Two vulnerabilities were reported in OpenSSL. A remote user can recover keys in certain cases. A remote user can negotiate disabled ciphers.
The system may use primes for generating Diffie Hellman (DH) parameters that are not safe when using X9.42 style parameter files [CVE-2016-0701]. A remote user that complete multiple handshakes with the target peer where the peer uses the same private DH exponent may be able to determine the target peer's private DH exponent and then conduct man-in-the-middle attacks against the ostensibly secure connection.
Systems that reuse the private DH exponent or use a static DH ciphersuite are affected.
Systems with the SSL_OP_SINGLE_DH_USE option for ephemeral DH (DHE) in TLS disabled reuse the same private DH exponent for the life of the server process and are affected.
Version 1.0.2 is affected.
The vendor was notified on January 12, 2016
Antonio Sanso (Adobe) reported this vulnerability.
When the SSLv2 protocol is not disabled via SSL_OP_NO_SSLv2 on the target server, a remote user can negotiate SSLv2 ciphers that have been disabled on the target server [CVE-2015-3197]. Versions 1.0.1 and 1.0.2 are affected.
The vendor was notified on December 26, 2015.
Nimrod Aviram and Sebastian Schinzel reported this vulnerability.
A remote user can recover keys in certain cases.
A remote user can negotiate disabled ciphers.
The vendor has issued a fix (1.0.1r, 1.0.2f).