Vulnerability Name: | CVE-2005-2969 (CCN-22559) |
Assigned: | 2005-10-11 |
Published: | 2005-10-11 |
Updated: | 2018-05-03 |
Summary: | The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack. |
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): Low Availibility (A): None |
|
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N) 4.1 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:F/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): None | 4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N) 3.6 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:F/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
| Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): None |
|
Vulnerability Type: | CWE-Other
|
Vulnerability Consequences: | Data Manipulation |
References: | Source: CCN Type: FreeBSD Security Advisory FreeBSD-SA-05:21 Potential SSL 2.0 rollback
Source: MISC Type: UNKNOWN ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf
Source: CCN Type: BugTraq Mailing List, Fri Feb 10 2006 - 07:01:33 CST [security bulletin] SSRT051102 rev.1 - HP HTTP Server Running on Windows, Forced Use of Weaker Security Protocol
Source: MITRE Type: CNA CVE-2005-2969
Source: APPLE Type: UNKNOWN APPLE-SA-2005-11-29
Source: HP Type: UNKNOWN HPSBUX02174
Source: HP Type: UNKNOWN SSRT071299
Source: TRUSTIX Type: UNKNOWN TSLSA-2005-0059
Source: CCN Type: RHSA-2005-800 openssl security update
Source: CCN Type: RHSA-2008-0264 Moderate: Red Hat Network Satellite Server Solaris client security update
Source: CCN Type: RHSA-2008-0525 Moderate: Red Hat Network Satellite Server Solaris client security update
Source: CCN Type: RHSA-2008-0629 Moderate: Red Hat Network Satellite Server Solaris client security update
Source: SECUNIA Type: UNKNOWN 17146
Source: CCN Type: SA17151 OpenSSL Potential SSL 2.0 Rollback Vulnerability
Source: SECUNIA Type: UNKNOWN 17151
Source: SECUNIA Type: UNKNOWN 17153
Source: CCN Type: SA17169 Sun Solaris OpenSSL SSL 2.0 Rollback Vulnerability
Source: SECUNIA Type: UNKNOWN 17169
Source: SECUNIA Type: UNKNOWN 17178
Source: SECUNIA Type: UNKNOWN 17180
Source: SECUNIA Type: UNKNOWN 17189
Source: SECUNIA Type: UNKNOWN 17191
Source: SECUNIA Type: UNKNOWN 17210
Source: SECUNIA Type: UNKNOWN 17259
Source: SECUNIA Type: UNKNOWN 17288
Source: SECUNIA Type: UNKNOWN 17335
Source: SECUNIA Type: UNKNOWN 17344
Source: CCN Type: SA17389 NetBSD Update Fixes Multiple Vulnerabilities
Source: SECUNIA Type: UNKNOWN 17389
Source: CCN Type: SA17409 Serv-U FTP Server Potential Denial of Service Vulnerability
Source: SECUNIA Type: UNKNOWN 17409
Source: CCN Type: SA17432 Blue Coat Products OpenSSL SSL 2.0 Rollback Vulnerability
Source: SECUNIA Type: UNKNOWN 17432
Source: CCN Type: SA17466 Astaro WebAdmin SSL 2.0 Rollback Vulnerability
Source: SECUNIA Type: UNKNOWN 17466
Source: SECUNIA Type: UNKNOWN 17589
Source: CCN Type: SA17617 Astaro Security Linux ISAKMP and SSL 2.0 Rollback Vulnerabilities
Source: SECUNIA Type: UNKNOWN 17617
Source: CCN Type: SA17632 Astaro WebAdmin SSL 2.0 Rollback and PPTP Denial of Service
Source: SECUNIA Type: UNKNOWN 17632
Source: CCN Type: SA17813 Mac OS X Security Update Fixes Multiple Vulnerabilities
Source: SECUNIA Type: UNKNOWN 17813
Source: CCN Type: SA17888 Cisco Products OpenSSL Potential SSL 2.0 Rollback Vulnerability
Source: SECUNIA Type: UNKNOWN 17888
Source: CCN Type: SA18045 HP Web-Enabled Management Software Potential SSL 2.0 Rollback Vulnerability
Source: SECUNIA Type: UNKNOWN 18045
Source: CCN Type: SA18123 Juniper IVE OS Potential SSL 2.0 Rollback Vulnerability
Source: SECUNIA Type: UNKNOWN 18123
Source: CCN Type: SA18165 IBM HMC OpenSSL Vulnerabilities
Source: SECUNIA Type: UNKNOWN 18165
Source: CCN Type: SA18663 Avaya Intuity Audix OpenSSL Potential SSL 2.0 Rollback
Source: SECUNIA Type: UNKNOWN 18663
Source: SECUNIA Type: UNKNOWN 19185
Source: CCN Type: SA21827 IBM Director OpenSSL Potential SSL 2.0 Rollback Vulnerability
Source: SECUNIA Type: UNKNOWN 21827
Source: SECUNIA Type: UNKNOWN 23280
Source: CCN Type: SA23340 Avaya PDS HP-UX Secure Shell / OpenSSL Multiple Vulnerabilities
Source: SECUNIA Type: UNKNOWN 23340
Source: CCN Type: SA23843 Hitachi Web Server Multiple Vulnerabilities
Source: SECUNIA Type: UNKNOWN 23843
Source: SECUNIA Type: UNKNOWN 23915
Source: CCN Type: SA25973 Hitachi JP1/HiCommand Series Two Vulnerabilities
Source: SECUNIA Type: UNKNOWN 25973
Source: CCN Type: SA26893 rPath update for openssl
Source: SECUNIA Type: UNKNOWN 26893
Source: SECUNIA Type: UNKNOWN 31492
Source: CCN Type: SECTRACK ID: 1015032 OpenSSL SSL_OP_MSIE_SSLV2_RSA_PADDING Option May Let Remote Users Rollback the Protocol Version
Source: SECTRACK Type: UNKNOWN 1015032
Source: SUNALERT Type: UNKNOWN 101974
Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2006-031.htm
Source: CCN Type: ASA-2006-031 OpenSSL Potential SSL 2.0 Rollback Vulnerability (SCOSA-2005.48)
Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
Source: CCN Type: ASA-2006-260 HP-UX OpenSSL Denial of Service (DoS) Increase Privilege (HPSBUX02174)
Source: CCN Type: ASA-2007-018 HP-UX Apache Remote Execution of Arbitrary Code Denial of Service (DoS) and Unauthorized Access (HPSBUX02186)
Source: CCN Type: IBM Support & downloads Fixes to leap second handling, new DST time and openssl for Power4 HMC V3R3.6 (Doc Number=2312)
Source: MISC Type: UNKNOWN http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
Source: CCN Type: Blue Coat Web site OpenSSL 2.0 Rollback Vulnerability CAN-2005-2969
Source: CCN Type: Cisco Security Notice 68324 Response to OpenSSL - Potential SSL 2.0 Rollback
Source: CISCO Type: UNKNOWN 20051202 Cisco Security Notice: Response to OpenSSL - Potential SSL 2.0 Rollback
Source: DEBIAN Type: UNKNOWN DSA-875
Source: DEBIAN Type: UNKNOWN DSA-881
Source: DEBIAN Type: UNKNOWN DSA-882
Source: DEBIAN Type: DSA-875 openssl094 -- cryptographic weakness
Source: DEBIAN Type: DSA-881 openssl096 -- cryptographic weakness
Source: DEBIAN Type: DSA-882 openssl095 -- cryptographic weakness
Source: DEBIAN Type: DSA-888 openssl -- cryptographic weakness
Source: CCN Type: GLSA-200510-11 OpenSSL: SSL 2.0 protocol rollback
Source: CONFIRM Type: UNKNOWN http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html
Source: CONFIRM Type: UNKNOWN http://www.hitachi-support.com/security_e/vuls_e/HS07-016_e/index-e.html
Source: CCN Type: IBM Security Bulletin 1693035 Multiple vulnerabilities in AppScan Enterprise (CVE-2014-6135, CVE-2014-6119, CVE-2014-6122, CVE-2014-6121, CVE-2013-2566, CVE-2005-2969)
Source: CCN Type: Juniper Security Bulletin PSN-2005-12-025 IVE potential SSL 2.0 rollback
Source: MISC Type: UNKNOWN http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txt
Source: MANDRIVA Type: UNKNOWN MDKSA-2005:179
Source: SUSE Type: UNKNOWN SUSE-SA:2005:061
Source: CCN Type: OpenPKG-SA-2005.022 OpenSSL
Source: CCN Type: OpenSSL Web site OpenSSL:The Open Source toolkit for SSL/TLS
Source: CCN Type: OpenSSL Security Advisory 20051011 Potential SSL 2.0 Rollback (CAN-2005-2969)
Source: CONFIRM Type: Patch, Vendor Advisory http://www.openssl.org/news/secadv_20051011.txt
Source: REDHAT Type: UNKNOWN RHSA-2005:762
Source: REDHAT Type: Vendor Advisory RHSA-2005:800
Source: REDHAT Type: UNKNOWN RHSA-2008:0629
Source: BID Type: UNKNOWN 15071
Source: CCN Type: BID-15071 OpenSSL Insecure Protocol Negotiation Weakness
Source: BID Type: UNKNOWN 15647
Source: CCN Type: BID-15647 RETIRED: Apple Mac OS X Security Update 2005-009 Multiple Vulnerabilities
Source: BID Type: UNKNOWN 24799
Source: CCN Type: BID-24799 JP1/HiCommand Series Products OpenSSL Insecure Protocol Negotiation Weakness
Source: CCN Type: TLSA-2007-52 Multiple vulnerabilities exist in openssl
Source: CCN Type: USN-204-1 SSL library vulnerability
Source: VUPEN Type: UNKNOWN ADV-2005-2036
Source: VUPEN Type: UNKNOWN ADV-2005-2659
Source: VUPEN Type: UNKNOWN ADV-2005-2710
Source: VUPEN Type: UNKNOWN ADV-2005-2908
Source: VUPEN Type: UNKNOWN ADV-2005-3002
Source: VUPEN Type: UNKNOWN ADV-2005-3056
Source: VUPEN Type: UNKNOWN ADV-2006-3531
Source: VUPEN Type: UNKNOWN ADV-2007-0326
Source: VUPEN Type: UNKNOWN ADV-2007-0343
Source: VUPEN Type: UNKNOWN ADV-2007-2457
Source: XF Type: UNKNOWN openssl-mitm(22559)
Source: XF Type: UNKNOWN hitachi-hicommand-security-bypass(35287)
Source: CONFIRM Type: UNKNOWN https://issues.rpath.com/browse/RPL-1633
Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11454
Source: SUSE Type: SUSE-SA:2005:061 openssl: protocol downgrade attack
|
Vulnerable Configuration: | Configuration 1: cpe:/a:openssl:openssl:0.9.7:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.8:*:*:*:*:*:*:* Configuration RedHat 1: cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:* Configuration CCN 1: cpe:/a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:0.9.8:*:*:*:*:*:*:*AND cpe:/o:freebsd:freebsd:*:*:*:*:*:*:*:*OR cpe:/o:bluecoat:cacheos:4.0.14:*:*:*:*:*:*:*OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*OR cpe:/a:cisco:ciscoworks_common_services:3.0:*:*:*:*:*:*:*OR cpe:/h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*OR cpe:/h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*OR cpe:/h:cisco:gss_4491_global_site_selector:*:*:*:*:*:*:*:*OR cpe:/o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*OR cpe:/o:turbolinux:turbolinux:*:*:personal:*:*:*:*:*OR cpe:/o:turbolinux:turbolinux:*:*:multimedia:*:*:*:*:*OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*OR cpe:/a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*OR cpe:/h:cisco:wireless_control_system:3.2(40):*:*:*:*:*:*:*OR cpe:/h:cisco:wireless_control_system:3.2(51):*:*:*:*:*:*:*OR cpe:/o:bluecoat:cacheos:4.0:*:*:*:*:*:*:*OR cpe:/o:bluecoat:cacheos:4.1.6:*:*:*:*:*:*:*OR cpe:/o:bluecoat:security_gateway_os:-:*:*:*:*:*:*:*OR cpe:/o:cisco:ios_xr:3.0:*:*:*:*:*:*:*OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*OR cpe:/a:ibm:security_appscan:8.5.0.0:-:enterprise:*:*:*:*:*OR cpe:/a:ibm:security_appscan:8.6.0.0:-:enterprise:*:*:*:*:*OR cpe:/a:ibm:security_appscan:8.7.0.0:-:enterprise:*:*:*:*:*OR cpe:/a:ibm:security_appscan:8.7.0.0:-:enterprise:*:*:*:*:*
Denotes that component is vulnerable |
Oval Definitions |
|
BACK |
openssl openssl 0.9.7
openssl openssl 0.9.7a
openssl openssl 0.9.7b
openssl openssl 0.9.7c
openssl openssl 0.9.7d
openssl openssl 0.9.7e
openssl openssl 0.9.7f
openssl openssl 0.9.7g
openssl openssl 0.9.8
openssl openssl 0.9.7a
openssl openssl 0.9.7
openssl openssl 0.9.7b
openssl openssl 0.9.7c
openssl openssl 0.9.7d
openssl openssl 0.9.7e
openssl openssl 0.9.7f
openssl openssl 0.9.7g
openssl openssl 0.9.8
freebsd freebsd *
bluecoat cacheos 4.0.14
debian debian linux 3.0
openpkg openpkg current
gentoo linux *
suse linux enterprise server 8
mandrakesoft mandrake linux corporate server 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
suse suse linux 9.0
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
suse suse linux 9.1
redhat enterprise linux 3
suse suse linux 9.2
mandrakesoft mandrake linux 10.1
mandrakesoft mandrake linux corporate server 3.0
redhat enterprise linux 4
redhat enterprise linux 4
novell linux desktop 9
redhat enterprise linux 4
redhat enterprise linux 4
debian debian linux 3.1
novell open enterprise server *
mandrakesoft mandrake multi network firewall 2.0
suse suse linux 10.0
redhat linux advanced workstation 2.1
mandrakesoft mandrake linux 2006
cisco ciscoworks common services 3.0
cisco gss 4480 global site selector *
cisco gss 4490 global site selector *
cisco gss 4491 global site selector *
suse linux enterprise server 9
mandrakesoft mandrake linux 10.1
mandrakesoft mandrake linux 2006
mandrakesoft mandrake linux corporate server 3.0
turbolinux turbolinux fuji
turbolinux turbolinux personal *
turbolinux turbolinux multimedia *
mandrakesoft mandrake linux corporate server 2.1
cisco ciscoworks common services 2.2
novell open enterprise server *
cisco wireless control system 3.2(40)
cisco wireless control system 3.2(51)
bluecoat cacheos 4.0
bluecoat cacheos 4.1.6
bluecoat security gateway os -
cisco ios xr 3.0
suse suse linux 9.3
ibm security appscan 8.5.0.0 -
ibm security appscan 8.6.0.0 -
ibm security appscan 8.7.0.0 -
ibm security appscan 8.7.0.0 -