Juniper ScreenOS 6.3.x < 6.3.0r23 Multiple Vulnerabilities in OpenSSL (JSA10759) (DROWN)

critical Nessus Plugin ID 94679
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of Juniper ScreenOS running on the remote host is 6.3.x prior to 6.3.0r23. It is, therefore, affected by multiple vulnerabilities in its bundled version of OpenSSL :

- A flaw exists in the SSLv2 implementation, specifically in the get_client_master_key() function within file s2_srvr.c, due to accepting a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher. A man-in-the-middle attacker can exploit this to determine the MASTER-KEY value and decrypt TLS ciphertext by leveraging a Bleichenbacher RSA padding oracle. (CVE-2016-0703)

- A flaw exists in the SSLv2 oracle protection mechanism, specifically in the get_client_master_key() function within file s2_srvr.c, due to incorrectly overwriting MASTER-KEY bytes during use of export cipher suites.
A remote attackers can exploit this to more easily decrypt TLS ciphertext by leveraging a Bleichenbacher RSA padding oracle. (CVE-2016-0704)

- A NULL pointer dereference flaw exists in the BN_hex2bn() and BN_dec2bn() functions. A remote attacker can exploit this to trigger a heap corruption, resulting in the execution of arbitrary code. (CVE-2016-0797)

- A flaw exists that allows a cross-protocol Bleichenbacher padding oracle attack known as DROWN (Decrypting RSA with Obsolete and Weakened eNcryption).
This vulnerability exists due to a flaw in the Secure Sockets Layer Version 2 (SSLv2) implementation, and it allows captured TLS traffic to be decrypted. A man-in-the-middle attacker can exploit this to decrypt the TSL connection by utilizing previously captured traffic and weak cryptography along with a series of specially crafted connections to an SSLv2 server that uses the same private key. (CVE-2016-0800)

- A heap buffer overflow condition exists in the EVP_EncodeUpdate() function within file crypto/evp/encode.c that is triggered when handling a large amount of input data. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2016-2105)

- A heap buffer overflow condition exists in the EVP_EncryptUpdate() function within file crypto/evp/evp_enc.c that is triggered when handling a large amount of input data after a previous call occurs to the same function with a partial block. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2016-2106)

- A remote code execution vulnerability exists in the ASN.1 encoder due to an underflow condition that occurs when attempting to encode the value zero represented as a negative integer. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in the execution of arbitrary code. (CVE-2016-2108)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Juniper ScreenOS version 6.3.0r23 or later. Alternatively, refer to the vendor advisory for additional workarounds.

See Also

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759

http://www.nessus.org/u?c4eb1929

https://www.openssl.org/news/secadv/20151203.txt

https://www.openssl.org/news/secadv/20160301.txt

https://www.openssl.org/news/secadv/20160503.txt

https://www.openssl.org/news/secadv/20160922.txt

https://www.drownattack.com/drown-attack-paper.pdf

https://drownattack.com/

Plugin Details

Severity: Critical

ID: 94679

File Name: screenos_JSA10759.nasl

Version: 1.4

Type: local

Family: Firewalls

Published: 11/10/2016

Updated: 7/27/2018

Dependencies: screenos_version.nbin, screenos_unsupported.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:juniper:screenos, cpe:/a:openssl:openssl

Required KB Items: Host/Juniper/ScreenOS/display_version, Host/Juniper/ScreenOS/version

Excluded KB Items: Host/Juniper/ScreenOS/unsupported

Exploit Ease: No known exploits are available

Patch Publication Date: 10/12/2016

Vulnerability Publication Date: 2/29/2016

Reference Information

CVE: CVE-2016-0703, CVE-2016-0704, CVE-2016-0797, CVE-2016-0800, CVE-2016-2105, CVE-2016-2106, CVE-2016-2108

BID: 83733, 83743, 83763, 83764, 89744, 89752, 89757

JSA: JSA10759

CERT: 583776