CVE-2015-0286

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature.

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680

http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html

http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html

http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.html

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00022.html

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html

http://lists.opensuse.org/opensuse-updates/2015-03/msg00062.html

http://marc.info/?l=bugtraq&m=142841429220765&w=2

http://marc.info/?l=bugtraq&m=143213830203296&w=2

http://marc.info/?l=bugtraq&m=143748090628601&w=2

http://marc.info/?l=bugtraq&m=144050155601375&w=2

http://marc.info/?l=bugtraq&m=144050254401665&w=2

http://marc.info/?l=bugtraq&m=144050297101809&w=2

http://rhn.redhat.com/errata/RHSA-2015-0715.html

http://rhn.redhat.com/errata/RHSA-2015-0716.html

http://rhn.redhat.com/errata/RHSA-2015-0752.html

http://rhn.redhat.com/errata/RHSA-2016-2957.html

http://support.apple.com/kb/HT204942

http://www.debian.org/security/2015/dsa-3197

http://www.fortiguard.com/advisory/2015-03-24-openssl-vulnerabilities-march-2015

http://www.mandriva.com/security/advisories?name=MDVSA-2015:062

http://www.mandriva.com/security/advisories?name=MDVSA-2015:063

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

http://www.securityfocus.com/bid/73225

http://www.securitytracker.com/id/1031929

http://www.securitytracker.com/id/1032917

http://www.ubuntu.com/usn/USN-2537-1

https://access.redhat.com/articles/1384453

https://bto.bluecoat.com/security-advisory/sa92

https://bugzilla.redhat.com/show_bug.cgi?id=1202366

https://git.openssl.org/?p=openssl.git;a=commit;h=c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1

https://kc.mcafee.com/corporate/index?page=content&id=SB10110

https://support.apple.com/HT205212

https://support.apple.com/HT205267

https://support.citrix.com/article/CTX216642

https://www.freebsd.org/security/advisories/FreeBSD-SA-15%3A06.openssl.asc

https://www.openssl.org/news/secadv_20150319.txt

Details

Source: MITRE

Published: 2015-03-19

Updated: 2018-01-05

Type: CWE-17

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions up to 0.9.8ze (inclusive)

cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*

Tenable Plugins

View all (62 total)

IDNameProductFamilySeverity
125001EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1548)NessusHuawei Local Security Checks
high
119963SUSE SLES12 Security Update : compat-openssl098 (SUSE-SU-2015:0553-1)NessusSuSE Local Security Checks
high
90526Cisco IOS XE Multiple OpenSSL Vulnerabilities (CSCut46130 / CSCut46126)NessusCISCO
high
90525Cisco IOS Multiple OpenSSL Vulnerabilities (CSCut46130)NessusCISCO
high
90251HP System Management Homepage < 7.2.6 Multiple Vulnerabilities (FREAK)NessusWeb Servers
high
89651openSUSE Security Update : libopenssl0_9_8 (openSUSE-2016-294) (DROWN) (FREAK) (POODLE)NessusSuSE Local Security Checks
critical
87672Puppet Enterprise Multiple OpenSSL Vulnerabilities (FREAK)NessusCGI abuses
high
87525SUSE SLED11 / SLES11 Security Update : mysql (SUSE-SU-2015:2303-1)NessusSuSE Local Security Checks
high
87442openSUSE Security Update : mysql (openSUSE-2015-889) (BACKRONYM)NessusSuSE Local Security Checks
high
8982Mac OS X < 10.11 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
86548MySQL Enterprise Monitor 2.3.x < 2.3.21 / 3.0.x < 3.0.23 Multiple VulnerabilitiesNessusCGI abuses
high
8979Apple iOS < 9.0 Multiple VulnerabilitiesNessus Network MonitorMobile Devices
critical
8801Mac OS X < 10.10.4 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
86270Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)NessusMacOS X Local Security Checks
critical
85987Apple iOS < 9.0 Multiple VulnerabilitiesNessusMobile Devices
critical
84998openSUSE Security Update : libressl (openSUSE-2015-507) (Logjam)NessusSuSE Local Security Checks
high
84923HP System Management Homepage 7.3.x / 7.4.x < 7.5.0 Multiple Vulnerabilities (FREAK)NessusWeb Servers
high
84795Oracle Secure Global Desktop Multiple Vulnerabilities (July 2015 CPU)NessusMisc.
high
84489Mac OS X Multiple Vulnerabilities (Security Update 2015-005) (GHOST) (Logjam)NessusMacOS X Local Security Checks
critical
84488Mac OS X 10.10.x < 10.10.4 Multiple Vulnerabilities (GHOST) (Logjam)NessusMacOS X Local Security Checks
critical
84400Blue Coat ProxySG 6.2.x < 6.2.16.4 / 6.5.x < 6.5.7.5 / 6.6.x < 6.6.2.1 Multiple OpenSSL VulnerabilitiesNessusFirewalls
high
83992Splunk Enterprise 5.0.x < 5.0.13 / 6.0.x < 6.0.9 / 6.1.x < 6.1.8 OpenSSL Vulnerabilities (FREAK)NessusCGI abuses
high
83703SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:0541-1)NessusSuSE Local Security Checks
medium
83527Apache Tomcat 8.0.x < 8.0.21 Multiple Vulnerabilities (FREAK)NessusWeb Servers
high
83526Apache Tomcat 7.0.x < 7.0.60 Multiple Vulnerabilities (FREAK)NessusWeb Servers
high
83490Apache Tomcat 6.0.x < 6.0.44 Multiple Vulnerabilities (FREAK)NessusWeb Servers
high
83238Fedora 21 : mingw-openssl-1.0.2a-1.fc21 (2015-6855)NessusFedora Local Security Checks
medium
83216Fedora 22 : mingw-openssl-1.0.2a-1.fc22 (2015-6951)NessusFedora Local Security Checks
medium
82922Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2015-111-09)NessusSlackware Local Security Checks
medium
82900AIX OpenSSL Advisory : openssl_advisory13.ascNessusAIX Local Security Checks
high
82576F5 Networks BIG-IP : OpenSSL vulnerability (K16317)NessusF5 Networks Local Security Checks
medium
82494RHEL 6 : Storage Server (RHSA-2015:0752)NessusRed Hat Local Security Checks
high
82316Mandriva Linux Security Advisory : openssl (MDVSA-2015:063)NessusMandriva Local Security Checks
medium
82315Mandriva Linux Security Advisory : openssl (MDVSA-2015:062)NessusMandriva Local Security Checks
high
8662OpenSSL 0.9.8 < 0.9.8zf / 1.0.0 < 1.0.0r / 1.0.1 < 1.0.1m Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium
8661OpenSSL 1.0.2 < 1.0.2a Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium
82266Scientific Linux Security Update : openssl on SL7.x x86_64 (20150324)NessusScientific Linux Local Security Checks
high
82265Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20150324)NessusScientific Linux Local Security Checks
high
82162Debian DLA-177-1 : openssl security updateNessusDebian Local Security Checks
high
82077stunnel < 5.12 OpenSSL Multiple VulnerabilitiesNessusWindows
medium
82066OracleVM 3.3 : openssl (OVMSA-2015-0039)NessusOracleVM Local Security Checks
high
82060Fedora 22 : openssl-1.0.1k-6.fc22 (2015-4320)NessusFedora Local Security Checks
high
82059Fedora 21 : openssl-1.0.1k-6.fc21 (2015-4303)NessusFedora Local Security Checks
high
82058Fedora 20 : openssl-1.0.1e-42.fc20 (2015-4300)NessusFedora Local Security Checks
high
82047Amazon Linux AMI : openssl (ALAS-2015-498)NessusAmazon Linux Local Security Checks
medium
82033OpenSSL 1.0.2 < 1.0.2a Multiple VulnerabilitiesNessusWeb Servers
medium
82032OpenSSL 1.0.1 < 1.0.1m Multiple VulnerabilitiesNessusWeb Servers
medium
82031OpenSSL 1.0.0 < 1.0.0r Multiple VulnerabilitiesNessusWeb Servers
medium
82030OpenSSL 0.9.8 < 0.9.8zf Multiple VulnerabilitiesNessusWeb Servers
medium
82018RHEL 7 : openssl (RHSA-2015:0716)NessusRed Hat Local Security Checks
medium
82017RHEL 6 : openssl (RHSA-2015:0715)NessusRed Hat Local Security Checks
high
82016Oracle Linux 7 : openssl (ELSA-2015-0716)NessusOracle Linux Local Security Checks
medium
82015Oracle Linux 6 : openssl (ELSA-2015-0715)NessusOracle Linux Local Security Checks
high
81998CentOS 7 : openssl (CESA-2015:0716)NessusCentOS Local Security Checks
high
81997CentOS 6 : openssl (CESA-2015:0715)NessusCentOS Local Security Checks
high
81996SuSE 11.3 Security Update : OpenSSL (SAT Patch Number 10481)NessusSuSE Local Security Checks
high
81995openSUSE Security Update : openssl (openSUSE-2015-247)NessusSuSE Local Security Checks
medium
81971Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : openssl vulnerabilities (USN-2537-1)NessusUbuntu Local Security Checks
high
81970SuSE 11.3 Security Update : OpenSSL (SAT Patch Number 10470)NessusSuSE Local Security Checks
high
81962FreeBSD : OpenSSL -- multiple vulnerabilities (9d15355b-ce7c-11e4-9db0-d050992ecde8) (FREAK)NessusFreeBSD Local Security Checks
high
81955Debian DSA-3197-1 : openssl - security updateNessusDebian Local Security Checks
high
801937OpenSSL < 0.9.8zf / 1.0.0r / 1.0.1m / 1.0.2a Multiple VulnerabilitiesLog Correlation EngineWeb Servers
medium