Cisco IOS Multiple OpenSSL Vulnerabilities (CSCup22590)

medium Nessus Plugin ID 88988

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco IOS device is missing a vendor-supplied security patch and has an IOS service configured to use TLS or SSL. It is, therefore, affected by the following vulnerabilities in the bundled OpenSSL library :

- A buffer overflow error exists related to invalid DTLS fragment handling that can lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195)

- An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note that this issue only affects OpenSSL when used as a DTLS client.
(CVE-2014-0221)

- An unspecified error exists that allows an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks. (CVE-2014-0224)

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCup22590.

See Also

http://www.nessus.org/u?0aa6a7e6

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCup22590

https://www.openssl.org/news/secadv/20140605.txt

https://www.openssl.org/news/vulnerabilities.html

https://www.imperialviolet.org/2014/06/05/earlyccs.html

Plugin Details

Severity: Medium

ID: 88988

File Name: cisco-sa-20140605-openssl-ios.nasl

Version: 1.12

Type: combined

Family: CISCO

Published: 2/26/2016

Updated: 11/19/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/5/2014

Vulnerability Publication Date: 6/3/2014

Exploitable With

Core Impact

Reference Information

CVE: CVE-2014-0195, CVE-2014-0221, CVE-2014-0224

BID: 67899, 67900, 67901

CERT: 978508

CISCO-SA: cisco-sa-20140605-openssl

CISCO-BUG-ID: CSCup22590