#VU70415 Input validation error in OpenSSL - CVE-2015-0293


Vulnerability identifier: #VU70415

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2015-0293

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenSSL
Server applications / Encryption software

Vendor: OpenSSL Software Foundation

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the SSLv2 implementation. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

OpenSSL: 0.9.8ze - 0.9.8p, 1.0.0g - 1.0.0p, 1.0.2

External links
https://bugzilla.redhat.com/show_bug.cgi?id=1202404
https://www.openssl.org/news/secadv_20150319.txt
https://git.openssl.org/?p=openssl.git;a=commit;h=86f8fb0e344d62454f8daf3e15236b2b59210756
https://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.html
https://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.html
https://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.html
https://lists.opensuse.org/opensuse-updates/2015-03/msg00062.html
https://www.freebsd.org/security/advisories/FreeBSD-SA-15%3A06.openssl.asc
https://lists.opensuse.org/opensuse-security-announce/2015-03/msg00022.html
https://www.ubuntu.com/usn/USN-2537-1
https://www.securitytracker.com/id/1031929
https://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
https://rhn.redhat.com/errata/RHSA-2015-0716.html
https://www.mandriva.com/security/advisories?name=MDVSA-2015:063
https://www.mandriva.com/security/advisories?name=MDVSA-2015:062
https://rhn.redhat.com/errata/RHSA-2015-0752.html
https://rhn.redhat.com/errata/RHSA-2015-0715.html
https://rhn.redhat.com/errata/RHSA-2015-0800.html
https://access.redhat.com/articles/1384453
https://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.html
https://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.html
https://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
https://support.apple.com/kb/HT204942
https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
https://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
https://bto.bluecoat.com/security-advisory/sa92
https://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
https://marc.info/?l=bugtraq&m=144050297101809&w=2
https://marc.info/?l=bugtraq&m=143213830203296&w=2
https://marc.info/?l=bugtraq&m=143748090628601&w=2
https://marc.info/?l=bugtraq&m=144050155601375&w=2
https://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
https://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
https://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html
https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html
https://security.gentoo.org/glsa/201503-11
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680
https://kc.mcafee.com/corporate/index?page=content&id=SB10110
https://www.securityfocus.com/bid/73232
https://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
https://support.citrix.com/article/CTX216642
https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM FOS Firmware
Multiple vulnerabilities in QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for BladeCenter
Fedora EPEL 7 update for mingw-openssl
Fedora 22 update for mingw-openssl
Fedora 21 update for mingw-openssl
Slackware Linux update for openssl
Multiple vulnerabilities in IBM Integrated Management Module (IMM)
Denial of service in OpenSSL
Fedora 21 update for openssl
Fedora 22 update for openssl