The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of OpenSSL: using disabled SSLv2 ciphers

Synthesis of the vulnerability 

An attacker can connect to a SSLv2 server with disabled ciphers in OpenSSL, in order to create a TLS session which is not secure.
Impacted products: Blue Coat CAS, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Brocade Network Advisor, Brocade vTM, ASA, AsyncOS, Cisco ESA, Cisco IPS, Nexus by Cisco, NX-OS, Cisco CUCM, Cisco Manager Attendant Console, Cisco IP Phone, Unisphere EMC, Black Diamond, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP Switch, AIX, Tivoli Storage Manager, Juniper J-Series, Junos OS, Junos Space, NSM Central Manager, NSMXpress, McAfee Email Gateway, Data ONTAP 7-Mode, NetScreen Firewall, ScreenOS, Nodejs Core, OpenSSL, openSUSE, openSUSE Leap, Oracle Communications, Solaris, Puppet, RHEL, JBoss EAP by Red Hat, Slackware, stunnel, SUSE Linux Enterprise Desktop, SLES, VxWorks, X2GoClient.
Severity of this bulletin: 1/4.
Creation date: 28/01/2016.
Références of this threat: 2003480, 2003620, 2003673, 9010060, BSA-2016-004, bulletinjan2016, c05390893, CERTFR-2016-AVI-041, cisco-sa-20160129-openssl, cpuoct2016, cpuoct2017, CVE-2015-3197, DSA-2020-062, FEDORA-2016-527018d2ff, FEDORA-2016-e1234b65a2, FreeBSD-SA-16:11.openssl, HPESBHF03703, JSA10759, NTAP-20160201-0001, openSUSE-SU-2016:0362-1, openSUSE-SU-2016:0442-1, openSUSE-SU-2016:0627-1, openSUSE-SU-2016:0628-1, openSUSE-SU-2016:0637-1, openSUSE-SU-2016:0638-1, openSUSE-SU-2016:0640-1, openSUSE-SU-2016:0720-1, RHSA-2016:0372-01, RHSA-2016:0445-01, RHSA-2016:0446-01, RHSA-2016:0490-01, SA111, SB10203, SOL33209124, SOL64009378, SSA:2016-034-03, SUSE-SU-2016:0617-1, SUSE-SU-2016:0620-1, SUSE-SU-2016:0621-1, SUSE-SU-2016:0624-1, SUSE-SU-2016:0631-1, SUSE-SU-2016:0641-1, SUSE-SU-2016:0678-1, VIGILANCE-VUL-18837, VN-2016-002.

Description of the vulnerability 

The OpenSSL library disables by default SSLv2, excepted if the SSL_OP_NO_SSLv2 option is used.

SSLv2 cipher algorithms can be disabled on the server. However, a malicious client can still use these algorithms.

An attacker can therefore connect to a SSLv2 server with disabled ciphers in OpenSSL, in order to create a TLS session which is not secure.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer threat announce impacts software or systems such as Blue Coat CAS, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Brocade Network Advisor, Brocade vTM, ASA, AsyncOS, Cisco ESA, Cisco IPS, Nexus by Cisco, NX-OS, Cisco CUCM, Cisco Manager Attendant Console, Cisco IP Phone, Unisphere EMC, Black Diamond, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP Switch, AIX, Tivoli Storage Manager, Juniper J-Series, Junos OS, Junos Space, NSM Central Manager, NSMXpress, McAfee Email Gateway, Data ONTAP 7-Mode, NetScreen Firewall, ScreenOS, Nodejs Core, OpenSSL, openSUSE, openSUSE Leap, Oracle Communications, Solaris, Puppet, RHEL, JBoss EAP by Red Hat, Slackware, stunnel, SUSE Linux Enterprise Desktop, SLES, VxWorks, X2GoClient.

Our Vigil@nce team determined that the severity of this computer vulnerability is low.

The trust level is of type confirmed by the editor, with an origin of internet client.

An attacker with a expert ability can exploit this cybersecurity alert.

Solutions for this threat 

OpenSSL: version 1.0.2f.
The version 1.0.2f is fixed:
  http://www.openssl.org/source/
  ftp://ftp.openssl.org/source/

OpenSSL: version 1.0.1r.
The version 1.0.1r is fixed:
  http://www.openssl.org/source/
  ftp://ftp.openssl.org/source/

AIX: patch for OpenSSL (03/03/2016).
A patch is available:
  ftp://aix.software.ibm.com/aix/efixes/security/openssl_fix17.tar

Blue Coat: solution for OpenSSL.
The solution is indicated in information sources.

Brocade: solution for multiple vulnerabilities (04/04/2016).
The following versions fix several vulnerabilities (but not CVE-2016-0705):
  Brocade Network Advisor : install version 12.4.2 or 14.0.1.
  Brocade vTM : install version 9.9r1 or 10.3r1.
The detailled solution is indicated in information sources.

Cisco: solution for OpenSSL.
The solution is indicated in information sources. (Each product has a defect record.)

Dell EMC Unisphere for PowerMax: solution.
The solution is indicated in information sources.

Extreme Networks: solution for OpenSSL.
The solution is indicated in information sources.

F5 BIG-IP: solution for OpenSSL.
The solution is indicated in information sources.

Fedora 23: new mingw-openssl packages.
New packages are available:
  Fedora 23: mingw-openssl 1.0.2h-1.fc23

Fedora: new openssl packages.
New packages are available:
  Fedora 23: openssl 1.0.2f-1.fc23

FreeBSD: patch for OpenSSL.
A patch is available:
  https://security.FreeBSD.org/patches/SA-16:11/openssl-10.2.patch
  https://security.FreeBSD.org/patches/SA-16:11/openssl-10.1.patch
  https://security.FreeBSD.org/patches/SA-16:11/openssl-9.3.patch

HPE Comware Switch: fixed versions for OpenSSL.
Fixed versions are indicated in information sources.

IBM Spectrum Protect: versions 7.1.6.5 and 8.1.0.2.
Versions 7.1.6.5 and 8.1.0.2 are fixed:
  Version 7.1.6.5 : http://www-01.ibm.com/support/docview.wss?uid=swg24042496
  Version 8.1.0.2: http://www.ibm.com/support/docview.wss?uid=swg24043351

ITeFix Copssh: version 5.4.3.
The version 5.4.3 is fixed:
  https://www.itefix.net/copssh

Juniper: solution for OpenSSL.
The solution is indicated in information sources.

McAfee Email Gateway: version 7.6.404-3328.101.
The version 7.6.404-3328.101 is fixed:
  https://kc.mcafee.com/corporate/index?page=content&id=KB56057

NetApp Data ONTAP: solution for OpenSSL 01/2016.
The solution is indicated in information sources.

Node.js: versions 0.10.42, 0.12.10, 4.3.0, 5.6.0.
The versions 0.10.42, 0.12.10, 4.3.0, 5.6.0 are fixed:
  https://nodejs.org/en/download/

openSUSE 11.4: new openssl packages.
New packages are available:
  openSUSE 11.4: openssl 1.0.1p-71.1

openSUSE 13.1: new openssl packages.
New packages are available:
  openSUSE 13.1: openssl 1.0.1k-11.84.1

openSUSE Leap 42.1: new compat-openssl098 packages.
New packages are available:
  openSUSE Leap 42.1: compat-openssl098 0.9.8j-9.1

openSUSE: new libopenssl0_9_8 packages.
New packages are available:
  openSUSE 13.2: libopenssl0_9_8 0.9.8zh-9.3.1
  openSUSE Leap 42.1: libopenssl0_9_8 0.9.8zh-14.1

openSUSE: new openssl packages (02/03/2016).
New packages are available:
  openSUSE 13.2: openssl 1.0.1k-2.33.1
  openSUSE Leap 42.1: openssl 1.0.1i-12.1

openSUSE: new openssl packages (08/02/2016).
New packages are available:
  openSUSE 13.2: openssl 1.0.1k-2.30.1
  openSUSE 13.1: openssl 1.0.1k-11.78.1

Oracle Communications: CPU of October 2016.
A Critical Patch Update is available:
  https://support.oracle.com/rs?type=doc&id=2188694.1

Oracle Communications: CPU of October 2017.
A Critical Patch Update is available.

Puppet Labs Puppet: version 3.8.6.
The version 3.8.6 is fixed.

Red Hat JBoss Enterprise Application Platform: patch for OpenSSL.
A patch is available:
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4

Red Hat JBoss Web Server: patch for OpenSSL.
A patch is available:
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches&product=webserver&version=2.1.0
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=3.0.2

RHEL: new openssl098e packages.
New packages are available:
  RHEL 6: openssl098e 0.9.8e-20.el6_7.1
  RHEL 7: openssl098e 0.9.8e-29.el7_2.3

Slackware: new openssl packages.
New packages are available:
  Slackware 14.0: openssl 1.0.1r-*-1_slack14.0
  Slackware 14.1: openssl 1.0.1r-*-1_slack14.1

Snare Enterprise Agent: fixed versions.
Fixed versions are indicated in information sources.

Solaris: patch for Third Party 03/2016.
A patch is available:
  https://support.oracle.com/rs?type=doc&id=1448883.1

stunnel: version 5.30.
The version 5.30 is fixed:
  https://www.stunnel.org/downloads.html

SUSE LE 10 SP4: new openssl packages.
New packages are available:
  SUSE LE 10 SP4: openssl 0.9.8a-18.94.2

SUSE LE 11 SP4: new compat-openssl097g packages.
New packages are available:
  SUSE LE 11 SP4: compat-openssl097g 0.9.7g-146.22.41.1

SUSE LE 12: new libopenssl0_9_8 packages.
New packages are available:
  SUSE LE 12 RTM: libopenssl0_9_8 0.9.8j-94.1
  SUSE LE 12 SP1: libopenssl0_9_8 0.9.8j-94.1

SUSE LE: new openssl packages.
New packages are available:
  SUSE LE 11 RTM: openssl1 1.0.1g-0.40.1
  SUSE LE 11 SP2: openssl 0.9.8j-0.89.1
  SUSE LE 11 SP3: openssl 0.9.8j-0.89.1
  SUSE LE 11 SP4: openssl 0.9.8j-0.89.1
  SUSE LE 12 RTM: openssl 1.0.1i-27.13.1
  SUSE LE 12 SP1: openssl 1.0.1i-44.1

Wind River VxWorks: solution for OpenSSL.
The solution is indicated in information sources.

X2Go: version 4.0.5.1-2016.08.18.
The version 4.0.5.1-2016.08.18 is fixed:
  http://wiki.x2go.org/doku.php/download:start
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides computer security bulletins. The technology watch team tracks security threats targeting the computer system.