Reset Search
 

 

Article

JSA10535 - 2012-09 Security Bulletin: Pulse Connect Secure (PCS): Multiple OpenSSL vulnerabilities

« Go Back

Information

 
Product AffectedSA700, SA2500, FIPS SA4000, SA4500, FIPS SA4500, FIPS SA6000, SA6500, FIPS SA6500, MAG2600, MAG4610, MAG6610, MAG6611
Problem
Multiple OpenSSL vulnerabilities have been found in Pulse Connect Secure (PCS).
 
CVE NumberCVSS Base ScoreCVE Issue Title
CVE-2011-41099.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.
CVE-2011-45765.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.
CVE-2011-46195.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2012-08845.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack.
CVE-2012-21107.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
Solution
Software updates to PCS have been released to resolve this issue. Releases containing the fix include PCS 7.1R10, 7.2R3, and all subsequent releases.

 
Workaround
Implementation
Patched Software Release Service Packages are available at Pulse Secure Licensing and Download Center: https://my.pulsesecure.net. Documentation links to the relevant software’s are also available at Pulse Secure Licensing and Download Center.
Related Links
CVSS Score9.3
Risk AssessmentNote: 9.3 was used as the base score because it has the highest score of the group of CVEs included in this advisory.

Information for how Pulse Secure uses CVSS can be found at KB16446 "Common Vulnerability Scoring System (CVSS) and Pulse Secure's Security Advisories."
Acknowledgements
Alert TypePSN - Product Support Notification
Risk LevelHigh
Attachment 1 
Attachment 2 
Legacy IDPSN-2012-09-712, JSA10535

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255