CVE-2015-0293
published 2015-03-19CVE-2015-0293: The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial…
PriorityP433medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
21.25%
97.3th percentile
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
Affected
41 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | os_x_yosemite_v10.10.4_and_security_update_2015-005 | — | — |
| cisco | products | — | — |
| debian | openssl | < openssl 1.0.0c-2 (bookworm) | openssl 1.0.0c-2 (bookworm) |
| openssl | openssl | <= 0.9.8ze | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv6.8MEDIUM
vendor_ubuntu6.8MEDIUM
vendor_cisco5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SCALANCE X-200RNA Switch Devices
cisa_ics·2022-12-19
Siemens SCALANCE X-200RNA Switch Devices
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens SCALANCE X-200RNA Switch Devices
Last RevisedDecember 19, 2022
Alert CodeICSA-22-349-21
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity/public exploits are available
- Vendor: Siemens
- Equipment: SCALANCE X-200RNA switch devices before V3.2.7
- Vulnerabilities: Observable Timing Discrepancy; Race Condition; Improper Restriction of Operations within the Bounds of a Memory Buffer; Improper Input Validation; NULL Pointer Dereference; Use After Free; Cryptographic Issues; Comparison of Incompatible Types; Resource Management
CISA ICS
Rockwell Automation Stratix 5900
cisa_ics·2017-05-10
Rockwell Automation Stratix 5900
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Rockwell Automation Stratix 5900
Last RevisedMay 10, 2017
Alert CodeICSA-17-094-04
## CVSS v3 10.0
ATTENTION: Remotely exploitable/low skill level to exploit.
Vendor: Rockwell Automation
Equipment: Stratix 5900
Vulnerabilities: Improper Input Validation, Resource Management Errors, Improper Authentication, Path Traversal.
## REPOSTED INFORMATION
This advisory was originally posted to the NCCIC Portal on April 4, 2017, and is being released to the NCCIC/ICS-CERT web site.
## AFFECTED PRODUCTS
Rockwell Automation reports that these vulnerabilities affect the following Strat
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco·2015-03-20·CVSS 5.0
CVE-2015-0207 [MEDIUM] CWE-119 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows:
CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability
CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability
CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerability
CVE-2015-
Red Hat
openssl: assertion failure in SSLv2 servers
vendor_redhat·2015-03-19·CVSS 5.0
CVE-2015-0293 [MEDIUM] CWE-617 openssl: assertion failure in SSLv2 servers
openssl: assertion failure in SSLv2 servers
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.
Package: openssl097a (Red Hat Enterprise Linux 5) - Will not fix
Package: mingw-virt-viewer (Red Hat Enterprise Virtualization 3) - Will not fix
Package: openssl (Red Hat JBoss Enterprise Application Platform 5) - Will not f
BSD
FreeBSD-SA-15:06.openssl: Multiple OpenSSL vulnerabilities
bsd_advisories·2015-03-19·CVSS 6.8
CVE-2015-0204 [MEDIUM] FreeBSD-SA-15:06.openssl: Multiple OpenSSL vulnerabilities
FreeBSD-SA-15:06.openssl Security Advisory
The FreeBSD Project
Topic: Multiple OpenSSL vulnerabilities
Category: contrib
Module: openssl
Announced: 2015-03-19; Last revised on 2015-03-20.
Affects: All supported versions of FreeBSD.
Corrected: 2015-03-20 07:11:20 UTC (stable/10, 10.1-STABLE)
2015-03-20 07:12:02 UTC (releng/10.1, 10.1-RELEASE-p8)
2015-03-20 07:11:20 UTC (stable/9, 9.3-STABLE)
2015-03-20 07:12:02 UTC (releng/9.3, 9.3-RELEASE-p12)
2015-03-20 07:11:20 UTC (stable/8, 8.4-STABLE)
2015-03-20 07:12:02 UTC (releng/8.4, 8.4-RELEASE-p26)
CVE Name: CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288,
CVE-2015-0289, CVE-2015-0293
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following secti
Ubuntu
OpenSSL vulnerabilities
vendor_ubuntu·2015-03-19·CVSS 6.8
CVE-2015-0209 [MEDIUM] OpenSSL vulnerabilities
Title: OpenSSL vulnerabilities
Summary: Several security issues were fixed in OpenSSL.
It was discovered that OpenSSL incorrectly handled malformed EC private key
files. A remote attacker could possibly use this issue to cause OpenSSL to
crash, resulting in a denial of service, or execute arbitrary code.
(CVE-2015-0209)
Stephen Henson discovered that OpenSSL incorrectly handled comparing ASN.1
boolean types. A remote attacker could possibly use this issue to cause
OpenSSL to crash, resulting in a denial of service. (CVE-2015-0286)
Emilia Käsper discovered that OpenSSL incorrectly handled ASN.1 structure
reuse. A remote attacker could possibly use this issue to cause OpenSSL to
crash, resulting in a denial of service, or execute arbitrary code.
(CVE-2015-0287)
Brian Carpenter discovere
Debian
CVE-2015-0293: openssl - The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 b...
vendor_debian·2015·CVSS 5.0
CVE-2015-0293 [MEDIUM] CVE-2015-0293: openssl - The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 b...
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
Scope: local
bookworm: resolved (fixed in 1.0.0c-2)
bullseye: resolved (fixed in 1.0.0c-2)
forky: resolved (fixed in 1.0.0c-2)
sid: resolved (fixed in 1.0.0c-2)
trixie: resolved (fixed in 1.0.0c-2)
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0286 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0286: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0292 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0292: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-1787 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-1787: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0289 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0289: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0288 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0288: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0209 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0209: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Apple
CVE-2015-0293: OS X Yosemite v10.10.4 and Security Update 2015-005
vendor_apple·CVSS 5.0
CVE-2015-0293 [MEDIUM] CVE-2015-0293: OS X Yosemite v10.10.4 and Security Update 2015-005
Apple Security Update: About the security content of OS X Yosemite v10.10.4 and Security Update 2015-005
Product: OS X Yosemite v10.10.4 and Security Update 2015-005
CVE: CVE-2015-0293
Component: CVE-2015-0293
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0208 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0208: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0207 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0207: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0290 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0290: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0291 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0291: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0287 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0287: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0285 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0285: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
Cisco
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
vendor_cisco
CVE-2015-0293 Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
CVE-2015-0293: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerabili
GHSA
GHSA-gmcw-2hjf-2h3x: The SSLv2 implementation in OpenSSL before 0
ghsa_unreviewed·2022-05-14
CVE-2015-0293 [MEDIUM] CWE-20 GHSA-gmcw-2hjf-2h3x: The SSLv2 implementation in OpenSSL before 0
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
OSV
CVE-2015-0293: The SSLv2 implementation in OpenSSL before 0
osv·2015-03-19·CVSS 5.0
CVE-2015-0293 [MEDIUM] CVE-2015-0293: The SSLv2 implementation in OpenSSL before 0
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
OSV
openssl vulnerabilities
osv·2015-03-19·CVSS 6.8
CVE-2015-0209 [MEDIUM] openssl vulnerabilities
openssl vulnerabilities
It was discovered that OpenSSL incorrectly handled malformed EC private key
files. A remote attacker could possibly use this issue to cause OpenSSL to
crash, resulting in a denial of service, or execute arbitrary code.
(CVE-2015-0209)
Stephen Henson discovered that OpenSSL incorrectly handled comparing ASN.1
boolean types. A remote attacker could possibly use this issue to cause
OpenSSL to crash, resulting in a denial of service. (CVE-2015-0286)
Emilia Käsper discovered that OpenSSL incorrectly handled ASN.1 structure
reuse. A remote attacker could possibly use this issue to cause OpenSSL to
crash, resulting in a denial of service, or execute arbitrary code.
(CVE-2015-0287)
Brian Carpenter discovered that OpenSSL incorrectly handled invalid
certificate keys. A r
No detection rules found.
No public exploits indexed.
HackerOne
Bleichenbacher oracle in SSLv2 (CVE-2016-0704)
hackerone·2016-06-01·CVSS 5.0
CVE-2016-0704 [MEDIUM] Bleichenbacher oracle in SSLv2 (CVE-2016-0704)
Bleichenbacher oracle in SSLv2 (CVE-2016-0704)
I'm retroactively submitting CVE-2016-0704, a.k.a. "Leaky Export", which is a Bleichenbacher-style bug that leads to another variant of the Special DROWN attack. I'm submitting on behalf of myself and J. Alex Halderman, as we independently found this bug. This was validated by OpenSSL as Sev:Moderate at https://www.openssl.org/news/secadv/20160301.txt.
See https://drownattack.com for more information.
This issue only affected versions of OpenSSL prior to March 19th 2015 at which
time the code was refactored to address the vulnerability CVE-2015-0293.
s2_srvr.c overwrite the wrong bytes in the master-key when applying
Bleichenbacher protection for export cipher suites. This provides a
Bleichenbacher oracle, and could potentially allow more
HackerOne
Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)
hackerone·2016-06-01·CVSS 5.0
CVE-2016-0703 [MEDIUM] Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)
Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)
This is a retroactive submission of CVE-2016-0703, a.k.a. the "Extra Clear" bug, which can lead to the Special DROWN variant of the DROWN attack. After some discussion with the other DROWN authors, I'm submitting on behalf of myself (David Adrian) and J. Alex Halderman the vulnerability CVE-2016-0703, which was acknowledged by OpenSSL as Sev:High at https://www.openssl.org/news/secadv/20160301.txt.
This issue only affected versions of OpenSSL prior to March 19th 2015 at which
time the code was refactored to address vulnerability CVE-2015-0293.
s2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers. If
clear-key bytes are present for these ciphers, they *displace* encrypted-key
bytes. This leads to an e
Bugzilla
CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers
bugzilla·2016-02-22·CVSS 5.0
CVE-2016-0704 [MEDIUM] CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers
CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers
Quoting upstream advisory:
This issue only affected versions of OpenSSL prior to March 19th 2015 at which
time the code was refactored to address the vulnerability CVE-2015-0293.
s2_srvr.c overwrite the wrong bytes in the master-key when applying
Bleichenbacher protection for export cipher suites. This provides a
Bleichenbacher oracle, and could potentially allow more efficient variants of
the DROWN attack.
This issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all
earlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf
(released March 19th 2015).
This issue was reported to OpenSSL on February 10th 2016 by David Adrian and J.
Alex Halderman of the Univ
Bugzilla
CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)
bugzilla·2016-02-22·CVSS 5.0
CVE-2016-0800 [MEDIUM] CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)
CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)
A group of security researchers discovered that SSLv2 (Secure Sockets Layer protocol version 2.0) is vulnerable to the Bleichenbacher RSA padding oracle attack, which can be used to decrypt RSA cipher text without knowledge of the matching private RSA key by observing responses form a server that has the private key and performs decryption of attacker provided cipher texts using that key. This flaw is a SSLv2 protocol issue and affects all implementations of the protocol.
They also demonstrated a cross-protocol attack which allows them to decrypt SSL/TLS sessions using newer protocol versions - SSLv3 or any current TLS (Transport Layer Security) version (1.0 - 1.2) - using this SSLv2 weakness. This cross-protocol att
Bugzilla
CVE-2016-0703 openssl: Divide-and-conquer session key recovery in SSLv2
bugzilla·2016-02-22·CVSS 5.0
CVE-2016-0703 [MEDIUM] CVE-2016-0703 openssl: Divide-and-conquer session key recovery in SSLv2
CVE-2016-0703 openssl: Divide-and-conquer session key recovery in SSLv2
Quoting upstream advisory:
This issue only affected versions of OpenSSL prior to March 19th 2015 at which
time the code was refactored to address vulnerability CVE-2015-0293.
s2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers. If
clear-key bytes are present for these ciphers, they *displace* encrypted-key
bytes. This leads to an efficient divide-and-conquer key recovery attack: if an
eavesdropper has intercepted an SSLv2 handshake, they can use the server as an
oracle to determine the SSLv2 master-key, using only 16 connections to the
server and negligible computation.
More importantly, this leads to a more efficient version of DROWN that is
effective against non-export ciphersuites, and re
Bugzilla
CVE-2015-0209 CVE-2015-0293 CVE-2015-0287 CVE-2015-0286 CVE-2015-0289 CVE-2015-0288 mingw-openssl: various flaws [epel-7]
bugzilla·2015-03-19·CVSS 6.8
CVE-2015-0209 [MEDIUM] CVE-2015-0209 CVE-2015-0293 CVE-2015-0287 CVE-2015-0286 CVE-2015-0289 CVE-2015-0288 mingw-openssl: various flaws [epel-7]
CVE-2015-0209 CVE-2015-0293 CVE-2015-0287 CVE-2015-0286 CVE-2015-0289 CVE-2015-0288 mingw-openssl: various flaws [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-7
Bugzilla
CVE-2015-0209 CVE-2015-0293 CVE-2015-0287 CVE-2015-0286 CVE-2015-0289 CVE-2015-0288 mingw-openssl: various flaws [fedora-all]
bugzilla·2015-03-19·CVSS 6.8
CVE-2015-0209 [MEDIUM] CVE-2015-0209 CVE-2015-0293 CVE-2015-0287 CVE-2015-0286 CVE-2015-0289 CVE-2015-0288 mingw-openssl: various flaws [fedora-all]
CVE-2015-0209 CVE-2015-0293 CVE-2015-0287 CVE-2015-0286 CVE-2015-0289 CVE-2015-0288 mingw-openssl: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: th
Bugzilla
CVE-2015-0293 openssl: assertion failure in SSLv2 servers
bugzilla·2015-03-16·CVSS 5.0
CVE-2015-0293 [MEDIUM] CVE-2015-0293 openssl: assertion failure in SSLv2 servers
CVE-2015-0293 openssl: assertion failure in SSLv2 servers
A malicious client can trigger an OPENSSL_assert (i.e., an abort) in
servers that both support SSLv2 and enable export cipher suites by sending
a specially crafted SSLv2 CLIENT-MASTER-KEY message.
This issue affects OpenSSL versions: 1.0.2, 1.0.1, 1.0.0, and 0.9.8. This issue is fixed in versions: 1.0.2a, 1.0.1m, 1.0.0r, and 0.9.8zf.
Acknowledgements:
Name: the OpenSSL project
Upstream: Sean Burford (Google), Emilia Käsper (the OpenSSL development team)
Discussion:
External References:
https://openssl.org/news/secadv_20150319.txt
https://access.redhat.com/articles/1384453
---
Upstream commit:
https://git.openssl.org/?p=openssl.git;a=commitdiff;h=86f8fb0e344d62454f8daf3e15236b2b59210756
---
Commit correcting integer signe
Bugzilla
CVE-2015-0292 CVE-2015-0209 CVE-2015-0287 CVE-2015-0286 CVE-2015-0289 CVE-2015-0288 openssl: various flaws [fedora-all]
bugzilla·2015-02-26·CVSS 6.8
CVE-2015-0292 [MEDIUM] CVE-2015-0292 CVE-2015-0209 CVE-2015-0287 CVE-2015-0286 CVE-2015-0289 CVE-2015-0288 openssl: various flaws [fedora-all]
CVE-2015-0292 CVE-2015-0209 CVE-2015-0287 CVE-2015-0286 CVE-2015-0289 CVE-2015-0288 openssl: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this iss
Tenable
[R3] LCE 5.0.0 Fixes Multiple Third-party Library Vulnerabilities
blogs_tenable·2017-01-31
[R3] LCE 5.0.0 Fixes Multiple Third-party Library Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
[R6] OpenSSL '20150319' Advisory Affects Tenable Products
blogs_tenable·2015-03-29
[R6] OpenSSL '20150319' Advisory Affects Tenable Products
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
arXiv
Server-side verification of client behavior in cryptographic protocols
arxiv_fulltext·2016-03-13·CVSS 7.5
[HIGH] Server-side verification of client behavior in cryptographic protocols
Server-side Verification of Client Behavior in Cryptographic Protocols
tabularccccc
Andrew Chi & Robert Cochran & Marie Nesfield & Michael K.\ Reiter & Cynthia Sturton\ 10pt]
5cUniversity of North Carolina
5cChapel Hill, NC, USA
tabular
empty
### Abstract
Numerous exploits of client-server protocols and applications involve
modifying clients to behave in ways that untampered clients would not,
such as crafting malicious packets. In this paper, we demonstrate
practical verification of a cryptographic protocol client's messaging
behavior as being consistent with the client program it is believed to
be running. Moreover, we accomplish this without modifying the client
in any way, and without knowing all of the client-side inputs driving
its behavior. Our toolchain for verifying a client'
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00022.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.htmlhttp://lists.opensuse.org/opensuse-updates/2015-03/msg00062.htmlhttp://marc.info/?l=bugtraq&m=143213830203296&w=2http://marc.info/?l=bugtraq&m=143748090628601&w=2http://marc.info/?l=bugtraq&m=144050155601375&w=2http://marc.info/?l=bugtraq&m=144050297101809&w=2http://rhn.redhat.com/errata/RHSA-2015-0715.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0716.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0752.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0800.htmlhttp://support.apple.com/kb/HT204942http://www.mandriva.com/security/advisories?name=MDVSA-2015:062http://www.mandriva.com/security/advisories?name=MDVSA-2015:063http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlhttp://www.securityfocus.com/bid/73232http://www.securitytracker.com/id/1031929http://www.ubuntu.com/usn/USN-2537-1https://access.redhat.com/articles/1384453https://bto.bluecoat.com/security-advisory/sa92https://bugzilla.redhat.com/show_bug.cgi?id=1202404https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfhttps://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=86f8fb0e344d62454f8daf3e15236b2b59210756https://kc.mcafee.com/corporate/index?page=content&id=SB10110https://security.gentoo.org/glsa/201503-11https://support.citrix.com/article/CTX216642https://www.freebsd.org/security/advisories/FreeBSD-SA-15%3A06.openssl.aschttps://www.openssl.org/news/secadv_20150319.txthttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00022.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.htmlhttp://lists.opensuse.org/opensuse-updates/2015-03/msg00062.htmlhttp://marc.info/?l=bugtraq&m=143213830203296&w=2http://marc.info/?l=bugtraq&m=143748090628601&w=2http://marc.info/?l=bugtraq&m=144050155601375&w=2http://marc.info/?l=bugtraq&m=144050297101809&w=2http://rhn.redhat.com/errata/RHSA-2015-0715.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0716.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0752.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0800.htmlhttp://support.apple.com/kb/HT204942http://www.mandriva.com/security/advisories?name=MDVSA-2015:062http://www.mandriva.com/security/advisories?name=MDVSA-2015:063http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlhttp://www.securityfocus.com/bid/73232http://www.securitytracker.com/id/1031929http://www.ubuntu.com/usn/USN-2537-1https://access.redhat.com/articles/1384453https://bto.bluecoat.com/security-advisory/sa92
+ 8 more references
2015-03-19
Published