McAfee Products: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2015.0031
          McAfee Security Bulletin - FREAK OpenSSL Vulnerability
                               10 April 2015

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              McAfee Email Gateway (MEG) / Email and Web Security (EWS)
                      McAfee Firewall Enterprise (MFE)
                      McAfee Firewall Enterprise Control Center (MFE CC)
                      McAfee Web Gateway (MWG)
Operating System:     Network Appliance
                      Windows
Impact/Access:        Access Privileged Data         -- Remote/Unauthenticated
                      Provide Misleading Information -- Remote/Unauthenticated
                      Denial of Service              -- Remote/Unauthenticated
                      Reduced Security               -- Remote/Unauthenticated
Resolution:           Patch/Upgrade
CVE Names:            CVE-2015-0206 CVE-2015-0205 CVE-2015-0204
                      CVE-2014-8275 CVE-2014-3572 CVE-2014-3571
                      CVE-2014-3570 CVE-2014-3569 CVE-2014-3568
Member content until: Sunday, May 10 2015
Reference:            ASB-2015.0026
                      ASB-2015.0024
                      ESB-2014.1936
                      ESB-2014.1871
                      ESB-2014.1858

OVERVIEW

        Eight OpenSSL vulnerabilities have been discovered in multiple 
        McAfee Products. [1]


IMPACT

        The vendor has provided the following details on the vulnerability:
        
        "CVE-2014-3569: The ssl23_get_client_hello function in s23_srvr.c in
        OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle 
        attempts to use unsupported protocols, which allows remote attackers
        to cause a denial of service (NULL pointer dereference and daemon 
        crash) via an unexpected handshake, as demonstrated by an SSLv3 
        handshake to a no-ssl3 application with certain error handling. This
        issue became relevant after the CVE-2014-3568 fix. 
        http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3569
        
        CVE-2014-3570: The BN_sqr implementation in OpenSSL before 0.9.8zd,
        1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly 
        calculate the square of a BIGNUM value, which might make it easier 
        for remote attackers to defeat cryptographic protection mechanisms 
        via unspecified vectors, related to crypto/bn/asm/mips.pl, 
        crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c. 
        http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3570
        
        CVE-2014-3571: OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 
        1.0.1 before 1.0.1k allows remote attackers to cause a denial of 
        service (NULL pointer dereference and application crash) via a 
        crafted DTLS message that is processed with a different read 
        operation for the handshake header than for the handshake body, 
        related to the dtls1_get_record function in d1_pkt.c and the 
        ssl3_read_n function in s3_pkt.c. 
        http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3571
        
        CVE-2014-3572: The ssl3_get_key_exchange function in s3_clnt.c in 
        OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k
        allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks
        and trigger a loss of forward secrecy by omitting the 
        ServerKeyExchange message. 
        http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3572
        
        CVE-2014-8275: OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 
        1.0.1 before 1.0.1k does not enforce certain constraints on 
        certificate data, which allows remote attackers to defeat a 
        fingerprint-based certificate-blacklist protection mechanism by 
        including crafted data within a certificate's unsigned portion, 
        related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, 
        crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c. 
        http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8275
        
        CVE-2015-0204: The ssl3_get_key_exchange function in s3_clnt.c in 
        OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k
        allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade 
        attacks and facilitate brute-force decryption by offering a weak 
        ephemeral RSA key in a noncompliant role. 
        http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0204
        
        CVE-2015-0205: The ssl3_get_cert_verify function in s3_srvr.c in 
        OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client 
        authentication with a Diffie-Hellman (DH) certificate without 
        requiring a CertificateVerify message, which allows remote attackers
        to obtain access without knowledge of a private key via crafted TLS
        Handshake Protocol traffic to a server that recognizes a 
        Certification Authority with DH support. 
        http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0205
        
        CVE-2015-0206: Memory leak in the dtls1_buffer_record function in 
        d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k 
        allows remote attackers to cause a denial of service (memory 
        consumption) by sending many duplicate records for the next epoch, 
        leading to failure of replay detection. 
        http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0206" [1]


MITIGATION

        The vendor recommends applying the available patches or hotfixes for
        the relevant product. [1]


REFERENCES

        [1] McAfee Security Bulletin - FREAK OpenSSL Vulnerability
            https://kc.mcafee.com/corporate/index?page=content&id=SB10108

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVSdmDRLndAQH1ShLAQKrWQ//VfQ2j9tyYw8O3ethe+LBzH37uAyRapLn
HK06WDPMK5oiUYCuwhWwoYkqpbAlpjbfEi0G4YspkoKytnpNIjhiNlHzUIvDVO1Y
dsDt8T0mhQrlY+RIy8aD0vAKqC85aaEBuRQJXaI7MbwlROUo7SXBSZ19bGNju+Z1
jXzrzFshRqJ0fLSgWplaRhz3iAxsld8zuL6n4N2K9tnTezfJkvgQVF8j/ykg4rNt
ba1IZR9ZSYSRESinrFxBF6buO4nrZugeCCBLDUQLO1Rs/sfoFJ4MmNIW6I9erNg6
T70+PT9z5ZfkQzHbEK/OPB686ejpS4NtC8pVPwXIcxM3fRHxXFz0l6DUAJXUGwyz
mvTF0LGLVyDY8J32xMntqxM8BVF07StIStPxosehFE96gC4xQ3L+W/RXR6wm2wpu
ZfcZEJ4V2q+ZMARgFYKYtnLDnxS/JzaePua2SGKT1T3ij7U1GkM1wGPT81xCPLUF
TzorYuYGTWSMQ4Y61tPuu45nQWh0J39x6NurDjidF7CNNfQ0osaKBUTmqxlpa4xW
k5yqi2VT6Izu4tC38FCRd0WCmbNZNVA8fg8T2pnqQWF7mQi6R9SmyA4GDoeTdH+i
ykoq3z6FKZeqYHgzG8kLFM8y5rgZTWKiKqi2QqzbUAmUxEYsK7ihqFCfks4RPuf8
xuYuWwvaweY=
=dwS3
-----END PGP SIGNATURE-----