Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2011:137 | First vendor Publication | 2011-09-28 |
Vendor | Mandriva | Last vendor Modification | 2011-09-28 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities has been discovered and corrected in openssl: The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation (CVE-2011-1945). crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past (CVE-2011-3207). The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8s and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages, which allows remote attackers to cause a denial of service (application crash) via out-of-order messages that violate the TLS protocol (CVE-2011-3210). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2011:137 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-399 | Resource Management Errors |
33 % | CWE-310 | Cryptographic Issues |
33 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:14723 | |||
Oval ID: | oval:org.mitre.oval:def:14723 | ||
Title: | DSA-2309-1 openssl -- compromised certificate authority | ||
Description: | Several fraudulent SSL certificates have been found in the wild issued by the DigiNotar Certificate Authority, obtained through a security compromise of said company. After further updates on this incident, it has been determined that all of DigiNotar's signing certificates can no longer be trusted. Debian, like other software distributors and vendors, has decided to distrust all of DigiNotar's CAs. In this update, this is done in the crypto library by marking such certificates as revoked. Any application that uses said component should now reject certificates signed by DigiNotar. Individual applications may allow users to overrride the validation failure. However, making exceptions is highly discouraged and should be carefully verified. Additionally, a vulnerability has been found in the ECDHE_ECDS cipher where timing attacks make it easier to determine private keys. The Common Vulnerabilities and Exposures project identifies it as CVE-2011-1945. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2309-1 CVE-2011-1945 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21649 | |||
Oval ID: | oval:org.mitre.oval:def:21649 | ||
Title: | RHSA-2011:1409: openssl security update (Moderate) | ||
Description: | crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1409-01 CVE-2011-3207 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23375 | |||
Oval ID: | oval:org.mitre.oval:def:23375 | ||
Title: | ELSA-2011:1409: openssl security update (Moderate) | ||
Description: | crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1409-01 CVE-2011-3207 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24733 | |||
Oval ID: | oval:org.mitre.oval:def:24733 | ||
Title: | Vulnerability in OpenSSL 1.0.0d and earlier, makes easier for context-dependent attackers to determine private keys | ||
Description: | The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1945 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24954 | |||
Oval ID: | oval:org.mitre.oval:def:24954 | ||
Title: | Vulnerability in OpenSSL 1.0.x before 1.0.0e, does not initialize certain structure members | ||
Description: | crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3207 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25015 | |||
Oval ID: | oval:org.mitre.oval:def:25015 | ||
Title: | Vulnerability in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e, allows remote attackers to cause a denial of service (daemon crash) | ||
Description: | The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3210 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28075 | |||
Oval ID: | oval:org.mitre.oval:def:28075 | ||
Title: | DEPRECATED: ELSA-2011-1409 -- openssl security update (moderate) | ||
Description: | [1.0.0-10.5] - initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207 (#736087) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1409 CVE-2011-3207 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-09 | Name : RedHat Update for openssl RHSA-2011:1409-01 File : nvt/gb_RHSA-2011_1409-01_openssl.nasl |
2012-06-04 | Name : Fedora Update for openssl FEDORA-2012-8024 File : nvt/gb_fedora_2012_8024_openssl_fc15.nasl |
2012-05-11 | Name : Fedora Update for openssl FEDORA-2012-6395 File : nvt/gb_fedora_2012_6395_openssl_fc15.nasl |
2012-04-13 | Name : Fedora Update for openssl FEDORA-2012-4659 File : nvt/gb_fedora_2012_4659_openssl_fc15.nasl |
2012-03-19 | Name : Fedora Update for openssl FEDORA-2011-12233 File : nvt/gb_fedora_2011_12233_openssl_fc16.nasl |
2012-02-13 | Name : Ubuntu Update for openssl USN-1357-1 File : nvt/gb_ubuntu_USN_1357_1.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-01 (openssl) File : nvt/glsa_201110_01.nasl |
2012-01-25 | Name : Fedora Update for openssl FEDORA-2012-0702 File : nvt/gb_fedora_2012_0702_openssl_fc15.nasl |
2012-01-16 | Name : Fedora Update for openssl FEDORA-2012-0250 File : nvt/gb_fedora_2012_0250_openssl_fc15.nasl |
2011-09-30 | Name : Mandriva Update for openssl MDVSA-2011:136 (openssl) File : nvt/gb_mandriva_MDVSA_2011_136.nasl |
2011-09-30 | Name : Mandriva Update for openssl MDVSA-2011:137 (openssl) File : nvt/gb_mandriva_MDVSA_2011_137.nasl |
2011-09-21 | Name : Debian Security Advisory DSA 2309-1 (openssl) File : nvt/deb_2309_1.nasl |
2011-09-21 | Name : FreeBSD Ports: openssl File : nvt/freebsd_openssl4.nasl |
2011-09-12 | Name : Fedora Update for openssl FEDORA-2011-12281 File : nvt/gb_fedora_2011_12281_openssl_fc14.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
75230 | OpenSSL Ephemeral ECDH Ciphersuites Handshake Message Parsing Remote DoS |
75229 | OpenSSL Certificate Revocation Lists (CRL) nextUpdate Field Remote DoS |
74632 | OpenSSL ECDHE_ECDSA Cipher Suite ECDSA Timing Attack Weakness |
Snort® IPS/IDS
Date | Description |
---|---|
2019-12-03 | OpenSSL ECDH malformed Client Hello denial of service attempt RuleID : 52042 - Revision : 1 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-4.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libopenssl-devel-110920.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libopenssl-devel-110607.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libopenssl-devel-110920.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libopenssl-devel-110606.nasl - Type : ACT_GATHER_INFO |
2013-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-03.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-04.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1409.nasl - Type : ACT_GATHER_INFO |
2013-06-05 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_8_4.nasl - Type : ACT_GATHER_INFO |
2013-06-05 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2013-002.nasl - Type : ACT_GATHER_INFO |
2012-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18035.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111026_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-04-20 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_0_0_24.nasl - Type : ACT_GATHER_INFO |
2012-02-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1357-1.nasl - Type : ACT_GATHER_INFO |
2012-01-09 | Name : The remote web server has multiple SSL-related vulnerabilities. File : openssl_0_9_8s.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-110920.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7760.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7550.nasl - Type : ACT_GATHER_INFO |
2011-10-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1409.nasl - Type : ACT_GATHER_INFO |
2011-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7766.nasl - Type : ACT_GATHER_INFO |
2011-10-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-01.nasl - Type : ACT_GATHER_INFO |
2011-09-29 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-137.nasl - Type : ACT_GATHER_INFO |
2011-09-29 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-136.nasl - Type : ACT_GATHER_INFO |
2011-09-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2309.nasl - Type : ACT_GATHER_INFO |
2011-09-12 | Name : The remote web server is affected by multiple SSL-related vulnerabilities. File : openssl_1_0_0e.nasl - Type : ACT_GATHER_INFO |
2011-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12281.nasl - Type : ACT_GATHER_INFO |
2011-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12233.nasl - Type : ACT_GATHER_INFO |
2011-09-08 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2ecb7b20d97e11e0b2e200215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2011-06-15 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-110606.nasl - Type : ACT_GATHER_INFO |
2011-06-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7552.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-03-28 17:24:25 |
|
2014-03-26 13:27:00 |
|
2014-02-17 11:42:26 |
|
2013-06-06 13:29:56 |
|