Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2017-3732

Published: 04/05/2017 Updated: 29/08/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Openssl

Vulnerability Summary

There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 prior to 1.0.2k and 1.1.0 prior to 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very similar to CVE-2015-3193 but must be treated as a separate problem.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl 1.0.2a

openssl openssl 1.0.2e

openssl openssl 1.0.2b

openssl openssl 1.1.0c

openssl openssl 1.0.2h

openssl openssl 1.0.2c

openssl openssl 1.1.0b

openssl openssl 1.0.2

openssl openssl 1.1.0a

openssl openssl 1.0.2f

openssl openssl 1.0.2i

openssl openssl 1.0.2d

nodejs node.js

Vendor Advisories

Debian CVElist Bug Report Logs: Security fixes from the July 2017 CPU
Debian Bug report logs - #868798 Security fixes from the July 2017 CPU Package: src:mysql-57; Maintainer for src:mysql-57 is Debian MySQL Maintainers <pkg-mysql-maint@listsaliothdebianorg>; Reported by: Lars Tangvald <larstangvald@oraclecom> Date: Tue, 18 Jul 2017 18:30:02 UTC Severity: grave Tags: fixed-upstr ...
Ubuntu Security Notice: openssl vulnerabilities
Several security issues were fixed in OpenSSL ...
Red Hat: Important: java-1.8.0-ibm security update
Synopsis Important: java-180-ibm security update Type/Severity Security Advisory: Important Topic An update for java-180-ibm is now available for Red Hat Enterprise Linux 7 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Red Hat: Moderate: java-1.8.0-ibm security update
Synopsis Moderate: java-180-ibm security update Type/Severity Security Advisory: Moderate Topic An update for java-180-ibm is now available for Red Hat Satellite 58Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Red Hat: Important: java-1.8.0-ibm security update
Synopsis Important: java-180-ibm security update Type/Severity Security Advisory: Important Topic An update for java-180-ibm is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update
Synopsis Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 security update Type/Severity Security Advisory: Moderate Topic Red Hat JBoss Core Services Pack Apache Server 2429 packages are now availableRed Hat Product Security has rated this release as having a security impactof Moderate A ...
Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 security update
Synopsis Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 RHEL 7 security update Type/Severity Security Advisory: Moderate Topic Red Hat JBoss Core Services Pack Apache Server 2429 packages are now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this release as ...
Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update
Synopsis Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 RHEL 6 security update Type/Severity Security Advisory: Moderate Topic Red Hat JBoss Core Services Pack Apache Server 2429 packages are now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this release as h ...
Red Hat: CVE-2017-3732
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 102 before 102k and 110 before 110d No EC algorithms are affected Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely Attacks against DH are considered just feasi ...
Arch Linux Issues:
There is a carry propagating bug in the x86_64 Montgomery squaring procedure No EC algorithms are affected Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely Attacks against DH are considered just feasible (although very difficult) because most of the work ...
Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017
On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities The foundation also released one vulnerability that was already disclosed in the OpenSSL advisory for November 2016 and included in the Cisco Security Advisory Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: Novem ...
Tenable Security Advisories: [R5] SecurityCenter 5.4.3 Fixes Multiple Vulnerabilities
SecurityCenter has recently been discovered to contain several vulnerabilities Four issues in the SC code were discovered during internal testing by Barry Clark, and several third-party libraries were upgraded as part of our internal security process Note that the library vulnerabilities were not fully diagnosed so SecurityCenter is possibly impa ...
Huawei Security Advisories: Security Advisory - Three OpenSSL Vulnerabilities in Huawei Products
On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities  If a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash This could be exploited in a Denial of S ...

Exploits

Exploit DB: Orion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle
Orion Elite Hidden IP Browser Pro versions 10 through 79 have insecure versions of Tor and OpenSSL included and also suffer from man-in-the-middle vulnerabilities ...

Recent Articles

OpenSSL pushes trio of DoS-busting patches
The Register • Richard Chirgwin • 31 Jan 2017

One was fixed before anyone realised it was a security issue, so be careful when applying

OpenSSL's released patches for a trio of denial-of-service bugs. The first (CVE-2017-3731), turned up by Google's Robert Święcki, only affects SSL/TLS servers running on 32-bit hosts. Depending on the cipher the host is using, a truncated packet crashes the system by triggering an out-of-bounds read. It's version-specific: under OpenSSL 1.1.0 the relevant cipher is CHACHA20/POLY1305 and it's fixed in 1.1.0d. In OpenSSL 1.0.2, RC4-MD5 (which should have been disabled) is the target, and it's fi...

Read more...

References

CWE-200https://www.openssl.org/news/secadv/20170126.txthttp://www.securityfocus.com/bid/95814https://security.gentoo.org/glsa/201702-07http://www.securitytracker.com/id/1037717http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttps://www.tenable.com/security/tns-2017-04https://security.FreeBSD.org/advisories/FreeBSD-SA-17:02.openssl.aschttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttps://github.com/openssl/openssl/commit/a59b90bf491410f1f2bc4540cc21f1980fd14c5bhttps://access.redhat.com/errata/RHSA-2018:2187https://access.redhat.com/errata/RHSA-2018:2186https://access.redhat.com/errata/RHSA-2018:2185https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03838en_ushttps://access.redhat.com/errata/RHSA-2018:2568https://access.redhat.com/errata/RHSA-2018:2575https://access.redhat.com/errata/RHSA-2018:2713https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868798https://nvd.nist.govhttps://usn.ubuntu.com/3181-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcodedarbitrary codeCVE-2024-2404CVE-2024-21111CVE-2024-28627CVE-2024-4073information disclosureCVE-2024-32780CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook