Blue Coat ProxySG 6.2.x < 188.8.131.52 / 6.5.x < 184.108.40.206 / 6.6.x < 220.127.116.11 Multiple OpenSSL Vulnerabilities
High Nessus Plugin ID 84400
SynopsisThe remote device is affected by multiple vulnerabilities.
DescriptionThe self-reported SGOS version of the remote Blue Coat ProxySG device is 6.2.x prior to 18.104.22.168, 6.5.x prior to 22.214.171.124, or 6.6.x prior to 126.96.36.199. Therefore, it contains a bundled version of OpenSSL that is affected by multiple vulnerabilities :
- An invalid read flaw exists in the ASN1_TYPE_cmp() function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate sent to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service. (CVE-2015-0286)
- A flaw exists in the ASN1_item_ex_d2i() function due to a failure to reinitialize 'CHOICE' and 'ADB' data structures when reusing a structure in ASN.1 parsing.
This allows a remote attacker to cause an invalid write operation and memory corruption, resulting in a denial of service. (CVE-2015-0287)
- A NULL pointer dereference flaw exists in the X509_to_X509_REQ() function due to improper processing of certificate keys. This allows a remote attacker, via a crafted X.509 certificate, to cause a denial of service. (CVE-2015-0288)
- A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing outer ContentInfo. This allows a remote attacker, using an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, to cause a denial of service. (CVE-2015-0289)
- An integer underflow condition exists in the EVP_DecodeUpdate() function due to improper validation of base64 encoded input when decoding. This allows a remote attacker, using maliciously crafted base64 data, to cause a segmentation fault or memory corruption, resulting in a denial of service or possibly the execution of arbitrary code. (CVE-2015-0292)
- A flaw exists in servers that both support SSLv2 and enable export cipher suites due to improper implementation of SSLv2. A remote attacker can exploit this, via a crafted CLIENT-MASTER-KEY message, to cause a denial of service. (CVE-2015-0293)
SolutionUpgrade to SGOS version 188.8.131.52 / 184.108.40.206 / 220.127.116.11 or later.