SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Multimedia)  >   Cisco TelePresence Vendors:   Cisco
(Cisco Issues Advisory for Cisco TelePresence) OpenSSL Bugs Let Remote Users Deny Service and Potentially Execute Arbitrary Code
SecurityTracker Alert ID:  1032618
SecurityTracker URL:  http://securitytracker.com/id/1032618
CVE Reference:   CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792   (Links to External Site)
Date:  Jun 18 2015
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Vendor Confirmed:  Yes  

Description:   Multiple vulnerabilities were reported in OpenSSL. A remote user can cause denial of service conditions on the target system. A remote authenticated user may be able to execute arbitrary code on the target system. Cisco TelePresence is affected.

A remote authenticated user can send specially crafted application data to a connected DTLS peer between the ChangeCipherSpec and Finished messages to trigger an invalid memory free and cause a segmentation fault or memory corruption error and potentially execute arbitrary code [CVE-2014-8176]. Versions 0.9.8 prior to 0.9.8za, 1.0.0 prior to 1.0.0m, and 1.0.1 prior to 1.0.1h are affected.

Praveen Kariyanahalli and Ivan Fratric and Felix Groebert of Google separately reported this vulnerability.

A remote user can send specially crafted ECParameters to cause the target service to enter an infinite loop [CVE-2015-1788]. Applications that process public keys, certificate requests, or certificates are affected. TLS clients and TLS servers with client authentication enabled are affected. Versions 1.0.1 and 1.0.2 are affected.

Joseph Birr-Pixton reported this vulnerability on April 6, 2015.

A remote user can create a specially crafted certificate or certificate revocation list (CRL) that, when processed by the target application, will trigger an out-of-bound memory read in X509_cmp_time() and cause a segmentation fault [CVE-2015-1789]. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled and that use custom verification callbacks may be affected.

Robert Swiecki of Google reported this vulnerability on April 8, 2015 and Hanno Bock independently reported this vulnerability on April 11, 2015.

A remote user can create specially crafted ASN.1-encoded PKCS#7 data with a missing EnvelopedContent component to trigger a null pointer dereference [CVE-2015-1790]. Applications that decrypt or parse PKCS#7 data from untrusted sources are affected. OpenSSL clients and servers are not affected. The impact was not specified.

Michal Zalewski of Google reported this vulnerability on April 18, 2015.

A remote user can create a specially crafted signedData message that specifies an unknown hash function OID to trigger an infinite loop in the CMS code [CVE-2015-1792]. Applications that verify signedData messages using the CMS code are affected.

Johannes Bauer reported this vulnerability on March 31, 2015.

Impact:   A remote user can cause the target application to crash or enter an infinite loop.

A remote authenticated user may be able to execute arbitrary code on the target system.

The impact of one vulnerability was not disclosed.

Solution:   Cisco has issued an advisory for Cisco TelePresence.

The following products are affected:

Cisco TelePresence Advanced Media Gateway Series
Cisco TelePresence EX Series
Cisco TelePresence ISDN GW 3241
Cisco TelePresence ISDN GW MSE 8321
Cisco TelePresence MCU (8510, 8420, 4200, 4500 and 5300)
Cisco TelePresence MX Series
Cisco TelePresence Profile Series
Cisco TelePresence SX Series
Cisco TelePresence Serial Gateway Series
Cisco TelePresence Server 8710, 7010
Cisco TelePresence Server on Multiparty Media 310, 320
Cisco TelePresence Server on Virtual Machine
Cisco TelePresence Supervisor MSE 8050
Cisco Telepresence Integrator C Series

Cisco has assigned bug IDs CSCuu82419 (for Advanced Media Gateway Series), CSCuu82450 (for EX Series), CSCuu82429 (for ISDN GW 3241 and ISDN GW MSE 8321), CSCuu82435 (for MCU 8510, 8420, 4200, 4500, and 5300), CSCuu82450 (for MX Series, Profile Series, and SX Series), CSCuu82447 (for Serial Gateway Series), CSCuu82452 (for Server 8710 and 7010, Server on Multiparty Media 310 and 320, and Server on Virtual Machine), CSCuu82437 (for Supervisor MSE 8050), and CSCuu82450 (for Integrator C Series) to this vulnerability.

The vendor plans to issue a fix (7.3.3 for EX Series; 2.2MR5 for ISDN GW 3241 and ISDN GW MSE 8321; 4.5MR2 for MCU 8510, 8420, 4200, 4500, and 5300; 7.3.3 for MX Series, Profile Series, and SX Series; 1.0MR5 for Serial Gateway Series; 4.2 for Server 8710 and 7010, Multiparty Media 310 and 320, and Server on Virtual Machine; 2.3 for Supervisor MSE 8050, and 7.3.3 for Integrator C Series).

No fix is planned for TelePresence Advanced Media Gateway Series.

The Cisco advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl (Links to External Site)
Cause:   Access control error, Boundary error, Not specified, State error

Message History:   This archive entry is a follow-up to the message listed below.
Jun 11 2015 OpenSSL Bugs Let Remote Users Deny Service and Potentially Execute Arbitrary Code



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC