The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of OpenSSL: nine vulnerabilities

Synthesis of the vulnerability 

An attacker can use several vulnerabilities of OpenSSL.
Impacted software: ArubaOS, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Clearswift Email Gateway, Clearswift Web Gateway, Debian, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP-UX, AIX, Tivoli Workload Scheduler, ePO, NetBSD, OpenBSD, OpenSSL, openSUSE, openSUSE Leap, Solaris, Puppet, RHEL, JBoss EAP by Red Hat, RSA Authentication Manager, Slackware, Splunk Enterprise, stunnel, Nessus, Ubuntu.
Severity of this computer vulnerability: 3/4.
Number of vulnerabilities in this bulletin: 9.
Creation date: 07/08/2014.
Références of this announce: 1684444, aid-08182014, c04404655, CERTFR-2014-AVI-344, CERTFR-2014-AVI-395, CERTFR-2016-AVI-303, CTX216642, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139, DSA-2998-1, ESA-2014-103, FEDORA-2014-17576, FEDORA-2014-17587, FEDORA-2014-9301, FEDORA-2014-9308, FreeBSD-SA-14:18.openssl, HPSBUX03095, MDVSA-2014:158, NetBSD-SA2014-008, openSUSE-SU-2014:1052-1, openSUSE-SU-2016:0640-1, RHSA-2014:1052-01, RHSA-2014:1053-01, RHSA-2014:1054-01, RHSA-2014:1256-01, RHSA-2014:1297-01, RHSA-2015:0126-01, RHSA-2015:0197-01, SA85, SB10084, SOL15564, SOL15568, SOL15573, SSA:2014-220-01, SSRT101674, tns-2014-06, USN-2308-1, VIGILANCE-VUL-15130.

Description of the vulnerability 

Several vulnerabilities were announced in OpenSSL.

An attacker can send DTLS packets that will lead to double free of memory and then a crash, in order to trigger a denial of service. [severity:3/4; CVE-2014-3505]

An attacker can make an application consumes a large amount of memory in the processing of DTLS handshake packets, in order to trigger a denial of service. [severity:3/4; CVE-2014-3506]

An attacker can create a memory leak in the DTLS packet processing, in order to trigger a denial of service. [severity:3/4; CVE-2014-3507]

Pretty printing routines that use OID may provide information about the stack content. An attacker may be able to deduce sensitive information from that. [severity:1/4; CVE-2014-3508]

A client attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-3509]

A server attacker can force a NULL pointer to be dereferenced in the handshake processing if the client supports key exchange with anonymous Diffie-Hellman, in order to trigger a denial of service. [severity:2/4; CVE-2014-3510]

A client attacker can force use of TLS 1.0 by special fragmentation of the Client Hello message, in order to reduce the strength of negotiated algorithms. [severity:1/4; CVE-2014-3511]

An attacker can generate a buffer overflow in the processing of SRP parameters, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-3512]

An attacker can force a NULL pointer to be dereferenced in the TLS client by asserting support for SRP, in order to trigger a denial of service. [severity:2/4; CVE-2014-5139]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer threat alert impacts software or systems such as ArubaOS, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Clearswift Email Gateway, Clearswift Web Gateway, Debian, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP-UX, AIX, Tivoli Workload Scheduler, ePO, NetBSD, OpenBSD, OpenSSL, openSUSE, openSUSE Leap, Solaris, Puppet, RHEL, JBoss EAP by Red Hat, RSA Authentication Manager, Slackware, Splunk Enterprise, stunnel, Nessus, Ubuntu.

Our Vigil@nce team determined that the severity of this weakness announce is important.

The trust level is of type confirmed by the editor, with an origin of internet client.

This bulletin is about 9 vulnerabilities.

An attacker with a expert ability can exploit this computer weakness bulletin.

Solutions for this threat 

OpenSSL: version 1.0.1i.
The version 1.0.1i is fixed:
  http://www.openssl.org/source/openssl-1.0.1i.tar.gz

OpenSSL: version 1.0.0n.
The version 1.0.0n is fixed:
  http://www.openssl.org/source/openssl-1.0.0n.tar.gz

OpenSSL: version 0.9.8zb.
The version 0.9.8zb is fixed:
  http://www.openssl.org/source/openssl-0.9.8zb.tar.gz

Splunk Enterprise: version 6.0.6.
The version 6.0.6 is fixed:
  http://www.splunk.com/download

stunnel: version 5.03.
The version 5.03 is fixed:
  https://www.stunnel.org/downloads.html

Tenable Nessus: patch for OpenSSL.
A patch is available:
  https://support.tenable.com/support-center/index.php?x=&mod_id=160
Available patches target RHEL 5 and 6.

AIX: patch for OpenSSL.
A patch is available:
  ftp://aix.software.ibm.com/aix/efixes/security/openssl_fix10.tar

ArubaOS: versions 6.3.1.11 and 6.4.2.1.
Versions 6.3.1.11 and 6.4.2.1 are fixed:
  http://support.arubanetworks.com/

Blue Coat: solution for OpenSSL.
The solution is indicated in information sources.

Citrix NetScaler: fixed versions for LOM Firmware.
Fixed versions are indicated in information sources.

Citrix NetScaler Platform IPMI LOM: solution.
The solution is indicated in information sources.

Clearswift SECURE Email Gateway: version 3.8.2.
The version 3.8.2 is fixed:
  http://app-patches.clearswift.net/Patches/Patch3_8_2en.htm

Clearswift SECURE Web Gateway: version 3.2.2.
The version 3.2.2 is fixed:
  http://app-patches.clearswift.net/Patches/spyware/Patch3_2_2en.htm

Debian: new openssl packages.
New packages are available:
  Debian 7: openssl 1.0.1e-2+deb7u12

F5 BIG-IP: fixed versions for OpenSSL.
Fixed versions are indicated in information sources.

Fedora: new mingw-openssl packages.
New packages are available:
  Fedora 20: mingw-openssl 1.0.1j-1.fc20
  Fedora 21: mingw-openssl 1.0.1j-1.fc21

Fedora: new openssl packages.
New packages are available:
  Fedora 19: openssl 1.0.1e-39.fc19
  Fedora 20: openssl 1.0.1e-39.fc20

FreeBSD: patch for OpenSSL.
A patch is available:
  http://security.FreeBSD.org/patches/SA-14:18/openssl-10.0.patch
  http://security.FreeBSD.org/patches/SA-14:18/openssl-9.3.patch
  http://security.FreeBSD.org/patches/SA-14:18/openssl-9.patch

HP-UX: new OpenSSL packages.
New packages are available:
  https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=OPENSSL11I
  HP-UX B.11.11 (11i v1): OpenSSL_A.00.09.08zb.001_HP-UX_B.11.11_32_64.depot
  HP-UX B.11.23 (11i v2): OpenSSL_A.00.09.08zb.002_HP-UX_B.11.23_IA-PA.depot
  HP-UX B.11.31 (11i v3): OpenSSL_A.00.09.08zb.003_HP-UX_B.11.31_IA-PA.depot

IBM Tivoli WorkLoad Scheduler: APAR IV64803.
A patch is available in information sources.

Mandriva: new openssl packages.
New packages are available:
  Mandriva BS1: openssl 1.0.0n-1.mbs1

McAfee ePO: patch for OpenSSL.
A patch is available in information sources.

NetBSD: patch for OpenSSL.
A patch is available in information sources.

OpenBSD 5: patch for openssl.
A patch is available in information sources. One is for OpenBSD 5.5 and the other one is for OpenBSD 5.4.

OpenBSD: LibreSSL version 2.0.5.
LibreSSL version 2.0.5 is fixed.

openSUSE: new libopenssl0_9_8 packages.
New packages are available:
  openSUSE 13.2: libopenssl0_9_8 0.9.8zh-9.3.1
  openSUSE Leap 42.1: libopenssl0_9_8 0.9.8zh-14.1

openSUSE: new openssl packages.
New packages are available:
  openSUSE 13.1: openssl 1.0.1i-11.52.1
  openSUSE 12.3: openssl 1.0.1i-1.64.1

Puppet Enterprise: version 2.8.8.
The version 2.8.8 is fixed:
  http://puppetlabs.com/

Puppet Enterprise: version 3.3.2.
The version 3.3.2 is fixed:
  http://puppetlabs.com/

Red Hat JBoss EAP: patch for OpenSSL.
A patch is available:
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.3

Red Hat JBoss Web Server: patch for OpenSSL.
A patch is available:
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=2.1.0

Red Hat Storage: new openssl packages.
New packages are available:
  RHEL 6: openssl 1.0.1e-16.el6_5.15

RHEL 5: new openssl packages.
New packages are available:
  RHEL 5: openssl 0.9.8e-27.el5_10.4

RHEL 6 RHEV Hypervisor: new rhev-hypervisor6 packages.
New packages are available:
  RHEL 6: rhev-hypervisor6 6.6-20150123.1.el6ev

RHEL 6 RHEV-M: new rhevm-spice-client packages.
New packages are available:
  RHEL 6: rhevm-spice-client 3.5-2.el6

RHEL: new openssl packages.
New packages are available:
  RHEL 6: openssl 1.0.1e-16.el6_5.15
  RHEL 7: openssl 1.0.1e-34.el7_0.4

RSA Authentication Manager: solution for OpenSSL.
The solution is indicated in information sources.

slackware: new openssl packages.
New packages are available:
  Slackware 13.0: openssl 0.9.8zb-i486-1_slack13.0
  Slackware 13.1: openssl 0.9.8zb-i486-1_slack13.1
  Slackware 13.37: openssl 0.9.8zb-i486-1_slack13.37
  Slackware 14.0: openssl 1.0.1i-i486-1_slack14.0
  Slackware 14.1: openssl 1.0.1i-i486-1_slack14.1

Solaris 10: patch for OpenSSL.
A patch is available:
  SPARC: 148071-14
  X86: 148072-14

Solaris 11: version 11.2.2.5.0.
The version 11.2.2.5.0 is fixed:
  https://support.oracle.com/rs?type=doc&id=1925904.1

Ubuntu: new OpenSSL packages.
New packages are available:
  Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.5
  Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.17
  Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.20

WS_FTP Server: version 7.7.
The version 7.7 is fixed:
  http://www.ipswitchft.com/ws-ftp-server
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides system vulnerability announces. The Vigil@nce vulnerability database contains several thousand vulnerabilities.