#VU2765 Information disclosure in OpenSSL - CVE-2015-3193


| Updated: 2018-05-11

Vulnerability identifier: #VU2765

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2015-3193

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenSSL
Server applications / Encryption software

Vendor: OpenSSL Software Foundation

Description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists in the Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl on the x86_64 platform, as used by the BN_mod_exp function, due to mishandling of carry propagation and producing incorrect output. A remote attacker can gain potentially sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite.

Mitigation
Update to version 1.0.2e.

Vulnerable software versions

OpenSSL: 1.0.2d - 1.0.2

External links
https://www.openssl.org/news/secadv/20151203.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM b-type SAN switches and directors
Amazon Linux AMI update for openssl
OpenSUSE Linux update for openssl
SUSE Linux update for openssl
Multiple vulnerabilities in N series Products
Arch Linux update for openssl
Arch Linux update for lib32-openssl
Slackware Linux update for bind