ID CVE-2005-2969
Summary The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.
References
Vulnerable Configurations
  • OpenSSL Project OpenSSL 0.9.7
    cpe:2.3:a:openssl:openssl:0.9.7
  • OpenSSL Project OpenSSL 0.9.7a
    cpe:2.3:a:openssl:openssl:0.9.7a
  • OpenSSL Project OpenSSL 0.9.7b
    cpe:2.3:a:openssl:openssl:0.9.7b
  • OpenSSL Project OpenSSL 0.9.7c
    cpe:2.3:a:openssl:openssl:0.9.7c
  • OpenSSL Project OpenSSL 0.9.7d
    cpe:2.3:a:openssl:openssl:0.9.7d
  • OpenSSL Project OpenSSL 0.9.7e
    cpe:2.3:a:openssl:openssl:0.9.7e
  • OpenSSL Project OpenSSL 0.9.7f
    cpe:2.3:a:openssl:openssl:0.9.7f
  • OpenSSL Project OpenSSL 0.9.7g
    cpe:2.3:a:openssl:openssl:0.9.7g
  • OpenSSL Project OpenSSL 0.9.8
    cpe:2.3:a:openssl:openssl:0.9.8
CVSS
Base: 5.0 (as of 19-10-2005 - 08:32)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2005-009.NASL
    description The remote host is running Apple Mac OS X, but lacks Security Update 2005-009. This security update contains fixes for the following applications : - Apache2 - Apache_mod_ssl - CoreFoundation - curl - iodbcadmintool - OpenSSL - passwordserver - Safari - sudo - syslog
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 20249
    published 2005-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20249
    title Mac OS X Multiple Vulnerabilities (Security Update 2005-009)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-882.NASL
    description Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer (OpenSSL) library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0. The following matrix explains which version in which distribution has this problem corrected. oldstable (woody) stable (sarge) unstable (sid) openssl 0.9.6c-2.woody.8 0.9.7e-3sarge1 0.9.8-3 openssl094 0.9.4-6.woody.4 n/a n/a openssl095 0.9.5a-6.woody.6 n/a n/a openssl096 n/a 0.9.6m-1sarge1 n/a openssl097 n/a n/a 0.9.7g-5
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 22748
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22748
    title Debian DSA-882-1 : openssl095 - cryptographic weakness
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-888.NASL
    description Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer (OpenSSL) library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0. The following matrix explains which version in which distribution has this problem corrected. oldstable (woody) stable (sarge) unstable (sid) openssl 0.9.6c-2.woody.8 0.9.7e-3sarge1 0.9.8-3 openssl094 0.9.4-6.woody.4 n/a n/a openssl095 0.9.5a-6.woody.6 n/a n/a openssl096 n/a 0.9.6m-1sarge1 n/a openssl097 n/a n/a 0.9.7g-5
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 22754
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22754
    title Debian DSA-888-1 : openssl - cryptographic weakness
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200510-11.NASL
    description The remote host is affected by the vulnerability described in GLSA-200510-11 (OpenSSL: SSL 2.0 protocol rollback) Applications setting the SSL_OP_MSIE_SSLV2_RSA_PADDING option (or the SSL_OP_ALL option, that implies it) can be forced by a third-party to fallback to the less secure SSL 2.0 protocol, even if both parties support the more secure SSL 3.0 or TLS 1.0 protocols. Impact : A man-in-the-middle attacker can weaken the encryption used to communicate between two parties, potentially revealing sensitive information. Workaround : If possible, disable the use of SSL 2.0 in all OpenSSL-enabled applications.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 20031
    published 2005-10-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20031
    title GLSA-200510-11 : OpenSSL: SSL 2.0 protocol rollback
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0525.NASL
    description Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Several flaws in Zlib was discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream is opened by a user. (CVE-2005-2096). An attacker could create a carefully crafted compressed stream that would cause an application to crash if the stream is opened by a user. (CVE-2005-1849) A buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). A flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) An attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around could allow an attacker, acting as a 'man in the middle' to force an SSL connection to use SSL 2.0 rather than a stronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969) During OpenSSL parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). Certain public key types can take disproportionate amounts of time to process in OpenSSL, leading to a denial of service. (CVE-2006-2940) A flaw was discovered in the way that the Python repr() function handled UTF-32/UCS-4 strings. If an application written in Python used the repr() function on untrusted data, this could lead to a denial of service or possibly allow the execution of arbitrary code with the privileges of the Python application. (CVE-2006-4980) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This may possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application written in Python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965) A stack-based buffer overflow was discovered in the Python interpreter, which could allow a local user to gain privileges by running a script with a long name from the current working directory. (CVE-2006-1542) Users of Red Hat Network Satellite Server should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43838
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43838
    title RHEL 3 / 4 : Solaris client in Satellite Server (RHSA-2008:0525)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_60E26A403B2511DA948400123FFE8333.NASL
    description Vulnerability : Such applications are affected if they use the option SSL_OP_MSIE_SSLV2_RSA_PADDING. This option is implied by use of SSL_OP_ALL, which is intended to work around various bugs in third-party software that might prevent interoperability. The SSL_OP_MSIE_SSLV2_RSA_PADDING option disables a verification step in the SSL 2.0 server supposed to prevent active protocol-version rollback attacks. With this verification step disabled, an attacker acting as a 'man in the middle' can force a client and a server to negotiate the SSL 2.0 protocol even if these parties both support SSL 3.0 or TLS 1.0. The SSL 2.0 protocol is known to have severe cryptographic weaknesses and is supported as a fallback only. Applications using neither SSL_OP_MSIE_SSLV2_RSA_PADDING nor SSL_OP_ALL are not affected. Also, applications that disable use of SSL 2.0 are not affected.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 21435
    published 2006-05-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21435
    title FreeBSD : openssl -- potential SSL 2.0 rollback (60e26a40-3b25-11da-9484-00123ffe8333)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-762.NASL
    description An updated RealPlayer package that fixes a format string bug is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. RealPlayer is a media player that provides media playback locally and via streaming. A format string bug was discovered in the way RealPlayer processes RealPix (.rp) files. It is possible for a malformed RealPix file to execute arbitrary code as the user running RealPlayer. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2710 to this issue. All users of RealPlayer are advised to upgrade to this updated package, which contains RealPlayer version 10.0.6 and is not vulnerable to this issue.
    last seen 2019-02-21
    modified 2014-05-02
    plugin id 63829
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63829
    title RHEL 3 / 4 : RealPlayer (RHSA-2005:762)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0264.NASL
    description Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Two denial-of-service flaws were fixed in ZLib. (CVE-2005-2096, CVE-2005-1849) Multiple flaws were fixed in OpenSSL. (CVE-2006-4343, CVE-2006-4339, CVE-2006-3738, CVE-2006-2940, CVE-2006-2937, CVE-2005-2969) Multiple flaws were fixed in Python. (CVE-2007-4965, CVE-2007-2052, CVE-2006-4980, CVE-2006-1542) Users of Red Hat Network Satellite Server 5.0.1 are advised to upgrade to 5.0.2, which resolves these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43836
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43836
    title RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0264)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0629.NASL
    description Red Hat Network Satellite Server version 5.1.1 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Several flaws in Zlib were discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream was opened by a user. (CVE-2005-2096, CVE-2005-1849) A buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). A flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) An attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 was used an attacker could, potentially, forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around was vulnerable to a man-in-the-middle attack which allowed a remote user to force an SSL connection to use SSL 2.0, rather than a stronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969) During OpenSSL parsing of certain invalid ASN.1 structures, an error condition was mishandled. This could result in an infinite loop which consumed system memory (CVE-2006-2937). Certain public key types could take disproportionate amounts of time to process in OpenSSL, leading to a denial of service. (CVE-2006-2940) A flaw was discovered in the Python repr() function's handling of UTF-32/UCS-4 strings. If an application used the repr() function on untrusted data, this could lead to a denial of service or, possibly, allow the execution of arbitrary code with the privileges of the application using the flawed function. (CVE-2006-4980) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This could, potentially, cause disclosure of data stored in the memory of an application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or, possibly, execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965) A stack-based buffer overflow was discovered in the Python interpreter, which could allow a local user to gain privileges by running a script with a long name from the current working directory. (CVE-2006-1542) Users of Red Hat Network Satellite Server should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43839
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43839
    title RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0629)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-800.NASL
    description Updated OpenSSL packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. This work-around is enabled in most servers that use OpenSSL to provide support for SSL and TLS. Yutaka Oiwa discovered that this work-around could allow an attacker, acting as a 'man in the middle' to force an SSL connection to use SSL 2.0 rather than a stronger protocol such as SSL 3.0 or TLS 1.0. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2969 to this issue. A bug was also fixed in the way OpenSSL creates DSA signatures. A cache timing attack was fixed in RHSA-2005-476 which caused OpenSSL to do private key calculations with a fixed time window. The DSA fix for this was not complete and the calculations are not always performed within a fixed-window. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0109 to this issue. Users are advised to upgrade to these updated packages, which remove the MISE 3.0.2 work-around and contain patches to correct these issues. Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 20050
    published 2005-10-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20050
    title RHEL 2.1 / 3 / 4 : openssl (RHSA-2005:800)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-875.NASL
    description Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer (OpenSSL) library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0. The following matrix explains which version in which distribution has this problem corrected. oldstable (woody) stable (sarge) unstable (sid) openssl 0.9.6c-2.woody.8 0.9.7e-3sarge1 0.9.8-3 openssl094 0.9.4-6.woody.4 n/a n/a openssl095 0.9.5a-6.woody.6 n/a n/a openssl096 n/a 0.9.6m-1sarge1 n/a openssl097 n/a n/a 0.9.7g-5
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 22741
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22741
    title Debian DSA-875-1 : openssl094 - cryptographic weakness
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-800.NASL
    description Updated OpenSSL packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. This work-around is enabled in most servers that use OpenSSL to provide support for SSL and TLS. Yutaka Oiwa discovered that this work-around could allow an attacker, acting as a 'man in the middle' to force an SSL connection to use SSL 2.0 rather than a stronger protocol such as SSL 3.0 or TLS 1.0. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2969 to this issue. A bug was also fixed in the way OpenSSL creates DSA signatures. A cache timing attack was fixed in RHSA-2005-476 which caused OpenSSL to do private key calculations with a fixed time window. The DSA fix for this was not complete and the calculations are not always performed within a fixed-window. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0109 to this issue. Users are advised to upgrade to these updated packages, which remove the MISE 3.0.2 work-around and contain patches to correct these issues. Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21861
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21861
    title CentOS 3 / 4 : openssl (CESA-2005:800)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-179.NASL
    description Yutaka Oiwa discovered vulnerability potentially affects applications that use the SSL/TLS server implementation provided by OpenSSL. Such applications are affected if they use the option SSL_OP_MSIE_SSLV2_RSA_PADDING. This option is implied by use of SSL_OP_ALL, which is intended to work around various bugs in third- party software that might prevent interoperability. The SSL_OP_MSIE_SSLV2_RSA_PADDING option disables a verification step in the SSL 2.0 server supposed to prevent active protocol-version rollback attacks. With this verification step disabled, an attacker acting as a 'man in the middle' can force a client and a server to negotiate the SSL 2.0 protocol even if these parties both support SSL 3.0 or TLS 1.0. The SSL 2.0 protocol is known to have severe cryptographic weaknesses and is supported as a fallback only. (CVE-2005-2969) The current default algorithm for creating 'message digests' (electronic signatures) for certificates created by openssl is MD5. However, this algorithm is not deemed secure any more, and some practical attacks have been demonstrated which could allow an attacker to forge certificates with a valid certification authority signature even if he does not know the secret CA signing key. To address this issue, openssl has been changed to use SHA-1 by default. This is a more appropriate default algorithm for the majority of use cases. If you still want to use MD5 as default, you can revert this change by changing the two instances of 'default_md = sha1' to 'default_md = md5' in /usr/{lib,lib64}/ssl/openssl.cnf. (CVE-2005-2946)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20039
    published 2005-10-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20039
    title Mandrake Linux Security Advisory : openssl (MDKSA-2005:179)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-204-1.NASL
    description Yutaka Oiwa discovered a possible cryptographic weakness in OpenSSL applications. Applications using the OpenSSL library can use the SSL_OP_MSIE_SSLV2_RSA_PADDING option (or SSL_OP_ALL, which implies the former) to maintain compatibility with third-party products, which is achieved by working around known bugs in them. The SSL_OP_MSIE_SSLV2_RSA_PADDING option disabled a verification step in the SSL 2.0 server supposed to prevent active protocol-version rollback attacks. With this verification step disabled, an attacker acting as a 'man in the middle' could force a client and a server to negotiate the SSL 2.0 protocol even if these parties both supported SSL 3.0 or TLS 1.0. The SSL 2.0 protocol is known to have severe cryptographic weaknesses and is supported as a fallback only. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-08-15
    plugin id 20620
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20620
    title Ubuntu 4.10 / 5.04 / 5.10 : openssl vulnerability (USN-204-1)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL5533.NASL
    description The remote BIG-IP device is missing a patch required by a security advisory.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78206
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78206
    title F5 Networks BIG-IP : Potential protocol version rollback vulnerability in OpenSSL (SOL5533)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2005-286-01.NASL
    description New OpenSSL packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. Under certain conditions, an attacker acting as a 'man in the middle' may force a client and server to fall back to the less-secure SSL 2.0 protocol.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 20017
    published 2005-10-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20017
    title Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : OpenSSL (SSA:2005-286-01)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-881.NASL
    description Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer (OpenSSL) library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0. The following matrix explains which version in which distribution has this problem corrected. oldstable (woody) stable (sarge) unstable (sid) openssl 0.9.6c-2.woody.8 0.9.7e-3sarge1 0.9.8-3 openssl094 0.9.4-6.woody.4 n/a n/a openssl095 0.9.5a-6.woody.6 n/a n/a openssl096 n/a 0.9.6m-1sarge1 n/a openssl097 n/a n/a 0.9.7g-5
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 22747
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22747
    title Debian DSA-881-1 : openssl096 - cryptographic weakness
  • NASL family Web Servers
    NASL id OPENSSL_0_9_7H_0_9_8A.NASL
    description According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.7h or 0.9.8a. If the SSL_OP_MSIE_SSLV2_RSA_PADDING option is used, a remote attacker could force a client to downgrade to a weaker protocol and implement a man-in-the-middle attack.
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 17755
    published 2012-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17755
    title OpenSSL < 0.9.7h / 0.9.8a Protocol Version Rollback
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_121229-02.NASL
    description SunOS 5.10: libssl patch. Date this patch was last updated by Sun : Apr/23/07
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 107376
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107376
    title Solaris 10 (sparc) : 121229-02
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_121229.NASL
    description SunOS 5.10: libssl patch. Date this patch was last updated by Sun : Apr/23/07
    last seen 2018-09-01
    modified 2018-08-13
    plugin id 20272
    published 2005-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20272
    title Solaris 10 (sparc) : 121229-02
oval via4
accepted 2013-04-29T04:14:09.450-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.
family unix
id oval:org.mitre.oval:def:11454
status accepted
submitted 2010-07-09T03:56:16-04:00
title The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.
version 23
redhat via4
advisories
  • rhsa
    id RHSA-2005:762
  • rhsa
    id RHSA-2005:800
  • rhsa
    id RHSA-2008:0629
refmap via4
apple APPLE-SA-2005-11-29
bid
  • 15071
  • 15647
  • 24799
cisco 20051202 Cisco Security Notice: Response to OpenSSL - Potential SSL 2.0 Rollback
confirm
debian
  • DSA-875
  • DSA-881
  • DSA-882
freebsd FreeBSD-SA-05:21
hp
  • HPSBUX02174
  • HPSBUX02186
  • SSRT061239
  • SSRT071299
mandriva MDKSA-2005:179
misc
sectrack 1015032
secunia
  • 17146
  • 17151
  • 17153
  • 17169
  • 17178
  • 17180
  • 17189
  • 17191
  • 17210
  • 17259
  • 17288
  • 17335
  • 17344
  • 17389
  • 17409
  • 17432
  • 17466
  • 17589
  • 17617
  • 17632
  • 17813
  • 17888
  • 18045
  • 18123
  • 18165
  • 18663
  • 19185
  • 21827
  • 23280
  • 23340
  • 23843
  • 23915
  • 25973
  • 26893
  • 31492
sunalert 101974
suse SUSE-SA:2005:061
trustix TSLSA-2005-0059
vupen
  • ADV-2005-2036
  • ADV-2005-2659
  • ADV-2005-2710
  • ADV-2005-2908
  • ADV-2005-3002
  • ADV-2005-3056
  • ADV-2006-3531
  • ADV-2007-0326
  • ADV-2007-0343
  • ADV-2007-2457
xf hitachi-hicommand-security-bypass(35287)
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 07-03-2011 - 21:25
Published 18-10-2005 - 17:02
Last modified 02-05-2018 - 21:29
Back to Top