383
VMScore

CVE-2015-1788

Published: 12/06/2015 Updated: 15/11/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL prior to 0.9.8s, 1.0.0 prior to 1.0.0e, 1.0.1 prior to 1.0.1n, and 1.0.2 prior to 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote malicious users to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl

openssl openssl 1.0.0

openssl openssl 1.0.0a

openssl openssl 1.0.0b

openssl openssl 1.0.0c

openssl openssl 1.0.0d

openssl openssl 1.0.0e

openssl openssl 1.0.0f

openssl openssl 1.0.0g

openssl openssl 1.0.0h

openssl openssl 1.0.0i

openssl openssl 1.0.0j

openssl openssl 1.0.0k

openssl openssl 1.0.0l

openssl openssl 1.0.0m

openssl openssl 1.0.0n

openssl openssl 1.0.0o

openssl openssl 1.0.0p

openssl openssl 1.0.0q

openssl openssl 1.0.0r

openssl openssl 1.0.1

openssl openssl 1.0.1a

openssl openssl 1.0.1b

openssl openssl 1.0.1c

openssl openssl 1.0.1d

openssl openssl 1.0.1e

openssl openssl 1.0.1f

openssl openssl 1.0.1g

openssl openssl 1.0.1h

openssl openssl 1.0.1i

openssl openssl 1.0.1j

openssl openssl 1.0.1k

openssl openssl 1.0.1l

openssl openssl 1.0.1m

openssl openssl 1.0.2

openssl openssl 1.0.2a

Vendor Advisories

It was reported that OpenSSL could enter an infinite loop when processing an ECParameters structure if the curve specified is over a specially malformed binary polynomial field This can be used to perform denial of service attacks against any system which processes public keys, certificate requests or certificates, including TLS clients and TLS se ...
Several security issues were fixed in OpenSSL ...
Nessus and SecurityCenter are potentially impacted by several vulnerabilities in OpenSSL that were recently disclosed and fixed Note that due to the time involved in doing a full analysis of each issue, Tenable has opted to patch the included version of OpenSSL as a precaution, and to save time CVE-2015-1788 - OpenSSL crypto/bn/bn_gf2mc BN_GF2m ...
On June 11, 2015, the OpenSSL Project released a security advisory detailing six distinct vulnerabilities, and another fix that provides hardening protections against exploits as described in the Logjam research Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthe ...
<!-- Start - Changes for Security Advisory Channel --> Security Advisory ID SYMSA1325 Initial Publication Date: Advisory Status: Advisory Severity: CVSS Base Score: Legacy ID 17 Jun 2015 Open High CVSS v2: 75 SA98 ...
<!-- content goes here --> Oracle Solaris Third Party Bulletin - July 2015 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when ...
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available To learn more about Apple Product Security, see the Apple Product Security website For information about the Apple Product Security PGP Key, see How to use ...

Github Repositories

A collection of vulnerabilities discovered by the AFL fuzzer (afl-fuzz)

afl-cve A collection of vulnerabilities discovered by the AFL fuzzer (afl-fuzz) Introduction afl-cve is a collection of known vulnerabilities that can be attributed to the AFL fuzzer afl-fuzz All vulnerabilities in this list either already have a CVE assigned, or a CVE has been requested from a CVE Numbering Authority Why is This Necessary? Because CVE descriptions are not ge

Recent Articles

HPE rushes out patch for more than a year of OpenSSL vulns
The Register • Richard Chirgwin • 06 Jul 2016

Logjam in patch pipeline cleared at last

HP Enterprise has popped into its Tardis, and gone back in time to patch OpenSSL bugs dating back to 2014 – including the infamous Logjam bug.
The bugs are in various network products: Intelligent Management Center (iMC), the VCX unified communications products, and the Comware network operating system.
The company's notice cites Common Vulnerability and Exposure (CVE) advisories CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-...

References

CWE-399http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgeryhttp://fortiguard.com/advisory/openssl-vulnerabilities-june-2015http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.aschttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.htmlhttp://marc.info/?l=bugtraq&m=143880121627664&w=2http://marc.info/?l=bugtraq&m=144050155601375&w=2http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-opensslhttp://www.debian.org/security/2015/dsa-3287http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlhttp://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://www.securityfocus.com/bid/75158http://www.securityfocus.com/bid/91787http://www.securitytracker.com/id/1032564http://www.ubuntu.com/usn/USN-2639-1http://www-304.ibm.com/support/docview.wss?uid=swg21960041https://bto.bluecoat.com/security-advisory/sa98https://github.com/openssl/openssl/commit/4924b37ee01f71ae19c94a8934b80eeb2f677932https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351https://kc.mcafee.com/corporate/index?page=content&id=SB10122https://openssl.org/news/secadv/20150611.txthttps://security.gentoo.org/glsa/201506-02https://support.apple.com/kb/HT205031https://support.citrix.com/article/CTX216642https://www.openssl.org/news/secadv_20150611.txthttps://nvd.nist.govhttps://www.securityfocus.com/bid/75158https://www.rapid7.com/db/vulnerabilities/aix-5.3-openssl_advisory14_cve-2015-1788https://access.redhat.com/security/cve/cve-2015-1788https://usn.ubuntu.com/2639-1/