(info) Page non traduite. Anglais uniquement.
Updates available on my.denyall.com

What happened?

New OpenSSL versions 1.0.2h and 1.0.1t have been published on 3rd May, 2016, to correct two high and several low vulnerabilities.

Source : https://www.openssl.org/news/secadv/20160503.txt

Details of the vulnerabilities

CVE-2016-2108: Memory corruption in the ASN.1 encoder (high)

This new issue affects the ASN.1 parser that can misinterpret a large universal tag as a negative zero value and lead to memory corruption.

The vulnerability can only be triggered with a combination of a second bug on the ASN.1 parser fixed in April 2015. If a zero value was represented as negative integer in the ASN.1 parser, a buffer underflow with an out-of-bounds write was triggered. At the time, the impact was not known.

DenyAll Statement: Impacted products are

  • i-Suite 5.5.6 LTS and earlier
  • rWeb 4.1.3.2 and earlier

CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (high)

A padding oracle attack has been found on connection using AES CBC cipher with a server supporting AES-NI. This attack can allow man-in-the-middle attackers to decrypt the traffic.

DenyAll Statement: All configurations using AES CBC ciphers are impacted. The workaround is to use AES GCM ciphers.

CVE-2016-2105 and CVE-2016-2106: EVP_EncodeUpdate overflow (low)

A flow has been discovered in the EVP_EncodeUpdate() function used for Base64 encoding of binary data. By sending a large amounts of input data, an attacker can overflow a length check triggering a head corruption.

DenyAll Statement: Products are not affected.

CVE-2016-2109: ASN.1 BIO excessive memory allocation (low)

This minor flaw affect ASN.1 BIO functions (like d2i_CMS_bio()). It can trigger memory exhausting by sending an invalid encoding. An attacker can use this flow to potentially crash the remote system with a denial of service.

The advisory also indicates that TLS applications are not affected:

Any application parsing untrusted data through d2i BIO functions is affected. The memory based functions such as d2i_X509() are not affected. Since the memory based functions are used by the TLS library, TLS applications are not affected.

DenyAll Statement: All configurations are affected except those using TLS only but the impact is low, It needs a client or server certificate containing some gigabytes field (e.g. CommonName), which should never happen.

CVE-2016-2176: EBCDIC overread (low)

The ASN.1 X509_NAME_oneline() function, in EBCDIC systems, can return arbitrary data by taking a ASN.1 string over 1024 bits.

DenyAll Statement: Products are not affected.

Products statement

DenyAll pays attention to the AES-NI CBC Padding oracle attack that impact all DenyAll products.

We will provide as soon as possible an OpenSSL update for the following product:

  • DenyAll WAF 6.1: update available on my.denyall.com in the Tech Support then Download section.
  • i-Suite 5.5.9 LTS: update available on my.denyall.com in the Tech Support then Download section.
  • rWeb 4.1.3.2 to 4.2.1: update available on my.denyall.com in the Tech Support then Download section.
  • Vulnerability Manager 6.1: update available. In the administration interface, go to Configuration and Check for updates.

  • No labels