LOGJAM: A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites). An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic. (CVE-2015-4000)

An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL, which is used to test the expiry dates of SSL/TLS certificates. An attacker could possibly use a specially crafted SSL/TLS certificate or CRL (Certificate Revocation List), which when parsed by an application would cause that application to crash.
(CVE-2015-1789)

A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-1790)

A race condition was found in the session handling code of OpenSSL. An attacker could cause a multi-threaded SSL/TLS server to crash.
(CVE-2015-1791)

A denial of service flaw was found in OpenSSL in the way it verified certain signed messages using CMS (Cryptographic Message Syntax). A remote attacker could cause an application using OpenSSL to use excessive amounts of memory by sending a specially crafted message for verification. (CVE-2015-1792)

An invalid-free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could send a specially crafted message to the peer, which could cause the application to crash or potentially cause arbitrary code execution.
(CVE-2014-8176)

A regression was found in the ssleay_rand_bytes() function. This could lead a multi-threaded application to crash. (CVE-2015-3216)

Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets Layer toolkit.

CVE-2014-8176

Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that an invalid memory free could be triggered when buffering DTLS data.
This could allow remote attackers to cause a denial of service (crash) or potentially execute arbitrary code. This issue only affected the oldstable distribution (wheezy).

CVE-2015-1789

Robert Swiecki and Hanno B??ck discovered that the X509_cmp_time function could read a few bytes out of bounds. This could allow remote attackers to cause a denial of service (crash) via crafted certificates and CRLs.

CVE-2015-1790

Michal Zalewski discovered that the PKCS#7 parsing code did not properly handle missing content which could lead to a NULL pointer dereference. This could allow remote attackers to cause a denial of service (crash) via crafted ASN.1-encoded PKCS#7 blobs.

CVE-2015-1791

Emilia K??sper discovered that a race condition could occur due to incorrect handling of NewSessionTicket in a multi-threaded client, leading to a double free. This could allow remote attackers to cause a denial of service (crash).

CVE-2015-1792

Johannes Bauer discovered that the CMS code could enter an infinite loop when verifying a signedData message, if presented with an unknown hash function OID. This could allow remote attackers to cause a denial of service.

Additionally OpenSSL will now reject handshakes using DH parameters shorter than 768 bits as a countermeasure against the Logjam attack (CVE-2015-4000).

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.

An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)

A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)

A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them to decrypt all traffic.
(CVE-2015-4000)

Note: This update forces the TLS/SSL client implementation in OpenSSL to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits.

Red Hat would like to thank the OpenSSL project for reporting CVE-2015-1789 and CVE-2015-1790. Upstream acknowledges Robert Swiecki and Hanno Bock as the original reporters of CVE-2015-1789, and Michal Zalewski as the original reporter of CVE-2015-1790.

All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1197 advisory.

    - fix CVE-2014-3570 - Bignum squaring may produce incorrect results
    - fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
    - fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]
    - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time
    - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

OpenSSL was updated to fix several security issues.

CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed by rejecting connections with DH parameters shorter than 1024 bits. We now also generate 2048-bit DH parameters by default.

CVE-2015-1788: Malformed ECParameters could cause an infinite loop.

CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.

CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent was fixed.

fixed a timing side channel in RSA decryption (bnc#929678)

Additional changes :

In the default SSL cipher string EXPORT ciphers are now disabled. This will only get active if applications get rebuilt and actually use this string. (bnc#931698)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

OpenSSL was updated to fix several security issues.

CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed by rejecting connections with DH parameters shorter than 1024 bits. We now also generate 2048-bit DH parameters by default.

CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.

CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent was fixed.

fixed a timing side channel in RSA decryption (bnc#929678)

Additional changes :

In the default SSL cipher string EXPORT ciphers are now disabled. This will only get active if applications get rebuilt and actually use this string. (bnc#931698)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the web server's banner, the version of HP System Management Homepage (SMH) hosted on the remote web server is a version prior to 7.5.4. It is, therefore, affected by the following vulnerabilities :

  - A denial of service vulnerability exists when processing     an ECParameters structure due to an infinite loop that     occurs when a specified curve is over a malformed binary     polynomial field. A remote attacker can exploit this to     perform a denial of service against any system that     processes public keys, certificate requests, or     certificates. This includes TLS clients and TLS servers     with client authentication enabled. (CVE-2015-1788) 

  - A denial of service vulnerability exists due to improper     validation of the content and length of the ASN1_TIME     string by the X509_cmp_time() function. A remote     attacker can exploit this, via a malformed certificate     and CRLs of various sizes, to cause a segmentation     fault, resulting in a denial of service condition. TLS     clients that verify CRLs are affected. TLS clients and     servers with client authentication enabled may be     affected if they use custom verification callbacks.
    (CVE-2015-1789)

  - A NULL pointer dereference flaw exists in the PKCS#7     parsing code due to incorrect handling of missing inner     'EncryptedContent'. This allows a remote attacker, via     specially crafted ASN.1-encoded PKCS#7 blobs with     missing content, to cause a denial of service condition     or other potential unspecified impacts. (CVE-2015-1790)

  - A double-free error exists due to a race condition that     occurs when a NewSessionTicket is received by a     multi-threaded client when attempting to reuse a     previous ticket. (CVE-2015-1791)

  - A denial of service vulnerability exists in the CMS code     due to an infinite loop that occurs when verifying a     signedData message. A remote attacker can exploit this     to cause a denial of service condition. (CVE-2015-1792)

  - A certificate validation bypass vulnerability exists in     the Security:Encryption subcomponent due to a flaw in     the X509_verify_cert() function in x509_vfy.c that is     triggered when locating alternate certificate chains     when the first attempt to build such a chain fails. A     remote attacker can exploit this, by using a valid leaf     certificate as a certificate authority (CA), to issue     invalid certificates that will bypass authentication.
    (CVE-2015-1793)

  - A cross-request authentication bypass vulnerability     exists in libcurl due to the use of an existing,     authenticated connection when performing a subsequent     unauthenticated NTLM HTTP request. An attacker can     exploit this to bypass authentication mechanisms.
    (CVE-2015-3143)

  - A denial of service vulnerability exists in libcurl due     to a flaw in the sanitize_cookie_path() function that is     triggered when handling a cookie path element that     consists of a single double-quote. An attacker can     exploit this to cause the application to crash.
    (CVE-2015-3145)

  - A cross-request authentication bypass vulnerability     exists in libcurl due to a flaw that is triggered when a     request is 'Negotiate' authenticated, which can cause     the program to treat the entire connection as     authenticated rather than just that specific request. An     attacker can exploit this to bypass authentication     mechanisms for subsequent requests. (CVE-2015-3148)

  - A man-in-the-middle vulnerability, known as Logjam,     exists due to a flaw in the SSL/TLS protocol. A remote     attacker can exploit this flaw to downgrade connections     using ephemeral Diffie-Hellman key exchange to 512-bit     export-grade cryptography. (CVE-2015-4000)

  - A flaw exists in the multipart_buffer_headers() function     in rfc1867.c due to improper handling of     multipart/form-data in HTTP requests. A remote attacker     can exploit this flaw to cause a consumption of CPU     resources, resulting in a denial of service condition.
    (CVE-2015-4024)

  - An unspecified flaw exists that allows an authenticated,     remote attacker to impact confidentiality and integrity.
    (CVE-2016-1993)

  - An unspecified information disclosure vulnerability     exists that allows an authenticated, remote attacker to     gain unauthorized access to information. (CVE-2016-1994)

  - An unspecified remote code execution vulnerability     exists that allows an unauthenticated, remote attacker     to take complete control of the system. (CVE-2016-1995)

  - An unspecified flaw exists that allows a local attacker     to impact confidentiality and integrity. (CVE-2016-1996)

ID	Name	Product	Family	Published	Updated	Severity
84251	Amazon Linux AMI : openssl (ALAS-2015-550) (Logjam)	Nessus	Amazon Linux Local Security Checks	6/18/2015	12/5/2022	high
84253	Debian DLA-247-1 : openssl security update (Logjam)	Nessus	Debian Local Security Checks	6/18/2015	12/5/2022	high
84467	RHEL 5 : openssl (RHSA-2015:1197) (Logjam)	Nessus	Red Hat Local Security Checks	6/30/2015	12/5/2022	high
84485	Oracle Linux 5 : openssl (ELSA-2015-1197)	Nessus	Oracle Linux Local Security Checks	7/1/2015	4/29/2025	low
84506	CentOS 5 : openssl (CESA-2015:1197) (Logjam)	Nessus	CentOS Local Security Checks	7/6/2015	12/5/2022	high
84558	SUSE SLES10 Security Update : OpenSSL (SUSE-SU-2015:1181-2) (Logjam)	Nessus	SuSE Local Security Checks	7/7/2015	12/5/2022	high
84560	SUSE SLED11 / SLES10 Security Update : OpenSSL (SUSE-SU-2015:1183-2) (Logjam)	Nessus	SuSE Local Security Checks	7/7/2015	12/5/2022	high
90150	HP System Management Homepage < 7.5.4 Multiple Vulnerabilities (Logjam)	Nessus	Web Servers	3/24/2016	12/5/2022	critical

Detections

Analytics

Plugins Search

high

high

high

low

high

high

high

critical