CVE :

Transcription

1 CVSS: 5.0 CVE : Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL before 0.9.8zb, before 1.0.0n, and before 1.0.1i allows remote attackers to cause a denial of service (application crash) via crafted DTLS packets that trigger an error condition. Impacted - Upgrade to 12.4.x. Page 1

2 CVSS: 5.0 CVE : d1_both.c in the DTLS implementation in OpenSSL before 0.9.8zb, before 1.0.0n, and before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values. Impacted - Upgrade to 12.4.x. Page 2

3 CVSS: 5.0 CVE : Memory leak in d1_both.c in the DTLS implementation in OpenSSL before 0.9.8zb, before 1.0.0n, and before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function. Impacted - Upgrade to 12.4.x. Page 3

4 CVSS: 4.3 CVE : The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL before 0.9.8zb, before 1.0.0n, and before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions. Impacted - Fixed in 3.2.1R5 Impacted Fixed in 7.3.0b and later Impacted Fixed in and later Impacted - Fixed in 5.9.0a and Brocade will no longer provide security updates for JetCore as End of Life (EoL) was May 30, Impacted Fixed in k. Impacted Fixed in d. Brocade vtm software customers are not affected. Page 4

5 CVSS: 6.8 CVE : Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL before 1.0.0n and before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data. Impacted Fixed in 7.3.0b and later. Impacted Fixed in and later. Page 5

6 CVSS: 4.3 CVE : The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zb, before 1.0.0n, and before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersuite. Brocade vtm software customers are not affected. Page 6

7 CVSS: 4.3 CVE : The ssl23_get_client_hello function in s23_srvr.c in OpenSSL before 1.0.1i allows manin-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue. Impacted - Fixed in 3.2.1R5 Impacted Fixed in 7.3.0b and later Impacted Fixed in and later Brocade will no longer provide security updates for JetCore as End of Life (EoL) was May 30, Impacted Fixed in d. Brocade vtm software customers are not affected. Impacted - VA Controller uses OpenSSL 1.0.1m-fips so is not affected. VA Instance Host uses OpenSSL 1.0.1f, so is affected. S/W installs will use the version of OpenSSL installed on the host system. Page 7

8 CVSS: 7.5 CVE : Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter. Impacted Fixed in d. Brocade vtm software customers are not affected. Page 8

9 CVSS: 7.1 CVE : Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message. Page 9

10 CVSS: 7.1 CVE : Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, before 1.0.0o, and before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure. Impacted - Fixed in 6.7R7. Impacted Fixed in 7.3.0b and later. Impacted Fixed in and later. Brocade vtm software customers are not affected. Impacted - VA Controller uses OpenSSL 1.0.1m-fips so is not affected. VA Instance Host uses OpenSSL 1.0.1f, so is affected. S/W installs will use the version of OpenSSL installed on the host system. Page 10

11 CVSS: 4.3 CVE : OpenSSL before 0.9.8zc, before 1.0.0o, and before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c. Impacted Fixed in 7.3.0b and later Impacted Fixed in and later Brocade will no longer provide security updates for JetCore as End of Life (EoL) was May 30, Brocade vtm software customers are not affected. Impacted - VA Controller uses OpenSSL 1.0.1m-fips so is not affected. VA Instance Host uses OpenSSL 1.0.1f, so is affected. S/W installs will use the version of OpenSSL installed on the host system. Page 11

12 CVSS: 4.3 CVE : The ssl_set_client_disabled function in t1_lib.c in OpenSSL before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client. Impacted - Upgrade to 9.8 and later. Page 12

13 Disclaimer THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. Document Revision Changes 1.0 Initial Publication 2.0 Updated to address NetIron OS 3.0 Updated to address NetIrion OS, ADX, Virtual ADX, Services Director, and IronView 4.0 Updated to address JetCore, ADX, and Virtual ADX Page 13