Vulnerability CVE-2015-1789: Information

Description

The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.

Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Fixed packages

References to Advisories, Solutions, and Tools

1. Affected configurations:

   1. Configuration 1

      cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

      End including

      0.9.8zf

      ---

      cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*

      ---

      Configuration 2

      cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*

      End including

      1121

      ---