CVE-2015-1637
published 2015-03-06CVE-2015-1637: Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows…
PriorityP430medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
13.15%
95.9th percentile
Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1067.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | iphone_os | <= 8.1.3 | — |
| apple | mac_os_x | <= 10.10.2 | — |
| apple | tvos | <= 7.0.3 | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2cqr-v8j2-59fq: Secure Transport in Apple iOS before 8
ghsa_unreviewed·2022-05-14·CVSS 4.3
CVE-2015-1067 [MEDIUM] GHSA-2cqr-v8j2-59fq: Secure Transport in Apple iOS before 8
Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1637.
GHSA
GHSA-h5m2-xvgx-vpw7: Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, W
ghsa_unreviewed·2022-05-13·CVSS 4.3
CVE-2015-1637 [MEDIUM] GHSA-h5m2-xvgx-vpw7: Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, W
Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1067.
Suricata
ET EXPLOIT FREAK Weak Export Suite From Server (CVE-2015-0204)
suricata·2015-03-11·CVSS 4.3
CVE-2015-0204 [MEDIUM] ET EXPLOIT FREAK Weak Export Suite From Server (CVE-2015-0204)
ET EXPLOIT FREAK Weak Export Suite From Server (CVE-2015-0204)
Rule: alert tcp any [21,25,110,143,443,465,587,636,989:995,5061,5222] -> $HOME_NET any (msg:"ET EXPLOIT FREAK Weak Export Suite From Server (CVE-2015-0204)"; flow:established,to_client; content:"|16 03|"; depth:2; byte_test:1,<,4,0,relative; content:"|02|"; distance:3; within:1; byte_jump:1,37,relative; content:"|00 19|"; within:2; fast_pattern; threshold:type limit,track by_dst,count 1,seconds 1200; reference:url,blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html; reference:cve,2015-0204; reference:cve,2015-1637; classtype:bad-unknown; sid:2020661; rev:4; metadata:created_at 2015_03_11, cve CVE_2015_0204, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_
No public exploits indexed.
Tenable
Verizon 2016 DBIR – Most Interesting Things
blogs_tenable·2016-05-18
Verizon 2016 DBIR – Most Interesting Things
by Andrew Freeborn May 18, 2016
The Verizon Data Breach Investigation Report (DBIR), first published in 2008, is an annual publication that analyzes information security incidents from public and private organizations, with a focus on data breaches. Data breaches continue to have a major financial impact on organizations, as well as an impact on their reputations. Tenable Network Security offers dashboards and Assurance Report Cards (ARCs) that organizations can use to check themselves against the common threats described in the Verizon DBIR. As in previous years, the 2016 DBIR notes that a vast majority of all attacks fall into a few basic patterns. Throughout this and past years’ reports, suggestions are given for monitoring the network for each of these patterns. This dashboard can ass
Tenable
Verizon 2016 DBIR – Most Common Vulnerabilities
blogs_tenable·2016-05-18
Verizon 2016 DBIR – Most Common Vulnerabilities
by Andrew Freeborn May 18, 2016
The Verizon Data Breach Investigation Report (DBIR), first published in 2008, is an annual publication that analyzes information security incidents from public and private organizations, with a focus on data breaches. Data breaches continue to have a major financial impact on organizations, as well as an impact on their reputations. Tenable Network Security offers dashboards and Assurance Report Cards (ARCs) that can assist organizations in meeting many of the recommendations and best practices in the DBIR. As in previous years, the 2016 DBIR notes that a vast majority of all attacks fall into a few basic patterns. Throughout this and past years’ reports, suggestions are given for monitoring the network for each of these patterns. This ARC can assist an org
Talos
Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK
Patched
blogs_talos·2015-03-10·CVSS 9.3
[CRITICAL] Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK
Patched
## Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK
Patched
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins being released which address 45 CVEs. The first 5 bulletins are rated critical and address vulnerabilities within Internet Explorer, Office, Windows, and VBScript. The remaining 9 bulletins are rated important and cover vulnerabilities within Windows Kernel Mode Drivers, Exchange, Task Scheduler, Remote Desktop, SChannel, and the Microsoft Graphics component.
## Bulletins Rated Critical MS15-018, MS15-019, MS15-020, MS15-021, and MS15-022 are rated Critical.
MS15-018 addresses multiple vulnerabilities within Internet Explor
Talos
Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK
Patched
blogs_talos·2015-03-10·CVSS 9.3
[CRITICAL] Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK
Patched
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins being released which address 45 CVEs. The first 5 bulletins are rated critical and address vulnerabilities within Internet Explorer, Office, Windows, and VBScript. The remaining 9 bulletins are rated important and cover vulnerabilities within Windows Kernel Mode Drivers, Exchange, Task Scheduler, Remote Desktop, SChannel, and the Microsoft Graphics component.
### Bulletins Rated CriticalMS15-018, MS15-019, MS15-020, MS15-021, and MS15-022 are rated Critical.
MS15-018 addresses multiple vulnerabilities within Internet Explorer, versions 6 through 11. 12 CVEs were resolved this month, including CVE-2015-0
Qualys
Patch Tuesday March 2015 | Qualys
blogs_qualys·2015-03-10·CVSS 4.3
[MEDIUM] Patch Tuesday March 2015 | Qualys
It is March Patch Tuesday 2015, but similar to last month we are having more issues than expected in a normal month. Or maybe that is the new normal: patches from Microsoft, Adobe and a set of other security issues to deal with.
Before we get to these patches, it’s important to note that we also had two out-of-band issues this month: FREAK and Superfish.
### FREAK
FREAK is a vulnerability in SSL, discovered by the team at SMACKTLS. The vulnerability allows an attacker that has a Man-in-the-Middle (MITM) position to downgrade your computer’s SSL communication to an export grade cipher (512 bit RSA), which is breakable relatively quickly (< 24 hours). Once the attacker has the key she can eavesdrop on your communication and even modify it and redirect you to impostor sites. SMACKTLS has a
Qualys
Patch Tuesday March 2015 | Qualys
blogs_qualys·2015-03-10·CVSS 4.3
[MEDIUM] Patch Tuesday March 2015 | Qualys
It is March Patch Tuesday 2015, but similar to last month we are having more issues than expected in a normal month. Or maybe that is the new normal: patches from Microsoft, Adobe and a set of other security issues to deal with.
Before we get to these patches, it’s important to note that we also had two out-of-band issues this month: FREAK and Superfish.
## FREAK
FREAK is a vulnerability in SSL, discovered by the team at SMACKTLS. The vulnerability allows an attacker that has a Man-in-the-Middle (MITM) position to downgrade your computer’s SSL communication to an export grade cipher (512 bit RSA), which is breakable relatively quickly (< 24 hours). Once the attacker has the key she can eavesdrop on your communication and even modify it and redirect you to impostor sites. SMACKTLS has a
Bugzilla
CVE-2015-8380 pcre: OOB write when pcre_exec() is called with ovecsize of 1 (8.38/10)
bugzilla·2015-11-25·CVSS 7.5
CVE-2015-8380 [HIGH] CVE-2015-8380 pcre: OOB write when pcre_exec() is called with ovecsize of 1 (8.38/10)
CVE-2015-8380 pcre: OOB write when pcre_exec() is called with ovecsize of 1 (8.38/10)
A heap-based buffer overflow vulnerability was found in pcre_exec causing crash.
Upstream bug (contains reproducer):
https://bugs.exim.org/show_bug.cgi?id=1637
Upstream patch:
http://vcs.pcre.org/pcre?view=revision&revision=1565
CVE request:
http://seclists.org/oss-sec/2015/q4/363
Discussion:
Created pcre tracking bugs for this issue:
Affects: fedora-all [bug 1285415]
---
Upstream fixed it in 8.38 version.
Reproducer is passing "printf '//\n\\O1\n'" output to pcretest under valgrind.
---
Created attachment 1099151
Upstream fix
---
Created attachment 1099152
Fix ported to Fedora 22's 8.37 version
---
pcre-8.38-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still p
http://web.archive.org/web/20150321220028/https://freakattack.com/http://www.securityfocus.com/bid/72965http://www.securitytracker.com/id/1031833https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-031https://freakattack.com/https://technet.microsoft.com/library/security/3046015http://web.archive.org/web/20150321220028/https://freakattack.com/http://www.securityfocus.com/bid/72965http://www.securitytracker.com/id/1031833https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-031https://freakattack.com/https://technet.microsoft.com/library/security/3046015
2015-03-06
Published