CVE-2015-0293 – openssl: assertion failure in SSLv2 servers
https://notcve.org/view.php?id=CVE-2015-0293
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message. La implementación SSLv2 en OpenSSL anterior a 0.9.8zf, 1.0.0 anterior a 1.0.0r, 1.0.1 anterior a 1.0.1m, y 1.0.2 anterior a 1.0.2a permite a atacantes remotos causar una denegación de servicio (fallo de aserción s2_lib.c y salida del demonio) a través de un mensaje CLIENT-MASTER-KEY manipulado. A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680 http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.html http://lists.fedoraproject.org/pipermail/package-announce/ • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVE-2015-0204 – openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)
https://notcve.org/view.php?id=CVE-2015-0204
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations. La función ssl3_get_key_exchange en s3_clnt.c en OpenSSL en versiones anteriores a 0.9.8zd, 1.0.0 en versiones anteriores a 1.0.0p y 1.0.1 en versiones anteriores a 1.0.1k permite a servidores SSL remotos llevar a cabo ataques de degradación de versión RSA-a-EXPORT_RSA y facilitar el descifrado de fuerza bruta ofreciendo una clave RSA efímera débil en un rol no sumiso, relacionado con el caso "FREAK" . NOTA: el alcance de esta CVE es solo código cliente basado en OpenSSL, no un problema de EXPORT_RSA asociado con servidores u otras implementaciones TLS. It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. • https://github.com/AbhishekGhosh/FREAK-Attack-CVE-2015-0204-Testing-Script http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10679 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.ht • CWE-310: Cryptographic Issues CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVE-2014-3570 – openssl: Bignum squaring may produce incorrect results
https://notcve.org/view.php?id=CVE-2014-3570
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c. La implementación BN_sqr en OpenSSL anterior a 0.9.8zd, 1.0.0 anterior a 1.0.0p, y 1.0.1 anterior a 1.0.1k no calcula correctamente el cuadrado de un valor BIGNUM, lo que podría facilitar a atacantes remotos superar los mecanismos de protección criptográficos a través de vectores no especificados, relacionado con crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, y crypto/bn/bn_asm.c. It was found that OpenSSL's BigNumber Squaring implementation could produce incorrect results under certain special conditions. This flaw could possibly affect certain OpenSSL library functionality, such as RSA blinding. Note that this issue occurred rarely and with a low probability, and there is currently no known way of exploiting it. • https://github.com/uthrasri/CVE-2014-3570 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10679 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147938.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148363.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html http://lis • CWE-310: Cryptographic Issues •
CVE-2014-3571 – openssl: DTLS segmentation fault in dtls1_get_record
https://notcve.org/view.php?id=CVE-2014-3571
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c. OpenSSL anterior a 0.9.8zd, 1.0.0 anterior a 1.0.0p, y 1.0.1 anterior a 1.0.1k permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo y caída de la aplicación) a través de un mensaje DTLS manipulado que se procesa con un operación diferente de lectura para la cabecera de negociación que la del cuerpo de la negociación, relacionado con la función dtls1_get_record en d1_pkt.c y la función ssl3_read_n en s3_pkt.c. A NULL pointer dereference flaw was found in the DTLS implementation of OpenSSL. A remote attacker could send a specially crafted DTLS message, which would cause an OpenSSL server to crash. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147938.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148363.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html http://marc.info/?l=bugtraq&m=142496179803395&w •
CVE-2014-3572 – openssl: ECDH downgrade bug fix
https://notcve.org/view.php?id=CVE-2014-3572
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message. La función ssl3_get_key_exchange function en s3_clnt.c en OpenSSL en versiones anteriores a 0.9.8zd, 1.0.0 en versiones anteriores a 1.0.0p y 1.0.1 en versiones anteriores a 1.0.1k permite a servidores SSL remotos llevar a cabo ataques de desactualización ECDHE-to-ECDH y desencadenar una pérdida de confidencialidad directa omitiendo los mensajes ServerKeyExchange. It was discovered that OpenSSL would perform an ECDH key exchange with a non-ephemeral key even when the ephemeral ECDH cipher suite was selected. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method than the one requested by the user. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10679 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.h • CWE-310: Cryptographic Issues •