286: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0292 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0292: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-1787 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-1787: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0289 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0289: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0288 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0288: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0209 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0209: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0208 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0208: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0207 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0207: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0290 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0290: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0291 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0291: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0287 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0287: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0285 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0285: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0293 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0293: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
GHSA
GHSA-53qj-xqjg-44rj: The ASN
ghsa_unreviewed·2022-05-14
CVE-2015-0208 [MEDIUM] GHSA-53qj-xqjg-44rj: The ASN
The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature.
No detection rules found.
No public exploits indexed.
arXiv
Server-side verification of client behavior in cryptographic protocols
arxiv_fulltext·2016-03-13·CVSS 7.5
[HIGH] Server-side verification of client behavior in cryptographic protocols
Server-side Verification of Client Behavior in Cryptographic Protocols
tabularccccc
Andrew Chi & Robert Cochran & Marie Nesfield & Michael K.\ Reiter & Cynthia Sturton\ 10pt]
5cUniversity of North Carolina
5cChapel Hill, NC, USA
tabular
empty
### Abstract
Numerous exploits of client-server protocols and applications involve
modifying clients to behave in ways that untampered clients would not,
such as crafting malicious packets. In this paper, we demonstrate
practical verification of a cryptographic protocol client's messaging
behavior as being consistent with the client program it is believed to
be running. Moreover, we accomplish this without modifying the client
in any way, and without knowing all of the client-side inputs driving
its behavior. Our toolchain for verifying a client'
Bugzilla
CVE-2015-0208 openssl: segmentation fault for invalid PSS parameters
bugzilla·2015-03-16·CVSS 4.3
CVE-2015-0208 [MEDIUM] CVE-2015-0208 openssl: segmentation fault for invalid PSS parameters
CVE-2015-0208 openssl: segmentation fault for invalid PSS parameters
The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and invalid parameters. Since these routines are used to verify certificate signature algorithms, this flaw can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication.
This issue affects OpenSSL versions 1.0.2, and is fixed in version 1.0.2a.
Acknowledgements:
Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Stephen Henson of the OpenSSL development team as t
http://marc.info/?l=bugtraq&m=143748090628601&w=2http://marc.info/?l=bugtraq&m=144050155601375&w=2http://marc.info/?l=bugtraq&m=144050297101809&w=2http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://www.securityfocus.com/bid/73230http://www.securitytracker.com/id/1031929https://bto.bluecoat.com/security-advisory/sa92https://bugzilla.redhat.com/show_bug.cgi?id=1202369https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfhttps://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=4b22cce3812052fe64fc3f6d58d8cc884e3cb834https://kc.mcafee.com/corporate/index?page=content&id=SB10110https://security.gentoo.org/glsa/201503-11https://www.openssl.org/news/secadv_20150319.txthttp://marc.info/?l=bugtraq&m=143748090628601&w=2http://marc.info/?l=bugtraq&m=144050155601375&w=2http://marc.info/?l=bugtraq&m=144050297101809&w=2http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://www.securityfocus.com/bid/73230http://www.securitytracker.com/id/1031929https://bto.bluecoat.com/security-advisory/sa92https://bugzilla.redhat.com/show_bug.cgi?id=1202369https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfhttps://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=4b22cce3812052fe64fc3f6d58d8cc884e3cb834https://kc.mcafee.com/corporate/index?page=content&id=SB10110https://security.gentoo.org/glsa/201503-11https://www.openssl.org/news/secadv_20150319.txt
2015-03-19
Published