stunnel < 5.12 OpenSSL Multiple Vulnerabilities

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a program that is affected by
multiple vulnerabilities.

Description :

The version of stunnel installed on the remote host is prior to
version 5.12. It is, therefore, affected by the following
vulnerabilities in the bundled OpenSSL library :

- A flaw exists in the DTLSv1_listen() function due to
state information being preserved in the SSL object from
one invocation to the next. A remote attacker can
exploit this, via crafted DTLS traffic, to cause a
segmentation fault, resulting in a denial of service.
(CVE-2015-0207)

- A flaw exists in the rsa_item_verify() function due to
improper implementation of ASN.1 signature verification.
A remote attacker can exploit this, via an ASN.1
signature using the RSA PSS algorithm and invalid
parameters, to cause a NULL pointer dereference,
resulting in a denial of service. (CVE-2015-0208)

- A use-after-free error exists in the d2i_ECPrivateKey()
function due to improper processing of malformed EC
private key files during import. A remote attacker can
exploit this to dereference already freed memory,
resulting in a denial of service or other unspecified
impact. (CVE-2015-0209)

- A flaw exists in the ssl3_client_hello() function due to
improper validation of a PRNG seed before proceeding
with a handshake, resulting in insufficient entropy and
predictable output. A man-in-the-middle attacker can
exploit this to defeat cryptographic protection
mechanisms via a brute-force attack, resulting in the
disclosure of sensitive information. (CVE-2015-0285)

- An invalid read flaw exists in the ASN1_TYPE_cmp()
function due to improperly performed boolean-type
comparisons. A remote attacker can exploit this, via a
crafted X.509 certificate to an endpoint that uses the
certificate-verification feature, to cause an invalid
read operation, resulting in a denial of service.
(CVE-2015-0286)

- A flaw exists in the ASN1_item_ex_d2i() function due to
a failure to reinitialize 'CHOICE' and 'ADB' data
structures when reusing a structure in ASN.1 parsing. A
remote attacker can exploit this to cause an invalid
write operation and memory corruption, resulting in a
denial of service. (CVE-2015-0287)

- A NULL pointer dereference flaw exists in the
X509_to_X509_REQ() function due to improper processing
of certificate keys. This allows a remote attacker, via
a crafted X.509 certificate, to cause a denial of
service. (CVE-2015-0288)

- A NULL pointer dereference flaw exists in the PKCS#7
parsing code due to incorrect handling of missing outer
ContentInfo. This allows a remote attacker, using an
application that processes arbitrary PKCS#7 data and
providing malformed data with ASN.1 encoding, to cause
a denial of service. (CVE-2015-0289)

- A flaw exists with the 'multiblock' feature in the
ssl3_write_bytes() function due to improper handling of
certain non-blocking I/O cases. This allows a remote
attacker to cause failed connections or a segmentation
fault, resulting in a denial of service. (CVE-2015-0290)

- A NULL pointer dereference flaw exists when handling
clients attempting to renegotiate using an invalid
signature algorithm extension. A remote attacker can
exploit this to cause a denial of service.
(CVE-2015-0291)

- A flaw exists in servers that both support SSLv2 and
enable export cipher suites due to improper
implementation of SSLv2. A remote attacker can exploit
this, via a crafted CLIENT-MASTER-KEY message, to cause
a denial of service. (CVE-2015-0293)

- A flaw exists in the ssl3_get_client_key_exchange()
function when client authentication and an ephemeral
Diffie-Hellman ciphersuite are enabled. A remote
attacker can exploit this, via a ClientKeyExchange
message with a length of zero, to cause a denial of
service. (CVE-2015-1787)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

https://www.openssl.org/news/secadv/20150319.txt
http://www.nessus.org/u?cdf29d06

Solution :

Upgrade to Stunnel 5.12 or later.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.0
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now