According to its version, the installation of Tenable Nessus running on the remote host is version 5.x prior to 5.2.12 or 6.x prior to 6.4.
It is, therefore, affected by multiple denial of service vulnerabilities in the bundled OpenSSL component :

  - A denial of service vulnerability exists when processing     an ECParameters structure due to an infinite loop that     occurs when a specified curve is over a malformed binary     polynomial field. A remote attacker can exploit this to     perform a denial of service against any system that     processes public keys, certificate requests, or     certificates. This includes TLS clients and TLS servers     with client authentication enabled. (CVE-2015-1788)

  - A denial of service vulnerability exists due to improper     validation of the content and length of the ASN1_TIME     string by the X509_cmp_time() function. A remote     attacker can exploit this, via a malformed certificate     and CRLs of various sizes, to cause a segmentation     fault, resulting in a denial of service condition. TLS     clients that verify CRLs are affected. TLS clients and     servers with client authentication enabled may be     affected if they use custom verification callbacks.
    (CVE-2015-1789)

Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.

Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.

An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176)

A flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.
(CVE-2015-3216)

An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)

A race condition was found in the session handling code of OpenSSL.
This issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791)

A flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792)

A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)

Red Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan Fratric as the original reporters of CVE-2014-8176, Robert Swiecki and Hanno Bock as the original reporters of CVE-2015-1789, Michal Zalewski as the original reporter of CVE-2015-1790, Emilia Kasper as the original report of CVE-2015-1791 and Johannes Bauer as the original reporter of CVE-2015-1792.

All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Multiple moderate and low impact security issues fixed.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is running a version of Gaia OS which is affected by multiple vulnerabilities:

  - An out of bounds read denial of service vulnerability     in OpenSSL (CVE-2015-1789)

  - An information disclosure weakness in the RC4     algorithm as used in SSL/TLS (CVE-2015-2808)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - A race condition was found in the session handling code     of OpenSSL. This issue could possibly cause a     multi-threaded TLS/SSL client using OpenSSL to double     free session ticket data and crash.(CVE-2015-1791)

  - An out-of-bounds read flaw was found in the     X509_cmp_time() function of OpenSSL, which is used to     test the expiry dates of SSL/TLS certificates. An     attacker could possibly use a specially crafted SSL/TLS     certificate or CRL (Certificate Revocation List), which     when parsed by an application would cause that     application to crash.(CVE-2015-1789)

  - The ASN1_STRING_print_ex function in OpenSSL before     0.9.8k allows remote attackers to cause a denial of     service (invalid memory access and application crash)     via vectors that trigger printing of a (1) BMPString or     (2) UniversalString with an invalid encoded     length.(CVE-2009-0590)

  - An invalid-free flaw was found in the way OpenSSL     handled certain DTLS handshake messages. A malicious     DTLS client or server could send a specially crafted     message to the peer, which could cause the application     to crash or potentially result in arbitrary code     execution.(CVE-2014-8176)

  - The DTLS implementation in OpenSSL before 0.9.8s and     1.x before 1.0.0f performs a MAC check only if certain     padding is valid, which makes it easier for remote     attackers to recover plaintext via a padding oracle     attack.(CVE-2011-4108)

  - Off-by-one error in the SSL_get_shared_ciphers function     in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f,     might allow remote attackers to execute arbitrary code     via a crafted packet that triggers a one-byte buffer     underflow. NOTE: this issue was introduced as a result     of a fix for CVE-2006-3738. As of 20071012, it is     unknown whether code execution is     possible.(CVE-2007-5135)

  - A NULL pointer dereference flaw was found in the DTLS     implementation of OpenSSL. A remote attacker could send     a specially crafted DTLS message, which would cause an     OpenSSL server to crash.(CVE-2014-3571)

  - The asn1_d2i_read_bio function in     crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0     before 1.0.0i, and 1.0.1 before 1.0.1a does not     properly interpret integer data, which allows remote     attackers to conduct buffer overflow attacks, and cause     a denial of service (memory corruption) or possibly     have unspecified other impact, via crafted DER data, as     demonstrated by an X.509 certificate or an RSA public     key.(CVE-2012-2110)

  - It was discovered that the SSLv2 servers using OpenSSL     accepted SSLv2 connection handshakes that indicated     non-zero clear key length for non-export cipher suites.
    An attacker could use this flaw to decrypt recorded     SSLv2 sessions with the server by using it as a     decryption oracle.(CVE-2016-0703)

  - ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote     attackers to cause a denial of service (NULL pointer     dereference and daemon crash) via a DTLS     ChangeCipherSpec packet that occurs before     ClientHello.(CVE-2009-1386)

  - Memory leak in the zlib_stateful_finish function in     crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and     1.0.0 Beta through Beta 4 allows remote attackers to     cause a denial of service (memory consumption) via     vectors that trigger incorrect calls to the     CRYPTO_cleanup_all_ex_data function, as demonstrated by     use of SSLv3 and PHP with the Apache HTTP Server, a     related issue to CVE-2008-1678.(CVE-2009-4355)

  - A flaw was discovered in the way OpenSSL handled DTLS     packets. A remote attacker could use this flaw to cause     a DTLS server or client using OpenSSL to crash or use     excessive amounts of memory.(CVE-2014-3507)

  - The dtls1_buffer_record function in ssl/d1_pkt.c in     OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote     attackers to cause a denial of service (memory     consumption) via a large series of 'future epoch' DTLS     records that are buffered in a queue, aka 'DTLS record     buffer limitation bug.'(CVE-2009-1377)

  - A use-after-free flaw was found in the way OpenSSL     imported malformed Elliptic Curve private keys. A     specially crafted key file could cause an application     using OpenSSL to crash when imported.(CVE-2015-0209)

  - A denial of service flaw was found in the way OpenSSL     verified certain signed messages using CMS     (Cryptographic Message Syntax). A remote attacker could     cause an application using OpenSSL to use excessive     amounts of memory by sending a specially crafted     message for verification.(CVE-2015-1792)

  - A denial of service flaw was found in the way OpenSSL     handled SSLv2 handshake messages. A remote attacker     could use this flaw to cause a TLS/SSL server using     OpenSSL to exit on a failed assertion if it had both     the SSLv2 protocol and EXPORT-grade cipher suites     enabled.(CVE-2015-0293)

  - An invalid pointer use flaw was found in OpenSSL's     ASN1_TYPE_cmp() function. A remote attacker could crash     a TLS/SSL client or server using OpenSSL via a     specially crafted X.509 certificate when the     attacker-supplied certificate was verified by the     application.(CVE-2015-0286)

  - Multiple flaws were found in the way OpenSSL parsed     X.509 certificates. An attacker could use these flaws     to modify an X.509 certificate to produce a certificate     with a different fingerprint without invalidating its     signature, and possibly bypass fingerprint-based     blacklisting in applications.(CVE-2014-8275)

  - If an application encounters a fatal protocol error and     then calls SSL_shutdown() twice (once to send a     close_notify, and once to receive one) then OpenSSL can     respond differently to the calling application if a 0     byte record is received with invalid padding compared     to if a 0 byte record is received with an invalid MAC.
    If the application then behaves differently based on     that in a way that is detectable to the remote peer,     then this amounts to a padding oracle that could be     used to decrypt data. In order for this to be     exploitable 'non-stitched' ciphersuites must be in use.
    Stitched ciphersuites are optimised implementations of     certain commonly used ciphersuites. Also the     application must call SSL_shutdown() twice even if a     protocol error has occurred (applications should not do     this but some do anyway). Fixed in OpenSSL 1.0.2r     (Affected 1.0.2-1.0.2q).(CVE-2019-1559)

  - A flaw was found in the way the TLS protocol composes     the Diffie-Hellman exchange (for both export and     non-export grade cipher suites). An attacker could use     this flaw to downgrade a DHE connection to use     export-grade key sizes, which could then be broken by     sufficient pre-computation. This can lead to a passive     man-in-the-middle attack in which the attacker is able     to decrypt all traffic.(CVE-2015-4000)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

OpenSSL 0.9.8k was updated to fix several security issues :

CVE-2015-4000: The Logjam Attack (weakdh.org) has been addressed by rejecting connections with DH parameters shorter than 1024 bits.
2048-bit DH parameters are now generated by default.

CVE-2015-1788: Malformed ECParameters could cause an infinite loop.

CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.

CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent was fixed.

CVE-2015-1792: A CMS verification infinite loop when using an unknown hash function was fixed.

CVE-2015-1791: Fixed a race condition in NewSessionTicket creation.

CVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to locking regression.

Fixed a timing side channel in RSA decryption. (bsc#929678)

Additional changes :

In the default SSL cipher string EXPORT ciphers are now disabled. This will only get active if applications get rebuilt and actually use this string. (bsc#931698)

Added the ECC ciphersuites to the DEFAULT cipher class. (bsc#879179)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of OpenSSL installed on the remote AIX host is affected by multiple vulnerabilities :

  - An invalid free memory error exists due to improper     validation of user-supplied input when a DTLS peer     receives application data between ChangeCipherSpec and     Finished messages. A remote attacker can exploit this to     corrupt memory, resulting in a denial of service or     the execution of arbitrary code. (CVE-2014-8176)

  - A denial of service vulnerability exists when processing     an ECParameters structure due to an infinite loop that     occurs when a specified curve is over a malformed binary     polynomial field. A remote attacker can exploit this to     perform a denial of service against any system that     processes public keys, certificate requests, or     certificates. This includes TLS clients and TLS servers     with client authentication enabled. (CVE-2015-1788)

  - A denial of service vulnerability exists due to improper     validation of the content and length of the ASN1_TIME     string by the X509_cmp_time() function. A remote     attacker can exploit this, via a malformed certificate     and CRLs of various sizes, to cause a segmentation     fault, resulting in a denial of service condition. TLS     clients that verify CRLs are affected. TLS clients and     servers with client authentication enabled may be     affected if they use custom verification callbacks.
    (CVE-2015-1789)

  - A NULL pointer dereference flaw exists in the PKCS#7     parsing code due to incorrect handling of missing inner     'EncryptedContent'. This allows a remote attacker, via     specially crafted ASN.1-encoded PKCS#7 blobs with     missing content, to cause a denial of service condition     or other potential unspecified impacts. (CVE-2015-1790)

  - A double-free error exists due to a race condition that     occurs when a NewSessionTicket is received by a     multi-threaded client when attempting to reuse a     previous ticket. (CVE-2015-1791)

  - A denial of service vulnerability exists in the CMS code     due to an infinite loop that occurs when verifying a     signedData message. A remote attacker can exploit this     to cause a denial of service condition. (CVE-2015-1792)

  - A man-in-the-middle vulnerability, known as Logjam,     exists due to a flaw in the SSL/TLS protocol. A remote     attacker can exploit this flaw to downgrade connections     using ephemeral Diffie-Hellman key exchange to 512-bit     export-grade cryptography. (CVE-2015-4000)

ID	Name	Product	Family	Published	Updated	Severity
86949	Nessus 5.x < 5.2.12 / 6.x < 6.4 Multiple OpenSSL Vulnerabilities	Nessus	Misc.	11/19/2015	2/8/2023	high
84204	RHEL 6 / 7 : openssl (RHSA-2015:1115)	Nessus	Red Hat Local Security Checks	6/16/2015	2/5/2021	high
84301	Fedora 22 : openssl-1.0.1k-10.fc22 (2015-10047)	Nessus	Fedora Local Security Checks	6/22/2015	1/11/2021	high
84375	Fedora 21 : openssl-1.0.1k-10.fc21 (2015-10108)	Nessus	Fedora Local Security Checks	6/25/2015	1/11/2021	high
105000	Check Point Gaia Operating System Multiple Vulnerabilities (sk106499)	Nessus	Firewalls	12/4/2017	11/12/2025	high
125001	EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1548)	Nessus	Huawei Local Security Checks	5/14/2019	12/5/2022	medium
84559	SUSE SLED11 / SLES11 Security Update : OpenSSL (SUSE-SU-2015:1182-2) (Logjam)	Nessus	SuSE Local Security Checks	7/7/2015	12/5/2022	high
84880	AIX OpenSSL Advisory : openssl_advisory14.asc (Logjam)	Nessus	AIX Local Security Checks	7/20/2015	4/21/2023	high

Detections

Analytics

Plugins Search

high

high

high

high

high

medium

high

high