| VID |
22653 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
According to its banner, the remote web server uses a version of OpenSSL older than 1.0.1k. Such versions may be affected by the following vulnerabilities :
- A NULL pointer dereference flaw exists when the SSLv3 option isn't enabled and an SSLv3 ClientHello is received. This allows a remote attacker, using an unexpected handshake, to crash the daemon. (CVE-2014-3569)
- The BIGNUM squaring (BN_sqr) implementation does not properly calculate the square of a BIGNUM value. This allows remote attackers to defeat cryptographic protection mechanisms. (CVE-2014-3570)
- A NULL pointer dereference flaw exists with dtls1_get_record when handling DTLS messages. A remote attacker, using a specially crafted DTLS message, can cause a denial of service. (CVE-2014-3571)
- A flaw exists with ECDH handshakes when using an ECDSA certificate without a ServerKeyExchange message. This allows a remote attacker to trigger a loss of forward secrecy from the ciphersuite. (CVE-2014-3572)
- A flaw exists when accepting non-DER variations of certificate signature algorithms and signature encodings due to a lack of enforcement of matches between signed
and unsigned portions. A remote attacker, by including crafted data within a certificate's unsigned portion, can bypass fingerprint-based certificate-blacklist protection mechanisms. (CVE-2014-8275)
- A flaw exists when handling an RSA temporary key in a non-export RSA key exchange ciphersuite. This allows a remote attacker to downgrade the security of the session. (CVE-2015-0204)
- A flaw exists when accepting DH certificates for client authentication without the CertificateVerify message. This allows a remote attacker to authenticate to the
service without a private key. (CVE-2015-0205)
- A memory leak occurs in dtls1_buffer_record when handling a saturation of DTLS records containing the same number sequence but for the next epoch. This allows a remote attacker to cause a denial of service. (CVE-2015-0206)
* References:
https://www.openssl.org/news/openssl-1.0.1-notes.html
https://www.openssl.org/news/secadv_20150108.txt
https://www.openssl.org/news/vulnerabilities.html
* Platforms Affected:
OpenSSL 1.0.1 before 1.0.1k |
| Recommendation |
Upgrade to the latest version of OpenSSL (1.0.0k or later), available from the OpenSSL Web site at http://www.openssl.org/ |
| Related URL |
CVE-2014-3569,CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-8275,CVE-2015-0204,CVE-2015-0205,CVE-2015-0206 (CVE) |
| Related URL |
71934,71935,71936,71937,71939,71940,71941,71942 (SecurityFocus) |
| Related URL |
(ISS) |
|
