libressl was updated to version 2.2.1 to fix 16 security issues.

LibreSSL is a fork of OpenSSL. Because of that CVEs affecting OpenSSL often also affect LibreSSL.

These security issues were fixed :

  - CVE-2014-3570: The BN_sqr implementation in OpenSSL     before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before     1.0.1k did not properly calculate the square of a BIGNUM     value, which might make it easier for remote attackers     to defeat cryptographic protection mechanisms via     unspecified vectors, related to crypto/bn/asm/mips.pl,     crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c     (bsc#912296).

  - CVE-2014-3572: The ssl3_get_key_exchange function in     s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before     1.0.0p, and 1.0.1 before 1.0.1k allowed remote SSL     servers to conduct ECDHE-to-ECDH downgrade attacks and     trigger a loss of forward secrecy by omitting the     ServerKeyExchange message (bsc#912015).

  - CVE-2015-1792: The do_free_upto function in     crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0     before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before     1.0.2b allowed remote attackers to cause a denial of     service (infinite loop) via vectors that trigger a NULL     value of a BIO data structure, as demonstrated by an     unrecognized X.660 OID for a hash function (bsc#934493).

  - CVE-2014-8275: OpenSSL before 0.9.8zd, 1.0.0 before     1.0.0p, and 1.0.1 before 1.0.1k did not enforce certain     constraints on certificate data, which allowed remote     attackers to defeat a fingerprint-based     certificate-blacklist protection mechanism by including     crafted data within a certificate's unsigned portion,     related to crypto/asn1/a_verify.c,     crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and     crypto/x509/x_all.c (bsc#912018).

  - CVE-2015-0209: Use-after-free vulnerability in the     d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in     OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1     before 1.0.1m, and 1.0.2 before 1.0.2a might allowed     remote attackers to cause a denial of service (memory     corruption and application crash) or possibly have     unspecified other impact via a malformed Elliptic Curve     (EC) private-key file that is improperly handled during     import (bsc#919648).

  - CVE-2015-1789: The X509_cmp_time function in     crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0     before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before     1.0.2b allowed remote attackers to cause a denial of     service (out-of-bounds read and application crash) via a     crafted length field in ASN1_TIME data, as demonstrated     by an attack against a server that supports client     authentication with a custom verification callback     (bsc#934489).

  - CVE-2015-1788: The BN_GF2m_mod_inv function in     crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0     before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before     1.0.2b did not properly handle ECParameters structures     in which the curve is over a malformed binary polynomial     field, which allowed remote attackers to cause a denial     of service (infinite loop) via a session that used an     Elliptic Curve algorithm, as demonstrated by an attack     against a server that supports client authentication     (bsc#934487).

  - CVE-2015-1790: The PKCS7_dataDecodefunction in     crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0     before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before     1.0.2b allowed remote attackers to cause a denial of     service (NULL pointer dereference and application crash)     via a PKCS#7 blob that used ASN.1 encoding and lacks     inner EncryptedContent data (bsc#934491).

  - CVE-2015-0287: The ASN1_item_ex_d2i function in     crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0     before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before     1.0.2a did not reinitialize CHOICE and ADB data     structures, which might allowed attackers to cause a     denial of service (invalid write operation and memory     corruption) by leveraging an application that relies on     ASN.1 structure reuse (bsc#922499).

  - CVE-2015-0286: The ASN1_TYPE_cmp function in     crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0     before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before     1.0.2a did not properly perform boolean-type     comparisons, which allowed remote attackers to cause a     denial of service (invalid read operation and     application crash) via a crafted X.509 certificate to an     endpoint that used the certificate-verification feature     (bsc#922496).

  - CVE-2015-0289: The PKCS#7 implementation in OpenSSL     before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before     1.0.1m, and 1.0.2 before 1.0.2a did not properly handle     a lack of outer ContentInfo, which allowed attackers to     cause a denial of service (NULL pointer dereference and     application crash) by leveraging an application that     processes arbitrary PKCS#7 data and providing malformed     data with ASN.1 encoding, related to     crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c     (bsc#922500).

  - CVE-2015-0288: The X509_to_X509_REQ function in     crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0     before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before     1.0.2a might allowed attackers to cause a denial of     service (NULL pointer dereference and application crash)     via an invalid certificate key (bsc#920236).

  - CVE-2014-8176: The dtls1_clear_queues function in     ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before     1.0.0m, and 1.0.1 before 1.0.1h frees data structures     without considering that application data can arrive     between a ChangeCipherSpec message and a Finished     message, which allowed remote DTLS peers to cause a     denial of service (memory corruption and application     crash) or possibly have unspecified other impact via     unexpected application data (bsc#934494).

  - CVE-2015-4000: The TLS protocol 1.2 and earlier, when a     DHE_EXPORT ciphersuite is enabled on a server but not on     a client, did not properly convey a DHE_EXPORT choice,     which allowed man-in-the-middle attackers to conduct     cipher-downgrade attacks by rewriting a ClientHello with     DHE replaced by DHE_EXPORT and then rewriting a     ServerHello with DHE_EXPORT replaced by DHE, aka the     'Logjam' issue (bsc#931600).

  - CVE-2015-0205: The ssl3_get_cert_verify function in     s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1     before 1.0.1k accepts client authentication with a     Diffie-Hellman (DH) certificate without requiring a     CertificateVerify message, which allowed remote     attackers to obtain access without knowledge of a     private key via crafted TLS Handshake Protocol traffic     to a server that recognizes a Certification Authority     with DH support (bsc#912293).

  - CVE-2015-0206: Memory leak in the dtls1_buffer_record     function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and     1.0.1 before 1.0.1k allowed remote attackers to cause a     denial of service (memory consumption) by sending many     duplicate records for the next epoch, leading to failure     of replay detection (bsc#912292).

The Cisco Application Control Engine (ACE) software installed on the remote Cisco ACE 4710 device or ACE30 module is version A5 prior to A5(3.3). It is, therefore, affected by multiple vulnerabilities :

  - An invalid free memory error exists due to improper     validation of user-supplied input when a DTLS peer     receives application data between ChangeCipherSpec and     Finished messages. A remote attacker can exploit this to     corrupt memory, resulting in a denial of service or     the execution of arbitrary code. (CVE-2014-8176)

  - A denial of service vulnerability exists when processing     an ECParameters structure due to an infinite loop that     occurs when a specified curve is over a malformed binary     polynomial field. A remote attacker can exploit this to     perform a denial of service against any system that     processes public keys, certificate requests, or     certificates. This includes TLS clients and TLS servers     with client authentication enabled. (CVE-2015-1788)

  - A denial of service vulnerability exists due to improper     validation of the content and length of the ASN1_TIME     string by the X509_cmp_time() function. A remote     attacker can exploit this, via a malformed certificate     and CRLs of various sizes, to cause a segmentation     fault, resulting in a denial of service condition. TLS     clients that verify CRLs are affected. TLS clients and     servers with client authentication enabled may be     affected if they use custom verification callbacks.
    (CVE-2015-1789)

  - A NULL pointer dereference flaw exists in the PKCS#7     parsing code due to incorrect handling of missing inner     'EncryptedContent'. This allows a remote attacker, via     specially crafted ASN.1-encoded PKCS#7 blobs with     missing content, to cause a denial of service condition     or other potential unspecified impacts. (CVE-2015-1790)

  - A double-free error exists due to a race condition that     occurs when a NewSessionTicket is received by a     multi-threaded client when attempting to reuse a     previous ticket. A remote attacker can exploit this to     cause a denial of service condition or other potential     unspecified impact. (CVE-2015-1791)

  - A denial of service vulnerability exists in the CMS code     due to an infinite loop that occurs when verifying a     signedData message. A remote attacker can exploit this     to cause a denial of service condition. (CVE-2015-1792)

  - The symmetric-key feature in the receive function     requires a correct message authentication code (MAC)     only if the MAC field has a nonzero length. This makes     it easier for a man-in-the-middle attacker to spoof     packets by omitting the MAC. (CVE-2015-1798)

  - A flaw exists in the symmetric-key feature in the     receive function when handling a specially crafted     packet sent to one of two hosts that are peering with     each other. This allows an attacker to cause the next     attempt by the servers to synchronize to fail.
    (CVE-2015-1799)

  - A man-in-the-middle vulnerability, known as Logjam,     exists due to a flaw in the SSL/TLS protocol. A remote     attacker can exploit this flaw to downgrade connections     using ephemeral Diffie-Hellman key exchange to 512-bit     export-grade cryptography. (CVE-2015-4000)

  - A flaw exists in the TLS 1.x implementation in the     Cavium SDK due to a failure to check the first byte of     the padding bytes. A man-in-the-middle attacker can     exploit this, by sending specially crafted requests to     the server, to induce requests that allow determining     the plaintext chunks of data. This vulnerability is a     variant of the POODLE attack. (CVE-2015-4595)

According to its self-reported version number, the remote pfSense install is prior to 2.2.3. It is, therefore, affected by multiple vulnerabilities as stated in the referenced vendor advisories.

Versions of OpenSSL prior to 1.0.1n, or 1.0.2b are unpatched for the following vulnerabilities :

  - A man-in-the-middle vulnerability, known as Logjam, exists due to a flaw in the SSL/TLS protocol. A remote attacker can exploit this flaw to downgrade connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. (CVE-2015-4000)

  - A denial of service vulnerability exists when processing an ECParameters structure due to an infinite loop that occurs when a specified curve is over a malformed binary polynomial field. A remote attacker can exploit this to perform a denial of service against any system that processes public keys, certificate requests, or certificates. This includes TLS clients and TLS servers with client authentication enabled. (CVE-2015-1788)

  - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1_TIME string by the X509_cmp_time() function. A remote attacker can exploit this, via a malformed certificate and CRLs of various sizes, to cause a segmentation fault, resulting in a denial of service condition. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. (CVE-2015-1789)

  - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing inner 'EncryptedContent'. This allows a remote attacker, via specially crafted ASN.1-encoded PKCS#7 blobs with missing content, to cause a denial of service condition or other potential unspecified impacts. (CVE-2015-1790)

  - A double-free error exists due to a race condition that occurs when a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket. (CVE-2015-1791)

  - A denial of service vulnerability exists in the CMS code due to an infinite loop that occurs when verifying a signedData message. A remote attacker can exploit this to cause a denial of service condition. (CVE-2015-1792)

  - An off-by-one overflow condition affects the BN_rand() function in 'crypto/bn/random.c'. The issue is triggered as user-supplied input is not properly validated. This may allow an attacker to cause a buffer overflow, resulting in a denial of service.

  - An off-by-one overflow condition affects the BN_bn2hex() function in 'crypto/bn/bn_print.c'. The issue is triggered as user-supplied input is not properly validated. This may allow an attacker to cause a buffer overflow, potentially resulting in a denial of service or another, more severe impact.

The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of- bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Versions of OpenSSL prior to 0.9.8zg, or 1.0.0 prior to 1.0.0s are unpatched for the following vulnerabilities :

  - A denial of service vulnerability exists when processing an ECParameters structure due to an infinite loop that occurs when a specified curve is over a malformed binary polynomial field. A remote attacker can exploit this to perform a denial of service against any system that processes public keys, certificate requests, or certificates. This includes TLS clients and TLS servers with client authentication enabled. (CVE-2015-1788)

  - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1_TIME string by the X509_cmp_time() function. A remote attacker can exploit this, via a malformed certificate and CRLs of various sizes, to cause a segmentation fault, resulting in a denial of service condition. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. (CVE-2015-1789)

  - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing inner 'EncryptedContent'. This allows a remote attacker, via specially crafted ASN.1-encoded PKCS#7 blobs with missing content, to cause a denial of service condition or other potential unspecified impacts. (CVE-2015-1790)

  - A double-free error exists due to a race condition that occurs when a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket. (CVE-2015-1791)

  - A denial of service vulnerability exists in the CMS code due to an infinite loop that occurs when verifying a signedData message. A remote attacker can exploit this to cause a denial of service condition. (CVE-2015-1792)

  - An off-by-one overflow condition affects the BN_rand() function in 'crypto/bn/random.c'. The issue is triggered as user-supplied input is not properly validated. This may allow an attacker to cause a buffer overflow, resulting in a denial of service.

  - An off-by-one overflow condition affects the BN_bn2hex() function in 'crypto/bn/bn_print.c'. The issue is triggered as user-supplied input is not properly validated. This may allow an attacker to cause a buffer overflow, potentially resulting in a denial of service or another, more severe impact.

The remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.5. The installed version is affected by multiple vulnerabilities in the following components :

 - apache (CVE-2014-3581, CVE-2014-3583, CVE-2014-8109, CVE-2015-0228, CVE-2015-0253, CVE-2015-3183, CVE-2015-3185)
 - apache_mod_php (CVE-2015-2783, CVE-2015-2787, CVE-2015-3307, CVE-2015-3329, CVE-2015-3330, CVE-2015-4021, CVE-2015-4022, CVE-2015-4024, CVE-2015-4025, CVE-2015-4026, CVE-2015-4147, CVE-2015-4148)
 - Apple ID OD Plug-in (CVE-2015-3799)
 - AppleGraphicsControl (CVE-2015-5768)
 - Bluetooth (CVE-2015-3777, CVE-2015-3779, CVE-2015-3780, CVE-2015-3786, CVE-2015-3787)
 - bootp (CVE-2015-3778)
 - CloudKit (CVE-2015-3782)
 - CoreMedia Playback (CVE-2015-5777, CVE-2015-5778)
 - CoreText (CVE-2015-5761, CVE-2015-5755)
 - curl (CVE-2014-3613, CVE-2014-3620, CVE-2014-3707, CVE-2014-8150, CVE-2014-8151, CVE-2015-3143, CVE-2015-3144, CVE-2015-3145, CVE-2015-3148, CVE-2015-3153)
 - Data Detectors Engine (CVE-2015-5750)
 - Date & Time pref pane (CVE-2015-3757)
 - Dictionary Application (CVE-2015-3774)
 - DiskImages (CVE-2015-3800)
 - dyld (CVE-2015-3760)
 - FontParser (CVE-2015-3804, CVE-2015-5775, CVE-2015-5756)
 - groff (CVE-2009-5044, CVE-2009-5078)
 - ImageIO (CVE-2015-5758, CVE-2015-5781, CVE-2015-5782)
 - Install Framework Legacy (CVE-2015-5784, CVE-2015-5754)
 - IOFireWireFamily (CVE-2015-3769, CVE-2015-3771, CVE-2015-3772)
 - IOGraphics (CVE-2015-3770, CVE-2015-5783)
 - IOHIDFamily (CVE-2015-5774)
 - Kernel (CVE-2015-3766, CVE-2015-3768, CVE-2015-5747, CVE-2015-5748, CVE-2015-3806, CVE-2015-3803, CVE-2015-3802, CVE-2015-3805, CVE-2015-3776, CVE-2015-3761)
 - Libc (CVE-2015-3796, CVE-2015-3797, CVE-2015-3798)
 - Libinfo (CVE-2015-5776)
 - libpthread (CVE-2015-5757)
 - libxml2 (CVE-2014-0191, CVE-2014-3660, CVE-2015-3807)
 - libxpc (CVE-2015-3795)
 - mail_cmds (CVE-2014-7844)
 - Notification Center OSX (CVE-2015-3764)
 - ntfs (CVE-2015-5763)
 - OpenSSH (CVE-2015-5600)
 - OpenSSL (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)
 - perl (CVE-2013-7422)
 - PostgreSQL (CVE-2014-0067, CVE-2014-8161, CVE-2015-0241, CVE-2015-0242, CVE-2015-0243, CVE-2015-0244)
 - python (CVE-2013-7040, CVE-2013-7338, CVE-2014-1912, CVE-2014-7185, CVE-2014-9365)
 - QL Office (CVE-2015-5773, CVE-2015-3784)
 - Quartz Composer Framework (CVE-2015-5771)
 - Quick Look (CVE-2015-3781)
 - QuickTime 7 (CVE-2015-3779, CVE-2015-5753, CVE-2015-5779, CVE-2015-3765, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751)
 - SceneKit (CVE-2015-5772, CVE-2015-3783)
 - Security (CVE-2015-3775)
 - SMBClient (CVE-2015-3773)
 - Speech UI (CVE-2015-3794)
 - sudo (CVE-2013-1775, CVE-2013-1776, CVE-2013-2776, CVE-2013-2777, CVE-2014-0106, CVE-2014-9680)
 - tcpdump (CVE-2014-8767, CVE-2014-8769, CVE-2014-9140)
 - Text Formats (CVE-2015-3762)
 - udf (CVE-2015-3767)

 Note that successful exploitation of the most serious issues can result in arbitrary code execution.

ID	Name	Product	Family	Published	Updated	Severity
84998	openSUSE Security Update : libressl (openSUSE-2015-507) (Logjam)	Nessus	SuSE Local Security Checks	7/27/2015	12/5/2022	high
91427	Cisco ACE 4710 Appliance / ACE30 Module Multiple Vulnerabilities (Logjam)	Nessus	CISCO	6/1/2016	12/5/2022	high
106495	pfSense < 2.2.3 Multiple Vulnerabilities (SA-15_07) (Logjam)	Nessus	Firewalls	1/31/2018	10/30/2025	critical
8790	OpenSSL 1.0.1 < 1.0.1n / 1.0.2 < 1.0.2b Multiple Vulnerabilities (Logjam)	Nessus Network Monitor	Web Servers	6/22/2015	3/6/2019	medium
503053	Siemens SCALANCE X-200RNA Switch Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2015-1789)	Tenable OT Security	Tenable.ot	3/13/2025	3/13/2025	high
8791	OpenSSL 0.9.8 < 0.9.8zg / 1.0.0 < 1.0.0s Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	6/22/2015	3/6/2019	medium
8981	Mac OS X < 10.10.5 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	10/16/2015	3/6/2019	high

Detections

Analytics

Plugins Search

high

high

critical

medium

high

medium

high