The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of OpenSSL: seven vulnerabilities

Synthesis of the vulnerability 

An attacker can use several vulnerabilities of OpenSSL.
Impacted software: Blue Coat CAS, ProxyAV, ProxySG par Blue Coat, Brocade Network Advisor, Brocade vTM, Cisco ASR, Cisco ATA, Cisco AnyConnect Secure Mobility Client, Cisco ACE, ASA, IOS by Cisco, IOS XE Cisco, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Prime Collaboration Manager, Prime Infrastructure, Cisco Prime LMS, Cisco PRSM, Cisco CUCM, Cisco Unified CCX, Cisco IP Phone, Cisco MeetingPlace, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless Controller, XenServer, Debian, PowerPath, Unisphere EMC, ExtremeXOS, BIG-IP Hardware, TMOS, Fedora, FileZilla Server, FreeBSD, HP Switch, AIX, Domino by IBM, Notes by IBM, IRAD, Rational ClearCase, QRadar SIEM, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, Juniper J-Series, Junos OS, Junos Space, Juniper Network Connect, NSM Central Manager, NSMXpress, McAfee Web Gateway, Meinberg NTP Server, Data ONTAP 7-Mode, Snap Creator Framework, NetScreen Firewall, ScreenOS, Nodejs Core, OpenSSL, openSUSE, openSUSE Leap, Solaris, Palo Alto Firewall PA***, PAN-OS, Pulse Connect Secure, Pulse Secure Client, Pulse Secure SBR, Puppet, RHEL, JBoss EAP by Red Hat, ROX, SAS Add-in for Microsoft Office, SAS Analytics Pro, Base SAS Software, SAS BI Server, SAS Enterprise Guide, SAS Management Console, SAS OLAP Server, SAS SAS/ACCESS, SAS SAS/AF, SAS SAS/CONNECT, SAS SAS/EIS, SAS SAS/ETS, SAS SAS/FSP, SAS SAS/GRAPH, SAS SAS/IML, SAS SAS/OR, SAS SAS/STAT, SAS SAS/Web Report Studio, Slackware, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Nessus, Ubuntu, VxWorks, WinSCP, X2GoClient.
Severity of this computer vulnerability: 2/4.
Number of vulnerabilities in this bulletin: 7.
Creation date: 01/03/2016.
Revision date: 07/03/2016.
Références of this announce: 000008897, 046178, 046208, 1979498, 1979602, 1987779, 1993210, 2003480, 2003620, 2003673, 2012827, 2013020, 2014202, 2014651, 2014669, 2015080, 2016039, 7043086, 9010066, 9010067, 9010072, BSA-2016-004, bulletinapr2016, bulletinjan2016, CERTFR-2016-AVI-076, CERTFR-2016-AVI-080, cisco-sa-20160302-openssl, CTX208403, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842, DSA-2020-062, DSA-3500-1, ESA-2016-080, FEDORA-2016-2802690366, FEDORA-2016-e1234b65a2, FEDORA-2016-e6807b3394, FreeBSD-SA-16:12.openssl, HPESBHF03741, ibm10732391, ibm10733905, ibm10738249, ibm10738401, JSA10722, JSA10759, K22334603, K52349521, K93122894, MBGSA-1602, NTAP-20160301-0001, NTAP-20160303-0001, NTAP-20160321-0001, openSUSE-SU-2016:0627-1, openSUSE-SU-2016:0628-1, openSUSE-SU-2016:0637-1, openSUSE-SU-2016:0638-1, openSUSE-SU-2016:0640-1, openSUSE-SU-2016:0720-1, openSUSE-SU-2016:1566-1, openSUSE-SU-2017:1211-1, openSUSE-SU-2017:1212-1, PAN-SA-2016-0020, PAN-SA-2016-0028, PAN-SA-2016-0030, RHSA-2016:0301-01, RHSA-2016:0302-01, RHSA-2016:0303-01, RHSA-2016:0304-01, RHSA-2016:0305-01, RHSA-2016:0306-01, RHSA-2016:0372-01, RHSA-2016:0445-01, RHSA-2016:0446-01, RHSA-2016:0490-01, RHSA-2016:1519-01, RHSA-2016:2073-01, RHSA-2018:2568-01, RHSA-2018:2575-01, SA117, SA40168, SA44073-2019-03, SB10156, SOL22334603, SOL40524634, SOL52349521, SOL79215841, SOL93122894, SSA:2016-062-02, SSA-623229, SUSE-SU-2016:0617-1, SUSE-SU-2016:0620-1, SUSE-SU-2016:0621-1, SUSE-SU-2016:0624-1, SUSE-SU-2016:0631-1, SUSE-SU-2016:0641-1, SUSE-SU-2016:0678-1, SUSE-SU-2018:2839-1, SUSE-SU-2018:3082-1, TNS-2016-03, USN-2914-1, VIGILANCE-VUL-19060, VN-2016-004, VU#583776.

Description of the vulnerability 

Several vulnerabilities were announced in OpenSSL.

An attacker can act as a Man-in-the-Middle on a server supporting SSLv2 and EXPORT ciphers (this configuration is considered as weak since several years), in order to read or write data in the session. [severity:2/4; CVE-2016-0800, VU#583776]

An attacker can force the usage of a freed memory area when OpenSSL processes a DSA private key (this scenario is rare), in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-0705]

An attacker can read a memory fragment via SRP_VBASE_get_by_user, in order to obtain sensitive information. [severity:1/4; CVE-2016-0798]

An attacker can force a NULL pointer to be dereferenced in BN_hex2bn(), in order to trigger a denial of service. [severity:1/4; CVE-2016-0797]

An attacker can use a very large string (size INT_MAX), to generate a memory corruption in the BIO_*printf() functions, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-0799]

An attacker can use cache conflicts on Intel Sandy-Bridge, in order to obtain RSA keys. [severity:1/4; CVE-2016-0702]

An attacker can use a very large string (size INT_MAX), to generate a memory corruption in the internal doapr_outch() function, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-2842]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer vulnerability impacts software or systems such as Blue Coat CAS, ProxyAV, ProxySG par Blue Coat, Brocade Network Advisor, Brocade vTM, Cisco ASR, Cisco ATA, Cisco AnyConnect Secure Mobility Client, Cisco ACE, ASA, IOS by Cisco, IOS XE Cisco, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Prime Collaboration Manager, Prime Infrastructure, Cisco Prime LMS, Cisco PRSM, Cisco CUCM, Cisco Unified CCX, Cisco IP Phone, Cisco MeetingPlace, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless Controller, XenServer, Debian, PowerPath, Unisphere EMC, ExtremeXOS, BIG-IP Hardware, TMOS, Fedora, FileZilla Server, FreeBSD, HP Switch, AIX, Domino by IBM, Notes by IBM, IRAD, Rational ClearCase, QRadar SIEM, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, Juniper J-Series, Junos OS, Junos Space, Juniper Network Connect, NSM Central Manager, NSMXpress, McAfee Web Gateway, Meinberg NTP Server, Data ONTAP 7-Mode, Snap Creator Framework, NetScreen Firewall, ScreenOS, Nodejs Core, OpenSSL, openSUSE, openSUSE Leap, Solaris, Palo Alto Firewall PA***, PAN-OS, Pulse Connect Secure, Pulse Secure Client, Pulse Secure SBR, Puppet, RHEL, JBoss EAP by Red Hat, ROX, SAS Add-in for Microsoft Office, SAS Analytics Pro, Base SAS Software, SAS BI Server, SAS Enterprise Guide, SAS Management Console, SAS OLAP Server, SAS SAS/ACCESS, SAS SAS/AF, SAS SAS/CONNECT, SAS SAS/EIS, SAS SAS/ETS, SAS SAS/FSP, SAS SAS/GRAPH, SAS SAS/IML, SAS SAS/OR, SAS SAS/STAT, SAS SAS/Web Report Studio, Slackware, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Nessus, Ubuntu, VxWorks, WinSCP, X2GoClient.

Our Vigil@nce team determined that the severity of this weakness bulletin is medium.

The trust level is of type confirmed by the editor, with an origin of internet client.

This bulletin is about 7 vulnerabilities.

An attacker with a expert ability can exploit this weakness.

Solutions for this threat 

OpenSSL: version 1.0.2g.
The version 1.0.2g is fixed:
  http://www.openssl.org/source/
  ftp://ftp.openssl.org/source/

OpenSSL: version 1.0.1s.
The version 1.0.1s is fixed:
  http://www.openssl.org/source/
  ftp://ftp.openssl.org/source/

AIX: patch for Directory Server GSKit.
A patch is indicated in information sources.

AIX: patch for OpenSSL.
A patch is available:
  https://aix.software.ibm.com/aix/efixes/security/openssl_fix18.tar

Blue Coat: solution for OpenSSL.
The solution is indicated in information sources.

Brocade: solution for multiple vulnerabilities (04/04/2016).
The following versions fix several vulnerabilities (but not CVE-2016-0705):
  Brocade Network Advisor : install version 12.4.2 or 14.0.1.
  Brocade vTM : install version 9.9r1 or 10.3r1.
The detailled solution is indicated in information sources.

Cisco: solution for OpenSSL.
The solution is indicated in information sources.

Citrix XenServer: patch for OpenSSL.
A patch is indicated in information sources.

Copssh: version 5.5.1.
The version 5.5.1 is fixed:
  https://www.itefix.net/copssh

Debian: new openssl packages.
New packages are available:
  Debian 7: openssl 1.0.1e-2+deb7u20
  Debian 8: openssl 1.0.1k-3+deb8u4

Dell EMC Unisphere for PowerMax: solution.
The solution is indicated in information sources.

EMC PowerPath: patch for DROWN.
A patch is indicated in information sources.

F5 BIG-IP: solution for OpenSSL.
The solution is indicated in information sources.

Fedora 23: new mingw-openssl packages.
New packages are available:
  Fedora 23: mingw-openssl 1.0.2h-1.fc23

Fedora: new openssl packages.
New packages are available:
  Fedora 22: openssl 1.0.1k-14.fc22
  Fedora 23: openssl 1.0.2g-2.fc23

FileZilla Server: version 0.9.56.
The version 0.9.56 is fixed:
  https://filezilla-project.org/download.php?type=server

FreeBSD: patch for OpenSSL.
A patch is available:
  https://security.FreeBSD.org/patches/SA-16:12/openssl-9.3.patch.xz
  https://security.FreeBSD.org/patches/SA-16:12/openssl-9.3-fix.patch
  https://security.FreeBSD.org/patches/SA-16:12/openssl-10.1.patch.xz
  https://security.FreeBSD.org/patches/SA-16:12/openssl-10.2.patch

HP Switch, Comware: solution for OpenSSL.
The solution is indicated in information sources.

IBM BigFix Platform: fixed versions for OpenSSL.
Fixed versions are indicated in information sources.

IBM Cognos Analytics: solution.
The solution is indicated in information sources.

IBM Cognos Analytics: version 11.0.13.0.
The version 11.0.13.0 is fixed:
  https://www-01.ibm.com/support/docview.wss?uid=ibm10718809

IBM Cognos Business Intelligence: solution.
The solution is indicated in information sources.

IBM Domino, Notes: patch for IBM Java.
A patch is indicated in information sources.

IBM MQ: solution for GSKit Modular Exponentiation.
The solution is indicated in information sources.

IBM MQ: solution for OpenSSL.
The solution is indicated in information sources.

IBM QRadar SIEM: fixed versions for OpenSSL.
Fixed versions are indicated in information sources.

IBM Rational Application Developer for WebSphere Software: patch for OpenSSL.
A patch is indicated in information sources.

IBM Rational Application Developer for WebSphere: solution for Java.
The solution is indicated in information sources.

IBM Rational ClearCase: solution for GSKit.
The solution is indicated in information sources.

IBM Spectrum Protect: solution for GSKit (03/04/2018).
The solution is indicated in information sources.

IBM Spectrum Protect: solution for GSKit (30/03/2018).
The solution is indicated in information sources.

IBM Spectrum Protect: versions 7.1.6.5 and 8.1.0.2.
Versions 7.1.6.5 and 8.1.0.2 are fixed:
  Version 7.1.6.5 : http://www-01.ibm.com/support/docview.wss?uid=swg24042496
  Version 8.1.0.2: http://www.ibm.com/support/docview.wss?uid=swg24043351

IBM Tivoli Workload Scheduler: patch for OpenSSL.
A patch is indicated in information sources.

IBM WebSphere MQ: version 8.0.0.5.
The version 8.0.0.5 is fixed.

Juniper: solution for OpenSSL.
The solution is indicated in information sources.

McAfee Web Gateway: versions 7.5.2.7 and 7.6.1.2.
Versions 7.5.2.7 and 7.6.1.2 are fixed:
  http://www.mcafee.com/us/downloads/downloads.aspx

Meinberg: solution for NTP and OpenSSL.
The solution is indicated in information sources.

Nessus: version 6.5.6.
The version 6.5.6 is fixed:
  https://support.tenable.com/support-center/index.php?x=&mod_id=200

NetApp Data ONTAP: patch for OpenSSL (30/03/2016).
A patch is available:
  Data ONTAP operating in 7-Mode: http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=991514

NetApp Data ONTAP, Snap Creator Framework, SnapManager: patch for OpenSSL (04/03/2016).
A patch is available:
  Data ONTAP operating in 7-Mode: http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=991284
  Data ONTAP SMI-S Agent: https://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=995624
  Snap Creator Framework: https://mysupport.netapp.com/NOW/download/software/snapcreator_framework/4.3P1/

Node.js: version 0.10.43.
The version 0.10.43 is fixed:
  https://nodejs.org/en/download/

Node.js: version 0.12.11.
The version 0.12.11 is fixed:
  https://nodejs.org/en/download/

Node.js: version 4.3.2.
The version 4.3.2 is fixed:
  https://nodejs.org/en/download/

Node.js: version 5.7.1.
The version 5.7.1 is fixed:
  https://nodejs.org/en/download/

openSUSE 11.4: new openssl packages.
New packages are available:
  openSUSE 11.4: openssl 1.0.1p-71.1

openSUSE 13.1: new openssl packages.
New packages are available:
  openSUSE 13.1: openssl 1.0.1k-11.84.1

openSUSE Leap 42.1: new compat-openssl098 packages.
New packages are available:
  openSUSE Leap 42.1: compat-openssl098 0.9.8j-9.1

openSUSE Leap 42: new libressl packages.
New packages are available:
  openSUSE Leap 42.1: libressl 2.5.3-13.1
  openSUSE Leap 42.2: libressl 2.5.3-5.3.1

openSUSE: new libopenssl0_9_8 packages.
New packages are available:
  openSUSE 13.2: libopenssl0_9_8 0.9.8zh-9.3.1
  openSUSE Leap 42.1: libopenssl0_9_8 0.9.8zh-14.1

openSUSE: new nodejs packages.
New packages are available:
  openSUSE Leap 42.1: nodejs 4.4.5-27.1
  openSUSE 13.2: nodejs 4.4.5-18.1

openSUSE: new openssl packages (02/03/2016).
New packages are available:
  openSUSE 13.2: openssl 1.0.1k-2.33.1
  openSUSE Leap 42.1: openssl 1.0.1i-12.1

PAN-OS: versions 5.0.20, 5.1.13, 6.0.14, 6.1.13, 7.0.9 and 7.1.4.
Versions 5.0.20, 5.1.13, 6.0.14, 6.1.13, 7.0.9 and 7.1.4 are fixed.

PAN-OS: versions 6.0.15 and 6.1.12.
Versions 6.0.15 and 6.1.12 are fixed:
  https://www.paloaltonetworks.com/

Pulse Connect Secure, Pulse Secure Desktop: fixed versions for Multiple Vulnerabilities.
Fixed versions are indicated in information sources.

Pulse Secure Connect Secure: fixed versions for OpenSSL.
This bulletin is a duplicate of VIGILANCE-SOL-45345.

Pulse Secure: solution for OpenSSL.
The solution is indicated in information sources.

Puppet Enterprise: version 2015.3.3.
The version 2015.3.3 is fixed:
  https://puppetlabs.com/

Red Hat JBoss Enterprise Application Platform: patch for OpenSSL.
A patch is available:
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4

Red Hat JBoss Operations Network: version 3.3.6.
The version 3.3.6 is fixed:
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=em&downloadType=securityPatches&version=3.3

Red Hat JBoss Web Server: patch for OpenSSL.
A patch is available:
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches&product=webserver&version=2.1.0
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=3.0.2

RHEL 6.10: new java-1.8.0-ibm packages.
New packages are available:
  RHEL 6: java-1.8.0-ibm 1.8.0.5.20-1jpp.1.el6_10

RHEL 6.7: new openssl packages.
New packages are available:
  RHEL 6: openssl 1.0.1e-42.el6_7.5

RHEL 7: new java-1.8.0-ibm packages.
New packages are available:
  RHEL 7: java-1.8.0-ibm 1.8.0.5.20-1jpp.1.el7

RHEL: new openssl098e packages.
New packages are available:
  RHEL 6: openssl098e 0.9.8e-20.el6_7.1
  RHEL 7: openssl098e 0.9.8e-29.el7_2.3

RHEL: new openssl packages.
New packages are available:
  RHEL 4: openssl 0.9.7a-43.23.el4
  RHEL 5: openssl 0.9.8e-39.el5_11
  RHEL 6: openssl 1.0.1e-42.el6_7.4
  RHEL 7: openssl 1.0.1e-51.el7_2.4

RuggedCom ROX: workaround for DROW.
The vendor suggests these countermeasures:
  https://www.siemens.com/cert/operational-guidelines-industrial-security

SAS: solution for OpenSSL DROWN.
The solution is indicated in information sources.

ScreenOS: workaround for SSLv2.
A workaround is to disable SSLv2.

Siemens ROX 1: workaround for OpenSSL DROWN.
A workaround is indicated in the information source.

Slackware: new openssl packages.
New packages are available:
  Slackware 13.0: openssl 0.9.8zh-*-2_slack13.0
  Slackware 13.1: openssl 0.9.8zh-*-2_slack13.1
  Slackware 13.37: openssl 0.9.8zh-*-2_slack13.37
  Slackware 14.0: openssl 1.0.1s-*-1_slack14.0
  Slackware 14.1: openssl 1.0.1s-*-1_slack14.1

Snare Enterprise Agent: fixed versions for OpenSSL.
The following versions are fixed:
  Snare Enterprise Agent for Windows v4.3.5
  Snare Enterprise Agent for MSSQL v1.4.6
  Snare Enterprise Epilog for Windows v1.8.5
https://snaresupport.intersectalliance.com/

Solaris: patch for Third Party 03/2016.
A patch is available:
  https://support.oracle.com/rs?type=doc&id=1448883.1

Solaris: patch for Third Party software 04/2016.
A patch is available:
  https://support.oracle.com/rs?type=doc&id=1448883.1

Splunk: version 5.0.15.
The version 5.0.15 is fixed:
  http://www.splunk.com/

Splunk: version 6.0.11.
The version 6.0.11 is fixed:
  http://www.splunk.com/

Splunk: version 6.1.10.
The version 6.1.10 is fixed:
  http://www.splunk.com/

Splunk: version 6.2.9.
The version 6.2.9 is fixed:
  http://www.splunk.com/

Splunk: version 6.3.3.4.
The version 6.3.3.4 is fixed:
  http://www.splunk.com/

stunnel: version 5.31.
The version 5.31 is fixed:
  https://www.stunnel.org/downloads.html

SUSE LE 10 SP4: new openssl packages.
New packages are available:
  SUSE LE 10 SP4: openssl 0.9.8a-18.94.2

SUSE LE 11 SP4: new compat-openssl097g packages.
New packages are available:
  SUSE LE 11 SP4: compat-openssl097g 0.9.7g-146.22.41.1

SUSE LE 12: new libopenssl0_9_8 packages.
New packages are available:
  SUSE LE 12 RTM: libopenssl0_9_8 0.9.8j-94.1
  SUSE LE 12 SP1: libopenssl0_9_8 0.9.8j-94.1

SUSE LE 12 SP1-3: new java-1_8_0-ibm packages.
New packages are available:
  SUSE LE 12 SP1: java-1_8_0-ibm 1.8.0_sr5.20-30.36.1
  SUSE LE 12 SP2: java-1_8_0-ibm 1.8.0_sr5.20-30.36.1
  SUSE LE 12 SP3: java-1_8_0-ibm 1.8.0_sr5.20-30.36.1

SUSE LE 15: new java-1_8_0-ibm packages.
New packages are available:
  SUSE LE 15 RTM: java-1_8_0-ibm 1.8.0_sr5.20-3.6.2

SUSE LE: new openssl packages.
New packages are available:
  SUSE LE 11 RTM: openssl1 1.0.1g-0.40.1
  SUSE LE 11 SP2: openssl 0.9.8j-0.89.1
  SUSE LE 11 SP3: openssl 0.9.8j-0.89.1
  SUSE LE 11 SP4: openssl 0.9.8j-0.89.1
  SUSE LE 12 RTM: openssl 1.0.1i-27.13.1
  SUSE LE 12 SP1: openssl 1.0.1i-44.1

Ubuntu: new libssl1.0.0 packages.
New packages are available:
  Ubuntu 15.10: libssl1.0.0 1.0.2d-0ubuntu1.4
  Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.18
  Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.35

WebSphere AS: solution for Edge Caching Proxy.
The solution is indicated in information sources.

Wind River Linux: solution for OpenSSL.
The solution is indicated in information sources.

Wind River VxWorks: solution for OpenSSL.
The solution is indicated in information sources.

WinSCP: version 5.7.7.
The version 5.7.7 is fixed:
  http://winscp.net/

X2Go: version 4.0.5.1-2016.08.18.
The version 4.0.5.1-2016.08.18 is fixed:
  http://wiki.x2go.org/doku.php/download:start
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides computer vulnerability analysis. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.