Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2017.0505 SA143: OpenSSL Vulnerabilities 16-Feb-2017 24 February 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Bluecoat products Publisher: Bluecoat Operating System: Network Appliance Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2017-3733 Reference: ESB-2017.0488 Original Bulletin: https://bto.bluecoat.com/security-advisory/sa143 - --------------------------BEGIN INCLUDED TEXT-------------------- SA143: OpenSSL Vulnerabilities 16-Feb-2017 Security Advisories ID: SA143 Published Date: February 23, 2017 Advisory Status: Interim Advisory Severity: High CVSS v2 base score: TBD CVE Number: CVE-2017-3733 Blue Coat products using affected versions of OpenSSL are susceptible to a denial of service vulnerability. A remote attacker can exploit this vulnerability to cause denial of service through application crashes. CVSS v2 base scores will be provided when the National Vulnerability Database (NVD) scoring is complete. The advisory severity may be adjusted once the CVSS v2 base scores become available. Affected Products: No Blue Coat products are vulnerable to CVE-2017-3733. The following products are not vulnerable: Advanced Secure Gateway Android Mobile Agent AuthConnector BCAAA Blue Coat HSM Agent for the Luna SP CacheFlow Client Connector Cloud Data Protection for Salesforce Cloud Data Protection for Salesforce Analytics Cloud Data Protection for ServiceNow Cloud Data Protection for Oracle CRM On Demand Cloud Data Protection for Oracle Field Service Cloud Cloud Data Protection for Oracle Sales Cloud Cloud Data Protection Integration Server Cloud Data Protection Communication Server Cloud Data Protection Policy Builder Content Analysis System Director General Auth Connector Login Application IntelligenceCenter IntelligenceCenter Data Collector K9 Mail Threat Defense Malware Analysis Appliance Management Center Norman Shark Industrial Control System Protection Norman Shark Network Protection Norman Shark SCADA Protection PacketShaper PacketShaper S-Series PolicyCenter PolicyCenter S-Series ProxyClient ProxyAV ProxyAV ConLog and ConLogXP ProxySG Reporter Security Analytics SSL Visibility Unified Agent X-Series XOS Blue Coat no longer provides vulnerability information for the following products: DLP Please, contact Digital Guardian technical support regarding vulnerability information for DLP. Advisory Details: This Security Advisory addresses a denial of service vulnerability announced in OpenSSL Security Advisory [16 Feb 2017]. No Blue Coat products have been found vulnerable at this time. CVE-2017-3733 is a flaw in the SSL/TLS client and server implementation that handles session renegotiation and the Encrypt-Then-Mac TLS extension. A remote attacker can renegotiate an established SSL session with a different cipher suite and added or removed Encrypt-Than-Mac TLS extension to cause an application crash, resulting in denial of service. Blue Coat products that use a native installation of OpenSSL but do not install or maintain that implementation are not vulnerable to CVE-2017-3733. However, the underlying platform or application that installs and maintains OpenSSL may be vulnerable. Blue Coat urges our customers to update the versions of OpenSSL that are natively installed for Client Connector for OS X, Proxy Client for OS X, and Reporter 9.x for Linux. Workarounds: No Blue Coat products are vulnerable. Patches: No Blue Coat products are vulnerable. References: OpenSSL Security Advisory - https://www.openssl.org/news/secadv/20170216.txt CVE-2017-3733 - https://access.redhat.com/security/cve/cve-2017-3733 Advisory History: 2017-02-23 initial public release Copyright 2017, Blue Coat Systems, Inc. All rights reserved. Feedback - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWK+VOYx+lLeg9Ub1AQiS0w/+PHXATqNDGg3LJffHSe/TgyFrv94dP1YE XKrlsepMgF4YsLrCTzIdf2RMIJugxW1ye4mD6RaliyDfxGoWn2AlZqqm9ozHh3+K 7ekdADhdgTSakIZisKuNxtJlmWTnE2up2Ohu2SznedYZGtiiMkWQmyti7XSY3onQ bV+IfAnYqhzR3NcwOTnygSxSeTL3SmO0/gtjWuFPukHNw4C4Pp3vOsPjfHpSD06X fExw+e9FS+tKth6Zv1ZUuLIV8INSdEzBa8LH2szhvbgUhJc/eDHUZ8pclTM1ozd0 sY93sT87IGDlHOA9peI2kqMT/xcxShKSfMrUmJQ1XrMYkcgljFi20Rgt8iarZsdh Z8FxNDKTCqvyIQaZFHc6MpewaODGufa4Hn5ffDJF+Bn0h4U/jbFt1mE+U4UvzJks 69s8psYxEH1jkoYfaxRrY0z0G2mo1X8YQtFg2FNaFvVf2GvrpLrW8oR7KIDHtcMc FFxZUkaJI0gm6MN18ePUttlQ4RHSgDniSSIOWRLgmA/ivaFUk6+79UXfIfN3hMi1 zzenDJsLLjY/TDHpM3YD6tZRzYEKMhjHjj/o2z30UHJg7qVHm0yfa6MWyTxoXTMH hHeKrMyGcqdcSmVsaRGVBEPbYTuVUuBMDaKRsLuzYNtk/i4sZr00wDmIgqvyBC9d Pa75ina5g+o= =/un5 -----END PGP SIGNATURE-----