OpenSSL ChangeCipherSpec Report

by Cody Dumont
June 10, 2014

As new threats emerge in networks, SecurityCenter customers are able to properly identify risk. This report identifies systems vulnerable to the new OpenSSL ChangeCipherSpec vulnerability. The report is available in the SecurityCenter Feed, an app store of dashboards, reports, and assets. The report can be easily located in the SecurityCenter Feed by selecting category Security Industry Trends, and then selecting tags SSL and Vulnerability. The report requirements are:

  • SecurityCenter 4.8.1
  • Nessus 5.2.6
  • LCE 4.2.2
  • PVS 4.0.2

This report provides SecurityCenter customers with a good summary of the new vulnerabilities recently discovered within OpenSSL.  There are six CVEs related to this new vulnerability. They are:

  • CVE-2014-0224 - SSL/TLS MITM Vulnerability
  • CVE-2014-0221 - DTLS recursion flaw
  • CVE-2014-0195 - DTLS invalid fragment vulnerability
  • CVE-2014-0198 - SSL_MODE_RELEASE_BUFFERS NULL pointer dereference
  • CVE-2010-5298 - SSL_MODE_RELEASE_BUFFERS session injection
  • CVE-2014-3470 - Anonymous ECDH Denial of Service

This report contains three chapters which focus on the six CVEs related to the OpenSSL ChangeCipherSpec vulnerability and OpenSSL vulnerabilities alike.

OpenSSL ChangeCipherSpec Summary: This chapter contains an executive level understanding of how vulnerable the systems have become.  

OpenSSL ChangeCipherSpec Vulnerabilities:  This chapter contains a vulnerability iterator based on the six CVEs related to OpenSSL ChangeCipherSpec vulnerabilities.  For each plugin associated with the CVEs, the vulnerability details and a list of affected systems is provided.

OpenSSL Vulnerabilities: This chapter contains a vulnerability iterator based on the six CVEs related to OpenSSL vulnerabilities.  For each plugin associated with the CVEs, the vulnerability details and a list of affected systems is provided.