Juniper ScreenOS 6.3.x < 6.3.0r23 Multiple Vulnerabilities in OpenSSL (JSA10759) (DROWN)

Critical Nessus Plugin ID 94679

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of Juniper ScreenOS running on the remote host is 6.3.x prior to 6.3.0r23. It is, therefore, affected by multiple vulnerabilities in its bundled version of OpenSSL :

- A flaw exists in the SSLv2 implementation, specifically in the get_client_master_key() function within file s2_srvr.c, due to accepting a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher. A man-in-the-middle attacker can exploit this to determine the MASTER-KEY value and decrypt TLS ciphertext by leveraging a Bleichenbacher RSA padding oracle. (CVE-2016-0703)

- A flaw exists in the SSLv2 oracle protection mechanism, specifically in the get_client_master_key() function within file s2_srvr.c, due to incorrectly overwriting MASTER-KEY bytes during use of export cipher suites.
A remote attackers can exploit this to more easily decrypt TLS ciphertext by leveraging a Bleichenbacher RSA padding oracle. (CVE-2016-0704)

- A NULL pointer dereference flaw exists in the BN_hex2bn() and BN_dec2bn() functions. A remote attacker can exploit this to trigger a heap corruption, resulting in the execution of arbitrary code. (CVE-2016-0797)

- A flaw exists that allows a cross-protocol Bleichenbacher padding oracle attack known as DROWN (Decrypting RSA with Obsolete and Weakened eNcryption).
This vulnerability exists due to a flaw in the Secure Sockets Layer Version 2 (SSLv2) implementation, and it allows captured TLS traffic to be decrypted. A man-in-the-middle attacker can exploit this to decrypt the TSL connection by utilizing previously captured traffic and weak cryptography along with a series of specially crafted connections to an SSLv2 server that uses the same private key. (CVE-2016-0800)

- A heap buffer overflow condition exists in the EVP_EncodeUpdate() function within file crypto/evp/encode.c that is triggered when handling a large amount of input data. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2016-2105)

- A heap buffer overflow condition exists in the EVP_EncryptUpdate() function within file crypto/evp/evp_enc.c that is triggered when handling a large amount of input data after a previous call occurs to the same function with a partial block. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2016-2106)

- A remote code execution vulnerability exists in the ASN.1 encoder due to an underflow condition that occurs when attempting to encode the value zero represented as a negative integer. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in the execution of arbitrary code. (CVE-2016-2108)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Juniper ScreenOS version 6.3.0r23 or later. Alternatively, refer to the vendor advisory for additional workarounds.

See Also

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759

http://www.nessus.org/u?c4eb1929

https://www.openssl.org/news/secadv/20151203.txt

https://www.openssl.org/news/secadv/20160301.txt

https://www.openssl.org/news/secadv/20160503.txt

https://www.openssl.org/news/secadv/20160922.txt

https://www.drownattack.com/drown-attack-paper.pdf

https://drownattack.com/

Plugin Details

Severity: Critical

ID: 94679

File Name: screenos_JSA10759.nasl

Version: 1.4

Type: local

Family: Firewalls

Published: 2016/11/10

Modified: 2018/07/27

Dependencies: 74379, 74148

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:juniper:screenos, cpe:/a:openssl:openssl

Required KB Items: Host/Juniper/ScreenOS/display_version, Host/Juniper/ScreenOS/version

Excluded KB Items: Host/Juniper/ScreenOS/unsupported

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2016/10/12

Vulnerability Publication Date: 2016/02/29

Reference Information

CVE: CVE-2016-0703, CVE-2016-0704, CVE-2016-0797, CVE-2016-0800, CVE-2016-2105, CVE-2016-2106, CVE-2016-2108

BID: 83733, 83743, 83763, 83764, 89744, 89752, 89757

JSA: JSA10759

CERT: 583776