Cisco IOS Multiple OpenSSL Vulnerabilities (CSCup22590)

Medium Nessus Plugin ID 88988

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco IOS device is missing a vendor-supplied security patch and has an IOS service configured to use TLS or SSL. It is, therefore, affected by the following vulnerabilities in the bundled OpenSSL library :

- A buffer overflow error exists related to invalid DTLS fragment handling that can lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195)

- An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note that this issue only affects OpenSSL when used as a DTLS client.
(CVE-2014-0221)

- An unspecified error exists that allows an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks. (CVE-2014-0224)

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCup22590.

See Also

http://www.nessus.org/u?0aa6a7e6

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCup22590

https://www.openssl.org/news/secadv/20140605.txt

https://www.openssl.org/news/vulnerabilities.html

https://www.imperialviolet.org/2014/06/05/earlyccs.html

Plugin Details

Severity: Medium

ID: 88988

File Name: cisco-sa-20140605-openssl-ios.nasl

Version: 1.10

Type: combined

Family: CISCO

Published: 2016/02/26

Updated: 2019/04/11

Dependencies: 47864

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/06/05

Vulnerability Publication Date: 2014/06/03

Reference Information

CVE: CVE-2014-0195, CVE-2014-0221, CVE-2014-0224

BID: 67899, 67900, 67901

CERT: 978508

CISCO-BUG-ID: CSCup22590

CISCO-SA: cisco-sa-20140605-openssl