The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of OpenSSL 1.0.2i: NULL pointer dereference via CRL

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via a CRL on an application linked to OpenSSL 1.0.2i, in order to trigger a denial of service.
Severity of this announce: 2/4.
Creation date: 26/09/2016.
Références of this computer vulnerability: 1996096, 2000095, 2000209, 2003480, 2003620, 2003673, 2008828, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, cpuoct2017, CVE-2016-7052, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FreeBSD-SA-16:27.openssl, HPESBHF03856, JSA10759, openSUSE-SU-2016:2496-1, openSUSE-SU-2018:0458-1, SA132, SB10171, SP-CAAAPUE, SPL-129207, SSA:2016-270-01, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, SUSE-SU-2019:14246-1, TNS-2016-16, VIGILANCE-VUL-20701.

Description of the vulnerability

The OpenSSL version 1.0.2i product fixed a bug in CRL management.

However, this fix does not check if a pointer is NULL, before using it.

An attacker can therefore force a NULL pointer to be dereferenced via a CRL on an application linked to OpenSSL 1.0.2i, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

This security weakness impacts software or systems such as Blue Coat CAS, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Cisco ASR, Cisco Aironet, Cisco ATA, Cisco AnyConnect Secure Mobility Client, Cisco ACE, ASA, AsyncOS, Cisco Catalyst, Cisco Content SMA, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Cisco IPS, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Prime LMS, Cisco Router, Secure ACS, Cisco CUCM, Cisco Manager Attendant Console, Cisco Unified CCX, Cisco IP Phone, Cisco MeetingPlace, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless Controller, Fedora, FreeBSD, hMailServer, HP Switch, AIX, DB2 UDB, Tivoli Storage Manager, Tivoli Workload Scheduler, Juniper J-Series, Junos OS, Junos Space, NSM Central Manager, NSMXpress, ePO, Meinberg NTP Server, NetScreen Firewall, ScreenOS, OpenSSL, openSUSE, openSUSE Leap, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle iPlanet Web Server, Tuxedo, WebLogic, Oracle Web Tier, Base SAS Software, Shibboleth SP, Slackware, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Synology DS***, Synology RS***, Nessus.

Our Vigil@nce team determined that the severity of this threat bulletin is medium.

The trust level is of type confirmed by the editor, with an origin of internet client.

An attacker with a expert ability can exploit this threat.

Solutions for this threat

OpenSSL: version 1.0.2j.
The version 1.0.2j is fixed:
  https://www.openssl.org/

AIX: patch for OpenSSL.
A patch is available:
  https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp
  openssl-1.0.1.517.tar.Z
  openssl-1.0.2.1000.tar.Z
  openssl-20.13.101.500.tar.Z
  openssl-20.13.102.1000.tar.Z

Blue Coat: solution for OpenSSL.
The solution is indicated in information sources.

Cisco: solution for OpenSSL.
The solution is indicated in information sources.

Comware: solution for OpenSSL.
The solution is indicated in information sources.

Copssh: version 5.7.0.
The version 5.7.0 is fixed:
  https://www.itefix.net/

Fedora: new openssl packages.
New packages are available:
  Fedora 23: openssl 1.0.2j-1.fc23
  Fedora 24: openssl 1.0.2j-1.fc24

FreeBSD: patch for openssl.
A patch is indicated in information sources.

hMailServer: version 5.6.7.
The version 5.6.7 is fixed:
  https://www.hmailserver.com/download_getfile/?performdownload=1&downloadid=262

IBM Cognos Analytics: solution.
The solution is indicated in information sources.

IBM DB2: solution for FCM.
The solution is indicated in information sources.

IBM Spectrum Protect: versions 7.1.6.5 and 8.1.0.2.
Versions 7.1.6.5 and 8.1.0.2 are fixed:
  Version 7.1.6.5 : http://www-01.ibm.com/support/docview.wss?uid=swg24042496
  Version 8.1.0.2: http://www.ibm.com/support/docview.wss?uid=swg24043351

IBM Tivoli Workload Scheduler: patch for OpenSSL.
A patch reference is provided in the information sources for each supported version of Workload Scheduler.

Juniper: solution for OpenSSL.
The solution is indicated in information sources.

McAfee ePO: patch for OpenSSL.
A patch is indicated in information sources.

Meinberg NTP Server: version 4.2.8p10.
The version 4.2.8p10 is fixed:
  https://www.meinbergglobal.com/download/ntp/windows/ntp-4.2.8p10-win32-setup.exe

openSUSE Leap: new openssl-steam packages.
New packages are available:
  openSUSE Leap 42.3: libopenssl1_0_0-steam 1.0.2k-4.3.1

openSUSE: new nodejs packages (12/10/2016).
New packages are available:
  openSUSE 13.2: nodejs 4.6.0-24.2
  openSUSE Leap 42.1: nodejs 4.6.0-33.1

Oracle Communications: CPU of October 2017.
A Critical Patch Update is available.

Oracle Fusion Middleware: CPU of April 2017.
A Critical Patch Update is available:
  https://support.oracle.com/rs?type=doc&id=2228898.1

Oracle Fusion Middleware: CPU of January 2018.
A Critical Patch Update is available:
  https://support.oracle.com/rs?type=doc&id=2325393.1

SAS Base SAS Software: fixed versions for OpenSSL.
URLs of fixed versions are indicated in information sources.

Shibboleth Service Provider: version 2.6.0.1.
The version 2.6.0.1 is fixed:
  http://shibboleth.net/downloads/service-provider/latest/

Slackware: new openssl packages.
New packages are available:
  Slackware 14.2: openssl 1.0.2j-*-1_slack14.2

Splunk Enterprise: versions 6.0.13, 6.1.12, 6.2.12, 6.3.8, 6.4.5 and 6.5.1.
Versions 6.0.13, 6.1.12, 6.2.12, 6.3.8, 6.4.5 and 6.5.1 are fixed:
  http://www.splunk.com/

stunnel: version 5.37.
The version 5.37 is fixed:
  https://www.stunnel.org/downloads.html

SUSE LE 11 SP4: new MozillaFirefox packages (12/12/2019).
New packages are available:
  SUSE LE 11 SP4: MozillaFirefox 68.2.0-78.51.4

SUSE LE 12: new nodejs4 packages.
New packages are available:
  SUSE LE 12 RTM/SP1: nodejs4 4.6.0-8.1

SUSE LE 12 SP2: new nodejs4 packages.
New packages are available:
  SUSE LE 12 SP2: nodejs4 4.6.0-8.1

Synology RS/DS: version 6.0.2-8451-2.
The version 6.0.2-8451-2 is fixed:
  https://www.synology.com/

Tenable Nessus: version 6.9.0.
The version 6.9.0 is fixed:
  http://www.tenable.com/

Wind River Linux: solution for OpenSSL.
The solution is indicated in information sources.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides software vulnerability bulletins. The Vigil@nce vulnerability database contains several thousand vulnerabilities.