CVE-2015-0285 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Openssl

CWE-310 CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-20 — Improper Input Validation CWE-335 — Incorrect Usage of Seeds in Pseudo-Random Number Generator21 documents7 sources

Severity

4.3MEDIUMNVD

EPSS

8.5%

top 7.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openssl Cisco Products Debian Openssl

Timeline

PublishedMar 19

Latest updateDec 19

Description

The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force attack.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/openssl

▶NVDopenssl/openssl1.0.2

▶ciscocisco/products

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-8v72-7j9q-whx9: The ssl3_client_hello function in s3_clnt↗2022-05-14

▶

📋Vendor Advisories

CISA ICS

Siemens SCALANCE X-200RNA Switch Devices↗2022-12-19

▶

CISA ICS

Rockwell Automation Stratix 5900↗2017-05-10

▶

Cisco

Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products↗2015-03-20

▶

Red Hat

openssl: handshake with unseeded PRNG↗2015-03-19

▶

Debian

CVE-2015-0285: openssl - The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1.0.2a does ...↗2015

▶

💬Community

Bugzilla

CVE-2015-0285 openssl: handshake with unseeded PRNG↗2015-03-16

▶