Vulnerability Name:

CVE-2015-2318 (CCN-137787)

Assigned:2015-03-07
Published:2015-03-07
Updated:2018-01-30
Summary:The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.
CVSS v3 Severity:8.1 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.9 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:N/I:C/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): None
Vulnerability Type:CWE-295
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2015-2318

Source: CCN
Type: Mono Project Web site
TLS Vulnerabilities

Source: CONFIRM
Type: Vendor Advisory
http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/

Source: CCN
Type: oss-sec Mailing List, Tue, 17 Mar 2015 13:24:31 -0400 (EDT)
Re: Mono TLS vulnerabilities

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20150317 Re: Mono TLS vulnerabilities

Source: BID
Type: Third Party Advisory, VDB Entry
73253

Source: UBUNTU
Type: Third Party Advisory
USN-2547-1

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1202869

Source: XF
Type: UNKNOWN
mono-cve20152318-mitm(137787)

Source: CONFIRM
Type: Third Party Advisory
https://github.com/mono/mono/commit/1509226c41d74194c146deb173e752b8d3cdeec4

Source: MISC
Type: Third Party Advisory
https://mitls.org/pages/attacks/SMACK#skip

Source: DEBIAN
Type: Third Party Advisory
DSA-3202

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mono-project:mono:*:*:*:*:*:*:*:* (Version < 3.12.1)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:6.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20152318
    V
    		CVE-2015-2318
    2022-06-30
    oval:org.opensuse.security:def:112417
    P
    		ibm-data-db2-4.6.2-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:26218
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:31721
    P
    		Security update for log4j (Important)
    2021-12-17
    oval:org.opensuse.security:def:31710
    P
    		Security update for java-1_7_0-openjdk (Important)
    2021-11-24
    oval:org.opensuse.security:def:31709
    P
    		Security update for java-1_8_0-openjdk (Important)
    2021-11-23
    oval:org.opensuse.security:def:105924
    P
    		ibm-data-db2-4.6.2-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:26134
    P
    		Security update for the Linux Kernel (Important)
    2021-09-23
    oval:org.opensuse.security:def:32163
    P
    		Security update for MozillaFirefox (Important)
    2021-08-17
    oval:org.opensuse.security:def:26077
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:36243
    P
    		mono-core-2.6.7-0.13.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36381
    P
    		bytefx-data-mysql-2.6.7-0.13.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42650
    P
    		mono-core-2.6.7-0.13.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:32076
    P
    		Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)
    2021-04-28
    oval:org.opensuse.security:def:26215
    P
    		Security update for openssl-1_1 (Important)
    2021-03-25
    oval:org.opensuse.security:def:32019
    P
    		Security update for clamav (Important)
    2020-12-22
    oval:org.opensuse.security:def:26006
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:27344
    P
    		libcurl4-openssl1-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25793
    P
    		Security update for icedtea-web (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26524
    P
    		apache2-mod_php5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32375
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26356
    P
    		Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:31927
    P
    		Security update for giflib (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33206
    P
    		mono-core on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25942
    P
    		Security update for gstreamer-0_10-plugins-bad (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26706
    P
    		ghostscript-fonts-other on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25792
    P
    		Security update for libvirt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26510
    P
    		Security update for nextcloud (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32319
    P
    		Security update for ruby (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26272
    P
    		Security update for openexr (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31795
    P
    		Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:33167
    P
    		libnewt0_52 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25931
    P
    		Security update for libcares2 (Low)
    2020-12-01
    oval:org.opensuse.security:def:26662
    P
    		PackageKit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26471
    P
    		Security update for Mozilla Thunderbird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32529
    P
    		gzip on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25930
    P
    		Security update for ImageMagick (Important)
    2020-12-01
    oval:org.opensuse.security:def:26648
    P
    		wget on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26422
    P
    		Security update for Chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:25996
    P
    		Security update for libvirt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27241
    P
    		mono-core on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32485
    P
    		PolicyKit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26609
    P
    		libxslt on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26369
    P
    		Security update for Chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:25868
    P
    		Security update for pcre (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27206
    P
    		libpixman-1-0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32463
    P
    		Security update for xorg-x11-libXpm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26560
    P
    		gstreamer-0_10-plugins-base on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27379
    P
    		bytefx-data-mysql on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25804
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26568
    P
    		java-1_6_0-ibm on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32424
    P
    		Security update for wpa_supplicant (Important)
    2020-12-01
    oval:org.opensuse.security:def:26507
    P
    		Security update for cacti, cacti-spine (Important)
    2020-12-01
    oval:com.ubuntu.trusty:def:20152318000
    V
    		CVE-2015-2318 on Ubuntu 14.04 LTS (trusty) - medium.
    2018-01-08
    oval:org.cisecurity:def:152
    P
    		DSA-3202-1 -- mono -- security update
    2016-02-08
    oval:com.ubuntu.precise:def:20152318000
    V
    		CVE-2015-2318 on Ubuntu 12.04 LTS (precise) - medium.
    2015-03-18
    BACK
    mono-project mono *
    debian debian linux 6.0