The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of OpenSSL: denial of service via ServerKeyExchange

Synthesis of the vulnerability 

An attacker can send a malicious ServerKeyExchange message to a client compiled with OpenSSL, in order to trigger a denial of service.
Impacted systems: Tomcat, Cisco ASR, Cisco ATA, Cisco AnyConnect Secure Mobility Client, ASA, AsyncOS, Cisco Content SMA, Cisco ESA, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco PRSM, Secure ACS, Cisco CUCM, Cisco MeetingPlace, Cisco WSA, Cisco Wireless Controller, HP Switch, IRAD, Tivoli Storage Manager, Juniper J-Series, Junos OS, Junos Space, NSM Central Manager, NSMXpress, Data ONTAP 7-Mode, NetScreen Firewall, ScreenOS, OpenSSL, openSUSE, Palo Alto Firewall PA***, PAN-OS, Puppet, Slackware, Ubuntu.
Severity of this alert: 2/4.
Creation date: 04/12/2015.
Références of this alert: 1972951, 2003480, 2003620, 2003673, 9010051, c05398322, cisco-sa-20151204-openssl, CVE-2015-1794, HPESBHF03709, JSA10759, NTAP-20151207-0001, openSUSE-SU-2016:0637-1, PAN-SA-2016-0020, PAN-SA-2016-0028, SSA:2015-349-04, USN-2830-1, VIGILANCE-VUL-18443.

Description of the vulnerability 

The OpenSSL library implements TLS with the anonymous DH ciphersuite.

However, if the TLS server sends a ServerKeyExchange message with a value of p parameter set to zero, a fatal error occurs in the client linked to OpenSSL.

An attacker can therefore send a malicious ServerKeyExchange message to a client compiled with OpenSSL, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This security note impacts software or systems such as Tomcat, Cisco ASR, Cisco ATA, Cisco AnyConnect Secure Mobility Client, ASA, AsyncOS, Cisco Content SMA, Cisco ESA, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco PRSM, Secure ACS, Cisco CUCM, Cisco MeetingPlace, Cisco WSA, Cisco Wireless Controller, HP Switch, IRAD, Tivoli Storage Manager, Juniper J-Series, Junos OS, Junos Space, NSM Central Manager, NSMXpress, Data ONTAP 7-Mode, NetScreen Firewall, ScreenOS, OpenSSL, openSUSE, Palo Alto Firewall PA***, PAN-OS, Puppet, Slackware, Ubuntu.

Our Vigil@nce team determined that the severity of this threat announce is medium.

The trust level is of type confirmed by the editor, with an origin of internet server.

An attacker with a expert ability can exploit this computer weakness announce.

Solutions for this threat 

OpenSSL: version 1.0.2e.
The version 1.0.2e is fixed:
  http://openssl.org/source/

Apache Tomcat: version 8.0.32.
The version 8.0.32 is fixed:
  http://tomcat.apache.org/download-80.cgi

Cisco: solution for OpenSSL.
The solution is indicated in information sources.

HPE Comware Switch: solution for OpenSSL.
The solution is indicated in information sources.

IBM Rational Application Developer: patch for OpenSSL.
A patch is indicated in information sources.

IBM Spectrum Protect: versions 7.1.6.5 and 8.1.0.2.
Versions 7.1.6.5 and 8.1.0.2 are fixed:
  Version 7.1.6.5 : http://www-01.ibm.com/support/docview.wss?uid=swg24042496
  Version 8.1.0.2: http://www.ibm.com/support/docview.wss?uid=swg24043351

Juniper: solution for OpenSSL.
The solution is indicated in information sources.

NetApp Data ONTAP: patch for OpenSSL 12/2015.
A patch is available:
  Data ONTAP SMI-S Agent: https://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=971461

openSUSE 11.4: new openssl packages.
New packages are available:
  openSUSE 11.4: openssl 1.0.1p-71.1

PAN-OS: versions 5.0.20, 5.1.13, 6.0.14, 6.1.13, 7.0.9 and 7.1.4.
Versions 5.0.20, 5.1.13, 6.0.14, 6.1.13, 7.0.9 and 7.1.4 are fixed.

Puppet Agent: version 1.3.4.
The version 1.3.4 is fixed:
  https://puppetlabs.com/

Slackware: new openssl packages.
New packages are available:
  Slackware 13.0: openssl 0.9.8zh-*-1_slack13.0
  Slackware 13.1: openssl 0.9.8zh-*-1_slack13.1
  Slackware 13.37: openssl 0.9.8zh-*-1_slack13.37
  Slackware 14.0: openssl 1.0.1q-*-1_slack14.0
  Slackware 14.1: openssl 1.0.1q-*-1_slack14.1

Ubuntu: new libssl1.0.0 packages.
New packages are available:
  Ubuntu 15.10: libssl1.0.0 1.0.2d-0ubuntu1.2
  Ubuntu 15.04: libssl1.0.0 1.0.1f-1ubuntu11.5
  Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.16
  Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.32
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computer vulnerability bulletin. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.