The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate.

According to the web server's banner, the version of HP System Management Homepage (SMH) hosted on the remote web server is a version prior to 7.5.4. It is, therefore, affected by the following vulnerabilities :

  - A denial of service vulnerability exists when processing     an ECParameters structure due to an infinite loop that     occurs when a specified curve is over a malformed binary     polynomial field. A remote attacker can exploit this to     perform a denial of service against any system that     processes public keys, certificate requests, or     certificates. This includes TLS clients and TLS servers     with client authentication enabled. (CVE-2015-1788) 

  - A denial of service vulnerability exists due to improper     validation of the content and length of the ASN1_TIME     string by the X509_cmp_time() function. A remote     attacker can exploit this, via a malformed certificate     and CRLs of various sizes, to cause a segmentation     fault, resulting in a denial of service condition. TLS     clients that verify CRLs are affected. TLS clients and     servers with client authentication enabled may be     affected if they use custom verification callbacks.
    (CVE-2015-1789)

  - A NULL pointer dereference flaw exists in the PKCS#7     parsing code due to incorrect handling of missing inner     'EncryptedContent'. This allows a remote attacker, via     specially crafted ASN.1-encoded PKCS#7 blobs with     missing content, to cause a denial of service condition     or other potential unspecified impacts. (CVE-2015-1790)

  - A double-free error exists due to a race condition that     occurs when a NewSessionTicket is received by a     multi-threaded client when attempting to reuse a     previous ticket. (CVE-2015-1791)

  - A denial of service vulnerability exists in the CMS code     due to an infinite loop that occurs when verifying a     signedData message. A remote attacker can exploit this     to cause a denial of service condition. (CVE-2015-1792)

  - A certificate validation bypass vulnerability exists in     the Security:Encryption subcomponent due to a flaw in     the X509_verify_cert() function in x509_vfy.c that is     triggered when locating alternate certificate chains     when the first attempt to build such a chain fails. A     remote attacker can exploit this, by using a valid leaf     certificate as a certificate authority (CA), to issue     invalid certificates that will bypass authentication.
    (CVE-2015-1793)

  - A cross-request authentication bypass vulnerability     exists in libcurl due to the use of an existing,     authenticated connection when performing a subsequent     unauthenticated NTLM HTTP request. An attacker can     exploit this to bypass authentication mechanisms.
    (CVE-2015-3143)

  - A denial of service vulnerability exists in libcurl due     to a flaw in the sanitize_cookie_path() function that is     triggered when handling a cookie path element that     consists of a single double-quote. An attacker can     exploit this to cause the application to crash.
    (CVE-2015-3145)

  - A cross-request authentication bypass vulnerability     exists in libcurl due to a flaw that is triggered when a     request is 'Negotiate' authenticated, which can cause     the program to treat the entire connection as     authenticated rather than just that specific request. An     attacker can exploit this to bypass authentication     mechanisms for subsequent requests. (CVE-2015-3148)

  - A man-in-the-middle vulnerability, known as Logjam,     exists due to a flaw in the SSL/TLS protocol. A remote     attacker can exploit this flaw to downgrade connections     using ephemeral Diffie-Hellman key exchange to 512-bit     export-grade cryptography. (CVE-2015-4000)

  - A flaw exists in the multipart_buffer_headers() function     in rfc1867.c due to improper handling of     multipart/form-data in HTTP requests. A remote attacker     can exploit this flaw to cause a consumption of CPU     resources, resulting in a denial of service condition.
    (CVE-2015-4024)

  - An unspecified flaw exists that allows an authenticated,     remote attacker to impact confidentiality and integrity.
    (CVE-2016-1993)

  - An unspecified information disclosure vulnerability     exists that allows an authenticated, remote attacker to     gain unauthorized access to information. (CVE-2016-1994)

  - An unspecified remote code execution vulnerability     exists that allows an unauthenticated, remote attacker     to take complete control of the system. (CVE-2016-1995)

  - An unspecified flaw exists that allows a local attacker     to impact confidentiality and integrity. (CVE-2016-1996)

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple unspecified vulnerabilities in the following subcomponents of the Enterprise Manager Base Platform component :

  - Agent Next Gen
  - Discovery Framework
  - Loader Service
  - UI Framework

Note that the product was formerly known as Enterprise Manager Grid Control.

The mysql package was updated to version 5.5.46 to fixs several security and non security issues.

  - bnc#951391: update to version 5.5.46

  - changes:
    http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-     46.html

  - fixed CVEs: CVE-2015-1793, CVE-2015-0286, CVE-2015-0288,     CVE-2015-1789, CVE-2015-4730, CVE-2015-4766,     CVE-2015-4792, CVE-2015-4800, CVE-2015-4802,     CVE-2015-4815, CVE-2015-4816, CVE-2015-4819,     CVE-2015-4826, CVE-2015-4830, CVE-2015-4833,     CVE-2015-4836, CVE-2015-4858, CVE-2015-4861,     CVE-2015-4862, CVE-2015-4864, CVE-2015-4866,     CVE-2015-4870, CVE-2015-4879, CVE-2015-4890,     CVE-2015-4895, CVE-2015-4904, CVE-2015-4905,     CVE-2015-4910, CVE-2015-4913

  - bnc#952196: Fixed a build error for ppc*, s390* and ia64     architectures.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

MySQL was updated to 5.6.27 to fix security issues and bugs.

The following vulnerabilities were fixed as part of the upstream release [boo#951391]: CVE-2015-1793, CVE-2015-0286, CVE-2015-0288, CVE-2015-1789, CVE-2015-4730, CVE-2015-4766, CVE-2015-4792, CVE-2015-4800, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4833, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4862, CVE-2015-4864, CVE-2015-4866, CVE-2015-4870, CVE-2015-4879, CVE-2015-4890, CVE-2015-4895, CVE-2015-4904, CVE-2015-4905, CVE-2015-4910, CVE-2015-4913

Details on these and other changes can be found at:
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-27.html

The following security relevant changes are included additionally :

  - CVE-2015-3152: MySQL lacked SSL enforcement. Using
    --ssl-verify-server-cert and --ssl[-*] implies that the     ssl connection is required. The mysql client will now     print an error if ssl is required, but the server can     not handle a ssl connection [boo#924663], [boo#928962]

The version of Oracle MySQL installed on the remote host is 5.6.x prior to 5.6.26. It is, therefore, affected by the following vulnerabilities :

  - A certificate validation bypass vulnerability exists in     the Security:Encryption subcomponent due to a flaw in     the X509_verify_cert() function in x509_vfy.c that is     triggered when locating alternate certificate chains     when the first attempt to build such a chain fails. A     remote attacker can exploit this, by using a valid leaf     certificate as a certificate authority (CA), to issue     invalid certificates that will bypass authentication.
    (CVE-2015-1793)

  - An unspecified flaw exists in the Client Programs     subcomponent. A local attacker can exploit this to gain     elevated privileges. (CVE-2015-4819)

  - An unspecified flaw exists in the DLM subcomponent.
    An authenticated, remote attacker can exploit this to     impact integrity. (CVE-2015-4879)

Additionally, unspecified denial of service vulnerabilities exist in the following MySQL subcomponents :

  - InnoDB (CVE-2015-4895)

  - libmysqld (CVE-2015-4904)

  - Partition (CVE-2015-4833)

  - Security:Firewall (CVE-2015-4766)

The version of MySQL running on the remote host is 5.6.x prior to 5.6.27. It is, therefore, potentially affected by the following vulnerabilities :

  - A certificate validation bypass vulnerability exists in     the Security:Encryption subcomponent due to a flaw in     the X509_verify_cert() function in x509_vfy.c that is     triggered when locating alternate certificate chains     when the first attempt to build such a chain fails. A     remote attacker can exploit this, by using a valid leaf     certificate as a certificate authority (CA), to issue     invalid certificates that will bypass authentication.
    (CVE-2015-1793)

  - An unspecified flaw exists in the Client Programs     subcomponent. A local attacker can exploit this to gain     elevated privileges. (CVE-2015-4819)

  - An unspecified flaw exists in the Types subcomponent.
    An authenticated, remote attacker can exploit this to     gain access to sensitive information. (CVE-2015-4826)

  - An unspecified flaws exist in the Security:Privileges     subcomponent. An authenticated, remote attacker can     exploit these to impact integrity. (CVE-2015-4830,     CVE-2015-4864)

  - An unspecified flaw exists in the DLM subcomponent.
    An authenticated, remote attacker can exploit this to     impact integrity. (CVE-2015-4879)

  - An unspecified flaw exists in the Server Security     Encryption subcomponent that allows an authenticated,     remote attacker to disclose sensitive information.
    (CVE-2015-7744)

Additionally, unspecified denial of service vulnerabilities can also exist in the following MySQL subcomponents :

  - DDL (CVE-2015-4815)

  - DML (CVE-2015-4858, CVE-2015-4862, CVE-2015-4905,     CVE-2015-4913)

  - InnoDB (CVE-2015-4861, CVE-2015-4866, CVE-2015-4895)

  - libmysqld (CVE-2015-4904)

  - Memcached (CVE-2015-4910)

  - Optimizer (CVE-2015-4800)

  - Parser (CVE-2015-4870)

  - Partition (CVE-2015-4792, CVE-2015-4802, CVE-2015-4833)

  - Query (CVE-2015-4807)

  - Replication (CVE-2015-4890)

  - Security : Firewall (CVE-2015-4766)

  - Server : General (CVE-2016-0605)

  - Security : Privileges (CVE-2015-4791)

  - SP (CVE-2015-4836)

  - Types (CVE-2015-4730)

According to its self-reported version number, the version of Cisco Prime Security Manager installed on the remote host has a bundled version of OpenSSL that is affected by a certificate validation bypass vulnerability. The vulnerability exists due to a flaw in the X509_verify_cert() function in x509_vfy.c that is triggered when locating alternate certificate chains when the first attempt to build such a chain fails. A remote attacker can exploit this, by using a valid leaf certificate as a certificate authority (CA), to issue invalid certificates that will bypass authentication.

The remote ASA Next-Generation Firewall (NGFW) host is missing a security patch. It is, therefore, affected by a certificate validation bypass vulnerability in the bundled version of OpenSSL. The vulnerability exists due to a flaw in the X509_verify_cert() function in x509_vfy.c that is triggered when locating alternate certificate chains when the first attempt to build such a chain fails. A remote attacker can exploit this, by using a valid leaf certificate as a certificate authority (CA), to issue invalid certificates that will bypass authentication.

The remote host is affected by the vulnerability described in GLSA-201507-15 (OpenSSL: Alternate chains certificate forgery)

    During certificate verification, OpenSSL attempts to find an alternative       certificate chain if the first attempt to build such a chain fails.
  Impact :

    A remote attacker could cause certain checks on untrusted       certificates to be bypassed, such as the CA flag, enabling them to use a       valid leaf certificate to act as a CA and &ldquo;issue&rdquo; an invalid       certificate.
  Workaround :

    There is no known workaround at this time.

The remote Cisco Virtual Security Gateway device is affected by a certificate validation bypass vulnerability in the bundled OpenSSL library due to a flaw in the X509_verify_cert() function in x509_vfy.c that is triggered when locating alternate certificate chains in cases where the first attempt to build such a chain fails. A remote attacker can exploit this, by using a valid leaf certificate as a certificate authority (CA), to issue invalid certificates that will bypass authentication.

According to its version number, the instance of Splunk hosted on the remote web server is Enterprise 5.0.x prior to 5.0.14, 6.0.x prior to 6.0.10, 6.1.x prior to 6.1.9, 6.2.x prior to 6.2.5, or Light 6.2.x prior to 6.2.5. It is, therefore, affected by the following vulnerabilities in the bundled OpenSSL library :

  - A denial of service vulnerability exists when processing     an ECParameters structure due to an infinite loop that     occurs when a specified curve is over a malformed binary     polynomial field. A remote attacker can exploit this to     perform a denial of service against any system that     processes public keys, certificate requests, or     certificates. This includes TLS clients and TLS servers     with client authentication enabled. (CVE-2015-1788)

  - A denial of service vulnerability exists due to improper     validation of the content and length of the ASN1_TIME     string by the X509_cmp_time() function. A remote     attacker can exploit this, via a malformed certificate     and CRLs of various sizes, to cause a segmentation     fault, resulting in a denial of service condition. TLS     clients that verify CRLs are affected. TLS clients and     servers with client authentication enabled may be     affected if they use custom verification callbacks.
    (CVE-2015-1789)

  - A NULL pointer dereference flaw exists in the PKCS#7     parsing code due to incorrect handling of missing inner     'EncryptedContent'. This allows a remote attacker, via     specially crafted ASN.1-encoded PKCS#7 blobs with     missing content, to cause a denial of service condition     or other potential unspecified impacts. (CVE-2015-1790)

  - A double-free error exists due to a race condition that     occurs when a NewSessionTicket is received by a     multi-threaded client when attempting to reuse a     previous ticket. (CVE-2015-1791)

  - A denial of service vulnerability exists in the CMS code     due to an infinite loop that occurs when verifying a     signedData message. A remote attacker can exploit this     to cause a denial of service condition. (CVE-2015-1792)

  - A certificate validation bypass vulnerability exists due     to a flaw in the X509_verify_cert() function in file     x509_vfy.c, which occurs when locating alternate     certificate chains whenever the first attempt to build     such a chain fails. A remote attacker can exploit this,     by using a valid leaf certificate as a certificate     authority (CA), to issue invalid certificates that will     bypass authentication. (CVE-2015-1793)

Additionally, a cross-site scripting vulnerability exists in Splunk Enterprise due to improper validation of user-supplied input before returning it to users. An attacker can exploit this, via a crafted request, to execute arbitrary script code.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The SecurityCenter application installed on the remote host is affected by a certificate validation bypass vulnerability in the bundled OpenSSL library. The library is version 1.0.1n or later and prior to 1.0.1p. It is, therefore, affected by a flaw in the X509_verify_cert() function that is triggered when locating alternate certificate chains in cases where the first attempt to build such a chain fails. A remote attacker can exploit this to cause certain certificate checks to be bypassed, resulting in an invalid certificate being considered valid.

Security fix for CVE-2015-1793 high severity issue.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

OpenSSL reports :

During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and 'issue' an invalid certificate.

During certificate verfification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and 'issue' an invalid certificate.

This issue will impact any application that verifies certificates including SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.

The only version of OpenSSL from the Amazon Linux AMI that is impacted by this CVE is openssl-1.0.1k-10.86.amzn1, which was published as ALAS-2015-550.

New openssl packages are available for Slackware 14.0, 14.1, and
-current to fix a security issue.

According to its banner, the remote host is running a version of OpenSSL 1.0.2 prior to 1.0.2d. It is, therefore, affected by the following vulnerabilities :

  - A certificate validation bypass vulnerability exists due     to a flaw in the X509_verify_cert() function in     x509_vfy.c that is triggered when locating alternate     certificate chains when the first attempt to build such     a chain fails. A remote attacker can exploit this, by     using a valid leaf certificate as a certificate     authority (CA), to issue invalid certificates that will     bypass authentication. (CVE-2015-1793)

  - A race condition exists in s3_clnt.c that is triggered     when PSK identity hints are incorrectly updated in the     parent SSL_CTX structure when they are received by a     multi-threaded client. A remote attacker can exploit     this, via a crafted ServerKeyExchange message, to cause     a double-free memory error, resulting in a denial of     service. (CVE-2015-3196)

According to its banner, the remote host is running a version of OpenSSL 1.0.1 prior to 1.0.1p. It is, therefore, affected by the following vulnerabilities :

  - A certificate validation bypass vulnerability exists due     to a flaw in the X509_verify_cert() function in     x509_vfy.c that is triggered when locating alternate     certificate chains when the first attempt to build such     a chain fails. A remote attacker can exploit this, by     using a valid leaf certificate as a certificate     authority (CA), to issue invalid certificates that will     bypass authentication. Note that this issue affects only     versions 1.0.1n and 1.0.1o. (CVE-2015-1793)

  - A race condition exists in s3_clnt.c that is triggered     when PSK identity hints are incorrectly updated in the     parent SSL_CTX structure when they are received by a     multi-threaded client. A remote attacker can exploit     this, via a crafted ServerKeyExchange message, to cause     a double-free memory error, resulting in a denial of     service. (CVE-2015-3196)

ID	Name	Product	Family	Severity
90150	HP System Management Homepage < 7.5.4 Multiple Vulnerabilities (Logjam)	Nessus	Web Servers	critical
88043	Oracle Enterprise Manager Cloud Control Multiple Vulnerabilities (January 2016 CPU)	Nessus	Misc.	high
87525	SUSE SLED11 / SLES11 Security Update : mysql (SUSE-SU-2015:2303-1)	Nessus	SuSE Local Security Checks	high
87442	openSUSE Security Update : mysql (openSUSE-2015-889) (BACKRONYM)	Nessus	SuSE Local Security Checks	high
86660	Oracle MySQL 5.6.x < 5.6.26 Multiple Vulnerabilities (October 2015 CPU)	Nessus	Databases	high
86547	MySQL 5.6.x < 5.6.27 Multiple Vulnerabilities	Nessus	Databases	high
86105	Cisco Prime Security Manager OpenSSL Alternative Chains Certificate Forgery (cisco-sa-20150710-openssl)	Nessus	CGI abuses	medium
86104	Cisco ASA Next-Generation Firewall OpenSSL Alternative Chains Certificate Forgery (cisco-sa-20150710-openssl)	Nessus	CISCO	medium
86084	GLSA-201507-15 : OpenSSL: Alternate chains certificate forgery	Nessus	Gentoo Local Security Checks	medium
85685	Cisco Virtual Security Gateway OpenSSL Alternative Certificate Validation Bypass (cisco-sa-20150710-openssl)	Nessus	CISCO	medium
85581	Splunk Enterprise < 5.0.14 / 6.0.10 / 6.1.9 / 6.2.5 or Splunk Light < 6.2.5 Multiple Vulnerabilities	Nessus	CGI abuses	medium
85565	Tenable SecurityCenter Alternative Certificate Validation Bypass Vulnerability (TNS-2015-08)	Nessus	Misc.	medium
84691	Fedora 22 : openssl-1.0.1k-11.fc22 (2015-11475)	Nessus	Fedora Local Security Checks	medium
84690	Fedora 21 : openssl-1.0.1k-11.fc21 (2015-11414)	Nessus	Fedora Local Security Checks	medium
84651	FreeBSD : openssl -- alternate chains certificate forgery vulnerability (075952fe-267e-11e5-9d03-3c970e169bc2)	Nessus	FreeBSD Local Security Checks	medium
84647	Amazon Linux AMI : openssl (ALAS-2015-564)	Nessus	Amazon Linux Local Security Checks	medium
84646	Slackware 14.0 / 14.1 / current : openssl (SSA:2015-190-01)	Nessus	Slackware Local Security Checks	medium
84637	OpenSSL 1.0.2 < 1.0.2d Multiple Vulnerabilities	Nessus	Web Servers	medium
84636	OpenSSL 1.0.1 < 1.0.1p Multiple Vulnerabilities	Nessus	Web Servers	medium

Detections

Analytics

CVE-2015-1793

medium

Tenable Plugins

critical

high

high

high

high

high

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium