OpenSSL CVE-2015-1793 Certificate Verification Security Bypass Vulnerability

Bugtraq ID: 75652
Class: Input Validation Error
CVE: CVE-2015-1793
Remote: Yes
Local: No
Published: Jul 09 2015 12:00AM
Updated: Oct 26 2016 08:13AM
Credit: Adam Langley of Google and David Benjamin of BoringSSL.
Vulnerable: Slackware Slackware Linux 14.1
Slackware Linux x86_64 -current
Slackware Linux 14.1 x86_64
Slackware Linux 14.0 x86_64
Slackware Linux 14.0
Slackware Linux -current
Oracle Tuxedo 12.1.1.0
Oracle Switch ES1-24 1.3
Oracle Switch ES1-24 0
Oracle Sun Network 10GE Switch 72p 0
Oracle Sun Blade 6000 Ethernet Switched NEM 24P 10GE 0
Oracle Solaris 11.2
Oracle PeopleSoft Enterprise PeopleTools 8.54
Oracle PeopleSoft Enterprise PeopleTools 8.53
Oracle OSS Support Tools 8.9.15.9.8
Oracle MySQL Server 5.6.23
Oracle MySQL Server 5.6.22
Oracle MySQL Server 5.6.21
Oracle MySQL Server 5.6.25
Oracle MySQL Server 5.6.24
Oracle MySQL Server 5.6.20
Oracle MySQL Server 5.6.16
Oracle MySQL Server 5.6.15
Oracle MySQL Server 5.6
Oracle JD Edwards World Security A9.4
Oracle JD Edwards EnterpriseOne Tools 9.2
Oracle JD Edwards EnterpriseOne Tools 9.1
Oracle Integrated Lights Out Manager 3.2
Oracle Integrated Lights Out Manager 3.1
Oracle Integrated Lights Out Manager 3.0
Oracle Ethernet Switch ES2-72 1.9.1
Oracle Ethernet Switch ES2-64 1.9.1
Oracle Enterprise Manager Ops Center 12.1.0.1
Oracle Enterprise Manager Ops Center 12.1
Oracle Enterprise Manager Ops Center 11.1.3
Oracle Enterprise Manager Ops Center 11.1
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Enterprise Manager Base Platform 12.1.0.4
Oracle Endeca Server 7.4
Oracle Endeca Server 7.6.0
Oracle Endeca Server 7.5.0
Oracle Endeca Server 7.3.0
Oracle Business Intelligence Enterprise Edition 11.1.1.9
Oracle Business Intelligence Enterprise Edition 11.1.1.7
Oracle Agile Engineering Data Management 6.2.0.0
Oracle Agile Engineering Data Management 6.1.3.0
Oracle Agile Engineering Data Management 6.1.2.2
OpenSSL Project OpenSSL 1.0.2c
OpenSSL Project OpenSSL 1.0.2b
OpenSSL Project OpenSSL 1.0.1o
OpenSSL Project OpenSSL 1.0.1n
Juniper Junos 15.1X49-D10
Juniper Junos 15.1R1
Juniper Junos 14.2R3
Juniper Junos 14.2R2
Juniper Junos 14.2R1
Juniper Junos 14.1R5
Juniper Junos 14.1R4
Juniper Junos 14.1R3
Juniper JUNOS 14.1R2
Juniper Junos 13.3R6
Juniper Junos 13.3R5
Juniper Junos 13.3R4
Juniper Junos 13.2X51-D30
Juniper Junos 13.2X51-D26
Juniper Junos 13.2X51-D25
Juniper Junos 13.2X51-D20
Juniper Junos 13.2X51-D15
Juniper Junos 12.3X48-D15
Juniper Junos 12.3X48-D10
Juniper Junos 12.3R9
Juniper Junos 12.3R7
Juniper Junos 12.3R6
Juniper Junos 12.3R3
Juniper JUNOS 12.3R2
Juniper Junos 12.3R10
Juniper Junos 12.1X47-D20
Juniper Junos 12.1X47-D15
Juniper Junos 12.1X47-D11
Juniper Junos 12.1X47-D10
Juniper Junos 12.1x47
Juniper Junos 12.1X46-D36
Juniper Junos 12.1X46-D35
Juniper Junos 12.1X46-D30
Juniper Junos 12.1X46-D25
Juniper JUNOS 12.1X46-D25
Juniper Junos 12.1X46-D20
Juniper Junos 12.1X46-D15
Juniper Junos 12.1X46-D10
Juniper Junos 12.1X46 D25
Juniper Junos 12.1X44-D51
Juniper Junos 12.1X44-D50
Juniper JUNOS 12.1X44-D40
Juniper Junos 12.1X44-D35.5
Juniper Junos 12.1X44-D35
Juniper Junos 12.1X44-D34
Juniper Junos 12.1X44-D33
Juniper Junos 12.1X44-D32
Juniper Junos 12.1X44-D30.4
Juniper Junos 12.1X44-D30
Juniper Junos 12.1X44-D26
Juniper JUNOS 12.1X44-D25
Juniper JUNOS 12.1X44-D20 (SRX)
Juniper Junos 12.1X44-D20
Juniper JUNOS 12.1X44-D20
Juniper JUNOS 12.1X44-D15
Juniper JUNOS 12.1X44 D40
Juniper JUNOS 12.1X44 D35
Juniper Junos 12.1X44 D30
Juniper JUNOS 12.1X44 D25
Juniper Junos 12.1X44 D20
Juniper Junos 12.1X44 D10
IBM Worklight Foundation Enterprise Edition 6.2 0
IBM Worklight Foundation Enterprise Edition 6.2.0.1
IBM Worklight Foundation Consumer Edition 6.2 0
IBM Worklight Foundation Consumer Edition 6.2.0.1
IBM Worklight Enterprise Edition 6.1.0.2
IBM Worklight Enterprise Edition 6.1.0.1
IBM Worklight Enterprise Edition 6.1.0.0
IBM Worklight Consumer Edition 6.1.0.2
IBM Worklight Consumer Edition 6.1.0.1
IBM Worklight Consumer Edition 6.1.0.0
IBM Security Proventia Network Active Bypass 1.0.2919
IBM Security Proventia Network Active Bypass 1.0.1876
IBM Security Proventia Network Active Bypass 3.9-34
IBM Security Proventia Network Active Bypass 3.4-23
IBM Security Proventia Network Active Bypass 3.29-9
IBM Security Proventia Network Active Bypass 3.25-57
IBM Security Proventia Network Active Bypass 3.18-49
IBM Security Proventia Network Active Bypass 3.13-41
IBM Security Proventia Network Active Bypass 2.18-43
IBM Security Proventia Network Active Bypass 2.18-42
IBM Security Proventia Network Active Bypass 2.16-37
IBM Security Proventia Network Active Bypass 2.15-36
IBM Security Proventia Network Active Bypass 2.13-34
IBM Security Proventia Network Active Bypass 2.11-28
IBM Security Proventia Network Active Bypass 0343c3c
IBM Security Network Controller 1.0.3381
IBM Security Network Controller 1.0.3379
IBM Security Network Controller 1.0.3376
IBM Security Network Controller 1.0.3361
IBM Security Network Controller 1.0.1768
IBM Security Network Controller 1.0.1209
IBM Security Network Controller 1.0.913
IBM Security Network Controller 1.0.3381M
IBM Security Network Controller 1.0.3379M
IBM Security Network Controller 1.0.3376M
IBM Security Network Controller 1.0.3361M
IBM Security Network Controller 1.0.3352M
IBM Security Network Controller 1.0.3350M
IBM Security AppScan Enterprise 9.0.2
IBM Security AppScan Enterprise 9.0.1
IBM Security AppScan Enterprise 9.0
IBM SDK for Node.js 1.2.0.4
IBM SDK for Node.js 1.2.0.3
IBM SDK for Node.js 1.1.0.15
IBM Rational Tau 4.3 6
IBM Rational Tau 4.3 5
IBM Rational Tau 4.3 4
IBM Rational Tau 4.3 3
IBM Rational Tau 4.3 2
IBM Rational Tau 4.3 1
IBM Rational Tau 4.3.0.6 Interim Fix
IBM Rational Tau 4.3.0.6 Interim Fix
IBM Rational Tau 4.3.0.6 Interim Fix
IBM Rational Tau 4.3.0.6 Interim Fix
IBM Rational Tau 4.3.0.6 Interim Fix
IBM Rational Tau 4.3
IBM Rational Automation Framework 3.0.1
IBM Rational Automation Framework 3.0.1.3
IBM Rational Automation Framework 3.0.1.2
IBM Rational Automation Framework 3.0.1.1
IBM Rational Application Developer for WebSphere 9.1.1
IBM Rational Application Developer for WebSphere 9.1.0.1
IBM Rational Application Developer for WebSphere 9.1
IBM PureData System for Analytics 1.0
IBM NetInsight 8.6.0
IBM Netezza Host Management 5.3.6.0
IBM Netezza Host Management 5.3.3
IBM Netezza Host Management 5.3.2.0
IBM MobileFirst Platform Foundation 7.0.0.0
IBM MobileFirst Platform Foundation 6.3.0.0
IBM InfoSphere Information Server 9.1
IBM InfoSphere Information Server 8.7
IBM InfoSphere Information Server 8.5
IBM InfoSphere Information Server 8.1
IBM InfoSphere Information Server 11.3
IBM i V5R4 7.2
IBM i V5R4 7.1
IBM i V5R4 6.1
IBM i V5R3 7.2
IBM i V5R3 7.1
IBM i V5R3 6.1
IBM ContactOptimization 9.1.1
IBM ContactOptimization 9.1
IBM ContactOptimization 9.0
IBM ContactOptimization 8.6
IBM ContactOptimization 8.5
IBM ContactOptimization 8.3
IBM ContactOptimization 8.2
IBM ContactOptimization 8.1
IBM Campaign 9.1.1
IBM Campaign 9.1 1
IBM Campaign 9.1
IBM Campaign 9.1.0.4
IBM Campaign 9.1
IBM Campaign 9.0
IBM Campaign 8.6
IBM Campaign 8.5
IBM Campaign 8.3
IBM Campaign 8.2
IBM Campaign 8.1
IBM Campaign 8.0
IBM Aspera Shares 1.9.2
IBM Aspera Proxy 1.2.2
IBM Aspera Point to Point 3.5.5
IBM Aspera Orchestrator 2.3
IBM Aspera OnDemand 3.5.4
IBM Aspera Faspex Application 3.9.2
IBM Aspera Enterprise Server Client 3.5.5
IBM Aspera Enterprise Server 3.5.5
IBM Aspera Console 3.0.1
Huawei eSight NetWork V300R003C10SPC100
HP VCX products 0
HP iMC products 0
HP HP-UX B.11.31
HP HP-UX B.11.23.1.007
HP HP-UX B.11.23.07.04
HP HP-UX B.11.23
HP HP-UX B.11.23
HP HP-UX B.11.22
HP HP-UX B.11.11.17.02
HP HP-UX B.11.11.16.09
HP HP-UX B.11.11.15.13
HP HP-UX B.11.11.14.15
HP HP-UX B.11.11.13.14
HP HP-UX B.11.11.02.008
HP HP-UX B.11.11
HP HP-UX B.11.04
HP HP-UX B.11.00
HP Comware 7 products 0
HP Comware 5 products 0
HP Cloud service automation 4.5
Gentoo Linux
FreeBSD FreeBSD 10.1-STABLE
Cisco WebEx Node for MCS 0
Cisco WebEx Messenger Service 0
Cisco Virtual Security Gateway for Microsoft Hyper-V 0
Cisco Virtual Security Gateway 0
Cisco Unified Attendant Console Standard 0
Cisco TelePresence Conductor 0
Cisco SocialMiner 0
Cisco Services Analytic Platform 0
Cisco Security Manager 0
Cisco Registered Envelope Service (CRES) 0
Cisco Prime Security Manager 0
Cisco Prime Network Services Controller (PNSC) 0
Cisco Prime License Manager 0
Cisco Prime Collaboration Provisioning 0
Cisco Prime Collaboration Deployment 0
Cisco Partner Supporting Service 0
Cisco Packet Tracer 5.3
Cisco Packet Tracer 5.2
Cisco Nexus 5000 Series Switches 0
Cisco Nexus 2000 Series FEX 0
Cisco Network Performance Analytics 0
Cisco Model D9485 DAVIC QPSK 0
Cisco Local Collector Appliance 0
Cisco Jabber Software Development Kit 0
Cisco IOS XE Software 0
Cisco IM and Presence Service (CUPS) 0
Cisco Emergency Responder
Cisco Digital Media Players (DMP) 4400 Series 0
Cisco Digital Media Players (DMP) 4300 Series 0
Cisco Digital Media Players 0
Cisco Connected Analytics For Collaboration 0
Cisco ASA CX and Cisco Prime Security Manager 0
Cisco Agent for OpenFlow 0
Cisco 910 Industrial Router 0
Not Vulnerable: Oracle Switch ES1-24 1.3.1.3
Oracle Sun Network 10GE Switch 72p 1.2.2.15
Oracle Sun Blade 6000 Ethernet Switched NEM 24P 10GE 1.2.2.13
Oracle Ethernet Switch ES2-72 2.0.0.6
Oracle Ethernet Switch ES2-64 2.0.0.6
Oracle Enterprise Manager Ops Center 12.3
Oracle Enterprise Manager Ops Center 12.2.1
Oracle Enterprise Manager Ops Center 12.2
Oracle Enterprise Manager Ops Center 12.1.4
OpenSSL Project OpenSSL 1.0.2d
OpenSSL Project OpenSSL 1.0.1p
Juniper Junos 15.1X49-D20
Juniper Junos 15.1R2
Juniper Junos 14.2R4
Juniper Junos 14.1R6
Juniper Junos 13.3R7
Juniper Junos 13.2X51-D40
Juniper Junos 12.3X48-D30
Juniper Junos 12.3X48-D20
Juniper Junos 12.3R11
Juniper Junos 12.1X47-D45
Juniper Junos 12.1X47-D25
Juniper Junos 12.1X46-D55
Juniper Junos 12.1X46-D40
Juniper Junos 12.1X44-D55
IBM Rational Tau 4.3.0.6 Interim Fix
IBM Rational Automation Framework 3.0.1.3 iFix5
IBM NetInsight 8.6.0.14
IBM Netezza Host Management 5.3.7.0
Huawei eSight NetWork V300R003C10SPC201
Cisco WebEx Messenger Service 7.9.9 EP1
Cisco TelePresence Conductor XC4.0
Cisco SocialMiner 11.5.1
Cisco Security Manager 4.9
Cisco Security Manager 4.8 SP1
Cisco Registered Envelope Service (CRES) 4.4.1
Cisco Prime Security Manager 9.3.4.2-4
Cisco Prime Network Services Controller 3.4.1c
Cisco Prime Collaboration Provisioning 10.5.1
Cisco Prime Collaboration Provisioning 9.5
Cisco Prime Collaboration Provisioning 10.6
Cisco Prime Collaboration Provisioning 10.0
Cisco Model D9485 DAVIC QPSK 1.2.19
Cisco Local Collector Appliance 2.2.10
Cisco Ios Xe 3.16
Cisco Ios Xe 3.15
Cisco Ios Xe 3.14
Cisco Ios Xe 3.13
Cisco Digital Media Players (DMP) 4400 Series 5.4(1)RB(2P4)
Cisco Digital Media Players (DMP) 4400 Series 5.3(6)RB(2P3)
Cisco Digital Media Players (DMP) 4300 Series 5.4(1)RB(2P4)
Cisco Digital Media Players (DMP) 4300 Series 5.3(6)RB(2P3)
Cisco Digital Media Players 5.4(1)RB(2P4)
Cisco Digital Media Players 5.3(6)RB(2P3)
Cisco 910 Industrial Router 1.2.1RB3


 

Privacy Statement
Copyright 2010, SecurityFocus