Facebook Google Plus Twitter LinkedIn YouTube RSS 功能表 搜尋 Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

OpenSSL < 1.0.2a Multiple Vulnerabilities

Medium

Synopsis

The remote web server is affected by multiple vulnerabilities.

Description

Versions of OpenSSL 1.0.2 are potentially affected by the following vulnerabilities :

- A flaw exists in the DTLSv1_listen() function due to due to state being preserved in the SSL object from one invocation to the next.A remote attacker can exploit this, via crafted DTLS traffic, to cause a segmentation fault, resulting in a denial of service.(CVE-2015-0207) - TA flaw exists in the rsa_item_verify() function due to improper implementation of ASN.1 signature verification.A remote attacker can exploit this, via an ASN.1 signature using the RSA PSS algorithm and invalid parameters, to cause a NULL pointer dereference, resulting in a denial of service.(CVE-2015-0208)

- A flaw exists in the ssl3_client_hello() function due to improper validation of a PRNG seed before proceeding with a handshake, resulting in insufficient entropy and predictable output.This allows a man-in-the-middle attacker to defeat cryptographic protection mechanisms via a brute-force attack, resulting in the disclosure of sensitive information.(CVE-2015-0285)

- A flaw exists with the 'multiblock' feature in the ssl3_write_bytes() function due to improper handling of certain non-blocking I/O cases.This allows a remote attacker to cause failed connections or a segmentation fault, resulting in a denial of service.(CVE-2015-0290)

- A NULL pointer dereference flaw exists when handling clients attempting to renegotiate using an invalid signature algorithm extension.A remote attacker can exploit this to cause a denial of service.(CVE-2015-0291)

- A flaw exists in the ssl3_get_client_key_exchange() function when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled.This allows a remote attacker, via a ClientKeyExchange message with a length of zero, to cause a denial of service.(CVE-2015-1787)

解決方案

Upgrade to OpenSSL 1.0.2a or later.