Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2019-1559

Impact: Moderate Public Date: 2019-02-26 CWE: CWE-325 Bugzilla: 1683804: CVE-2019-1559 openssl: 0-byte record padding oracle If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).

Source

The MITRE CVE dictionary describes this issue as:

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).

Find out more about CVE-2019-1559 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.

CVSS3 Base Score	6.8
CVSS3 Base Metrics	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Attack Vector	Network
Attack Complexity	High
Privileges Required	None
User Interaction	None
Scope	Changed
Confidentiality	High
Integrity Impact	None
Availability Impact	None

Affected Packages State

Platform	Package	State
Red Hat Virtualization 4	rhvm-appliance	Under investigation
Red Hat Virtualization 4	redhat-virtualization-host	Under investigation
Red Hat JBoss Web Server 5	openssl	Under investigation
Red Hat JBoss Web Server 3	openssl	Under investigation
Red Hat JBoss EWS 2	openssl	Under investigation
Red Hat JBoss EAP 6	openssl	Under investigation
Red Hat JBoss EAP 5	openssl	Under investigation
Red Hat JBoss Core Services 1	openssl	Under investigation
Red Hat Enterprise Linux 7	OVMF	Will not fix
Red Hat Enterprise Linux 7	openssl098e	Will not fix
Red Hat Enterprise Linux 7	openssl	Affected
Red Hat Enterprise Linux 6	openssl	Will not fix
Red Hat Enterprise Linux 6	openssl098e	Will not fix
Red Hat Enterprise Linux 5	openssl	Under investigation
Red Hat Enterprise Linux 5	openssl097a	Under investigation

External References

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-1559

CVSS v3 metrics

Affected Packages State

External References

Vulmon Search

About

Products

Connect