SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Cisco Unified Communications Domain Manager Vendors:   Cisco
(Cisco Issues Fix for Cisco Unified Communications Domain Manager) OpenSSL Bugs Let Remote Users Deny Service and Downgrade Session Security
SecurityTracker Alert ID:  1031916
SecurityTracker URL:  http://securitytracker.com/id/1031916
CVE Reference:   CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206   (Links to External Site)
Date:  Mar 11 2015
Impact:   Denial of service via network, Disclosure of system information, Modification of authentication information
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Several vulnerabilities were reported in OpenSSL. A remote user can cause denial of service conditions. A remote user can downgrade the session security in certain cases. Cisco Unified Communications Domain Manager is affected.

A remote user can send a specially crafted DTLS message to trigger a null pointer dereference fault in dtls1_get_record() and cause the target service to crash [CVE-2014-3571].

The vendor was notified on October 22, 2014.

Markus Stenberg of Cisco Systems, Inc. reported this vulnerability.

A remote user can send repeated DTLS records with the same sequence number but for the next epoch to trigger a memory leak in dtls1_buffer_record() and consume excessive memory resources on the target system [CVE-2015-0206]. Versions 1.0.0 and 1.0.1 are affected.

The vendor was notified on January 7, 2015.

Chris Mueller reported this vulnerability.

On systems built with the 'no-ssl3' option, a remote user can send a SSLv3 ClientHello message to later trigger a null pointer dereference [CVE-2014-3569].

The vendor was notified on October 17, 2014.

Frank Schmirler reported this vulnerability.

A remote server can initiate a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate but with the server key exchange message omitted to downgrade from ECDHE to ECDH and remove forward secrecy from the ciphersuite [CVE-2014-3572].

The vendor was notifed on October 22, 2014.

Karthikeyan Bhargavan of the PROSECCO team at INRIA reported this vulnerability.

A remote server can supply a weak RSA temporary key for a non-export RSA key exchange ciphersuite to downgrade the session security [CVE-2015-0204].

The vendor was notified on October 22, 2014.

Karthikeyan Bhargavan of the PROSECCO team at INRIA reported this vulnerability.

A remote client can send a DH certificate for client authentication without the certificate verify message to systems that trust a client certificate authority that issues certificates containing DH keys to authenticate without the use of a private key [CVE-2015-0205]. Versions 1.0.0 and 1.0.1 are affected.

The vendor was notified on October 22, 2014.

Karthikeyan Bhargavan of the PROSECCO team at INRIA reported this vulnerability.

A remote user can modify the certificate fingerprint in certain cases [CVE-2014-8275]. Applications that rely on the uniqueness of certificate fingerprints may be affected.

The vendor was notified on December 1, 2014 and December 12, 2014 by separate parties.

Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program (via NCSC-FI) reported one variant of this vulnerability. Konrad Kraszewski from Google reported another variant of this vulnerability.

Bignum squaring (BN_sqr) may randomly and rarely produce incorrect results on some platforms (including x86_64). The impact was not specified [CVE-2014-3570].

The vendor was notified on November 2, 2014.

Pieter Wuille (Blockstream) reported this vulnerability.

Impact:   A remote user can cause the target system to crash.

A remote user can consume excessive memory resources on the target system.

A remote server can downgrade the session security in certain cases.

A remote user can bypass authentication in certain rare cases.

Solution:   Cisco has issued a fix for Cisco Unified Communications Domain Manager.

Cisco has assigned bug ID to this vulnerability.

The Cisco advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl

Vendor URL:  openssl.org/news/secadv_20150108.txt (Links to External Site)
Cause:   Access control error, Authentication error, State error

Message History:   This archive entry is a follow-up to the message listed below.
Jan 8 2015 OpenSSL Bugs Let Remote Users Deny Service and Downgrade Session Security



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC