CVE-2015-3196

MEDIUM

Description

ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.

References

http://fortiguard.com/advisory/openssl-advisory-december-2015

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html

http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html

http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html

http://marc.info/?l=bugtraq&m=145382583417444&w=2

http://openssl.org/news/secadv/20151203.txt

http://rhn.redhat.com/errata/RHSA-2015-2617.html

http://rhn.redhat.com/errata/RHSA-2016-2957.html

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl

http://www.debian.org/security/2015/dsa-3413

http://www.fortiguard.com/advisory/openssl-advisory-december-2015

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

http://www.securityfocus.com/bid/78622

http://www.securitytracker.com/id/1034294

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583

http://www.ubuntu.com/usn/USN-2830-1

https://git.openssl.org/?p=openssl.git;a=commit;h=3c66a669dfc7b3792f7af0758ea26fe8502ce70c

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100

Details

Source: MITRE

Published: 2015-12-06

Updated: 2019-06-13

Type: CWE-362

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:*

cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0s:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 4.3.0 to 4.3.35 (inclusive)

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 5.0.0 to 5.0.13 (inclusive)

Configuration 4

OR

cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Tenable Plugins

View all (28 total)

IDNameProductFamilySeverity
106498pfSense < 2.2.6 Multiple Vulnerabilities (SA-15_09 / SA-15_10 / SA-15_11)NessusFirewalls
medium
96316Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10759) (SWEET32)NessusJunos Local Security Checks
critical
91154OracleVM 3.3 / 3.4 : openssl (OVMSA-2016-0049) (SLOTH)NessusOracleVM Local Security Checks
critical
90680Oracle VM VirtualBox < 4.3.36 / 5.0.18 Multiple Vulnerabilities (April 2016 CPU)NessusMisc.
medium
89431Fedora 22 : openssl-1.0.1k-13.fc22 (2015-d87d60b9a9)NessusFedora Local Security Checks
medium
88586GLSA-201601-05 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
88101Mac OS X : Cisco AnyConnect Secure Mobility Client < 3.1.13015.0 / 4.2.x < 4.2.1035.0 Multiple OpenSSL VulnerabilitiesNessusMacOS X Local Security Checks
medium
88100Cisco AnyConnect Secure Mobility Client < 3.1.13015.0 / 4.2.x < 4.2.1035.0 Multiple OpenSSL VulnerabilitiesNessusWindows
medium
88085AIX OpenSSL Advisory : openssl_advisory15.ascNessusAIX Local Security Checks
medium
87800OracleVM 3.3 : openssl (OVMSA-2016-0001) (SLOTH)NessusOracleVM Local Security Checks
medium
87487openSUSE Security Update : openssl (openSUSE-2015-911)NessusSuSE Local Security Checks
medium
87447openSUSE Security Update : OpenSSL (openSUSE-2015-908)NessusSuSE Local Security Checks
medium
87434F5 Networks BIG-IP : OpenSSL vulnerability (K55540723)NessusF5 Networks Local Security Checks
medium
87402Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20151214)NessusScientific Linux Local Security Checks
medium
87378Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2015-349-04)NessusSlackware Local Security Checks
medium
87366OracleVM 3.3 : openssl (OVMSA-2015-0155)NessusOracleVM Local Security Checks
medium
87364Oracle Linux 6 / 7 : openssl (ELSA-2015-2617)NessusOracle Linux Local Security Checks
medium
87357CentOS 6 / 7 : openssl (CESA-2015:2617)NessusCentOS Local Security Checks
medium
87340Amazon Linux AMI : openssl (ALAS-2015-614)NessusAmazon Linux Local Security Checks
medium
87335RHEL 6 / 7 : openssl (RHSA-2015:2617)NessusRed Hat Local Security Checks
medium
87318SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:2237-1)NessusSuSE Local Security Checks
medium
87280SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:2230-1)NessusSuSE Local Security Checks
medium
87236Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : openssl vulnerabilities (USN-2830-1)NessusUbuntu Local Security Checks
medium
87220OpenSSL 1.0.0 < 1.0.0t Multiple DoSNessusWeb Servers
medium
87213FreeBSD : openssl -- multiple vulnerabilities (4c8d1d72-9b38-11e5-aece-d050996490d0)NessusFreeBSD Local Security Checks
medium
87212Debian DSA-3413-1 : openssl - security updateNessusDebian Local Security Checks
medium
84637OpenSSL 1.0.2 < 1.0.2d Multiple VulnerabilitiesNessusWeb Servers
medium
84636OpenSSL 1.0.1 < 1.0.1p Multiple VulnerabilitiesNessusWeb Servers
medium