This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy

Security Advisory - Multiple Vulnerabilities in OpenSSL in May 2016

  • SA No:huawei-sa-20160706-01-openssl
  • Initial Release Date: 2016-07-06
  • Last Release Date: 2022-01-10

On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI, and, lastly, one is specific to a product performing an operation with Extended Binary Coded Decimal Interchange Code (EBCDIC) encoding.

1.OpenSSL Untrusted ASN.1 Structures Out-of-Bounds Write Vulnerability. A vulnerability in the ASN.1 encoder in OpenSSL could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2016-05002)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2108.

2.OpenSSL AES CBC Cipher Man-in-the-Middle Vulnerability. A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to decrypt and access sensitive information. (Vulnerability ID: HWPSIRT-2016-05261)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2107.

3.OpenSSL EVP_EncryptUpdate Function Overflow Heap Corruption Vulnerability. A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on a targeted system. (Vulnerability ID: HWPSIRT-2016-05262)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2106.

4.OpenSSL EVP_EncodeUpdate Function Overflow Vulnerability. A vulnerability in the EVP_EncodeUpdate() function in OpenSSL could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2016-05263)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2105.

5.OpenSSL d2i_CMS_bio Function Denial of Service Vulnerability. A vulnerability in OpenSSL could allow a local attacker to cause a denial of service (DoS) condition on a targeted system. (Vulnerability ID: HWPSIRT-2016-05264)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2109.

6.OpenSSL ASN.1 Strings X509_NAME_oneline Function Overread Vulnerability. A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to gain access to sensitive information on a targeted system. (Vulnerability ID: HWPSIRT-2016-05265)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2176.

 

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160706-01-openssl-en

Product Name

Affected Version

Resolved Product and Version

9032

9032 V100R001C00

V100R001C00SPC101

Agile Controller-Campus

V100R001C00

Upgrade to V100R002C10SPC400

V100R002C00

V100R002C10

V100R002C10SPC400

AnyOffice

V200R002C20

Upgrade to V200R006C00

V200R003C00

V200R005C00

AR510

V200R005C30

Upgrade to V200R008C20

BH620

V100R001C00

V100R001C00SPC106 

BH620 V2

V100R002C00

V100R002C00SPC301B010

CH221

V100R001C00

V100R001C00SPC266

CH225 V3

V100R001C00

V100R001C00SPC102

E5372s

E5372s-32TCPU-V200R001B290D23SP00C00

E5372s-32TCPU-V200R001B290D25SP00C00

E5377Bs

E5377Bs-605TCPU-V200R001B305D09SP00C00

E5377Bs-605TCPU-V200R001B313D13SP00C00

E5786s

E5786s-32aTCPU-V200R001B313D15SP00C00

E5786s-32aTCPU-V200R001B313D17SP00C00

E5878s

E5878s-32TCPU-V200R001B305D11SP00C00

E5878s-32TCPU-V200R001B313D13SP00C00

E6000 Chassis

V100R001C00

V100R001C00SPC501B010

E9000 Chassis

V100R001C00

V100R001C00SPC296

EEM

V200R007C00

Upgrade to V200R008C10

V200R007C10

V200R007C20

V200R008C00

eLog

V200R005C00

V200R005C00SPC101

eSDK Platform

V100R005C30

Upgrade to V100R005C60

eSight Network

V300R003C20

V300R003C20SPC106

V300R005C00

V300R005C00SPC302

eSpace IVS

eSpace IVS V100R001C02SPC100

Upgrade to eSpace VCN3000 V100R001C01SPC132

Eudemon8000E-X8

V300R001C01

V300R001C01SPCA00

V500R001C00

Upgrade to V500R002C00SPC100

FireHunter6000

V100R001C20

V100R001C20SPC101

FusionAccess

V100R003C00

Upgrade to V100R006C00

V100R005C10

V100R005C20

V100R005C30

FusionInsight HD

V100R002C50

Upgrade to V100R002C60SPC200

FusionInsight

FusionInsight V100R002C30

Upgrade to FusionInsight HD V100R002C60SPC200

FusionManager

FusionManager V100R003C10

Upgrade to FusionSphere OpenStack V100R006C00RC3B036

FusionManager V100R005C00

FusionManager V100R005C10SPC700

FusionManager V100R006C00

FusionStorage DSware

FusionStorage DSware V100R003C02

Upgrade to FusionStorage V100R003C30U1SPC001

FusionStorage DSware V100R003C30

Upgrade to FusionStorage V100R003C30U1SPC001

FusionStorage

V100R003C00

Upgrade to V100R003C30U1SPC001

G710-C00

V100R001C92B118

V100R001C92B135

HG253s V2-20

V100R001C205B027

V100R001C205B052

HG255s-10

V100R001C163B013

V100R001C163B026

 HiSTBAndroid
 
V600R001C00SPC060
 
V600R001C00CP0013

iBMC

V100R002C10

Upgrade to  V200R002C10

V100R002C30

IVS

IVS V100R002C10

Upgrade to eSpace VCN3000 V100R002C10SPC108

LogCenter

LogCenter V100R001C10

Upgrade to V100R001C20SPC102

LogCenter V100R001C20

V100R001C20SPC102

MT992-10

MV100R001C01B002

V100R001C01B019

OceanStor 18500

V100R001C10

Upgrade to V100R001C30SPC201

OceanStor 18800 V3

V300R003C00

Upgrade to V300R003C10SPC100

OceanStor 2860 V3

OceanStor 2860 V3 V300R001C00T

Upgrade to OceanStor 2800 V300R003C20

OceanStor 5600 V3

V300R001C00

Upgrade to  V300R003C10SPC100

OceanStor 5600 V3

V300R003C00

Upgrade to V300R003C10SPC100

OceanStor 5600 V3

V300R003C10

V300R003C10SPC100

OceanStor 5800 V3

V300R002C00

Upgrade to V300R003C10SPC100

OceanStor 9000

O  V100R001C01

Upgrade to V300R005C00SPC170

V100R001C30

OV300R005C00SPC170

OceanStor 9000E

OceanStor 9000E V100R001C01

Upgrade to OceanStor 9000 V300R005C00SPC170

OceanStor 9000E V100R002C00

OceanStor 9000E V100R002C19

OceanStor Backup  Software

V100R002C00

V100R002C00LHWS01SPC100

OceanStor BCManager

V100R005C00

Upgrade to V200R001C00

OceanStor CSE

OceanStor CSE V100R002C00LSFM01B010

Upgrade to OceanStor Onebox V100R002C00LSFM01SPC108

OceanStor HVS85T

OceanStor HVS85T V100R001C30

OceanStor 18500 V100R001C30SPC201

OceanStor HVS85T

OceanStor HVS85T V100R001C30

OceanStor 18500 V100R001C30SPC201

OceanStor N8500

V200R001C09

V200R001C09SPC506

V200R001C91

V200R001C91SPC902

Policy Center

Policy Center V100R003C00

Upgrade to Agile Controller-Campus V100R002C10SPC400 

Policy Center V100R003C10

Public Cloud Solution

Public Cloud Solution OpsTools 1.0.3

Public Cloud Solution 1.0.9

Public Cloud Solution V100R001C00

RH1288 V3

V100R003C00SPC100

V100R003C00SPC613

RH2285H V2

V100R002C00

V100R002C00SPC505

RH5885 V2

V100R001C00

Upgrade to V100R001C02SPC302

RH5885 V3

V100R003C00

Upgrade to V100R003C10SPC102

V100R003C01

Upgrade to V100R003C10SPC102

RH8100 V3

V100R003C00

V100R003C00SPC207

SoftVCN

V100R002C20

V100R002C20SPC100

Speedport Hybrid

V100R001C01B021

Upgrade to V100R001C03B012

USG9560

USG9560 V300R001C20

Upgrade to USG9500 V500R001C30

USG9560 V300R002C00

Upgrade to USG9500 V500R001C30 

VCM

V100R001C10

V100R001C10SPC006

VCM5010

VCM5010 V100R002C20

Upgrade to VCM5020 V100R002C20

XH320

XH320 V100R001C00

Upgrade to Tecal X6000 V100R001C02

XH620

XH620 V100R001C00

Upgrade to XH620 V3 V100R003C00



CVE-2016-2108:

Successful exploitation this vulnerability, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.

CVE-2016-2107:

Successful exploitation this vulnerability, attacker can obtain sensitive information.

CVE-2016-2106:

Successful exploitation this vulnerability, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.

CVE-2016-2105:

Successful exploitation this vulnerability, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.

CVE-2016-2109:

Successful exploitation this vulnerability, can cause a denial of service (DoS) condition.

CVE-2016-2176:

Successful exploitation this vulnerability, attacker can obtain sensitive information.

The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/).

CVE-2016-2108:

Base Score: 7.6(AV:N/AC:H/Au:N/C:C/I:C/A:C)

Temporal Score: 6.3 (E:F/RL:O/RC:C)

 

CVE-2016-2107:

Base Score: 5.4(AV:N/AC:H/Au:N/C:C/I:N/A:N)

Temporal Score: 4.5 (E:F/RL:O/RC:C)

 

CVE-2016-2106:

Base Score: 5.1(AV:N/AC:H/Au:N/C:P/I:P/A:P)

Temporal Score: 4.2 (E:F/RL:O/RC:C)

 

CVE-2016-2105:

Base Score: 5.1(AV:N/AC:H/Au:N/C:P/I:P/A:P)

Temporal Score: 4.2 (E:F/RL:O/RC:C)

 

CVE-2016-2109:

Base Score: 4.3(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Temporal Score: 3.6(E:F/RL:O/RC:C)

 

CVE-2016-2176:

Base Score: 5.8(AV:N/AC:M/Au:N/C:P/I:N/A:P)

Temporal Score: 4.8 (E:F/RL:O/RC:C)

For additional details, customers are advised to reference the website: 

https://www.openssl.org/news/secadv/20160503.txt

Customers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades. For TAC contact information, please refer to Huawei worldwide website at http://www.huawei.com/en/psirt/report-vulnerabilities.

This vulnerability was disclosed by OpenSSL official website.

2022-01-10 V1.4 UPDATE Update the affected product list and fixed version

2017-01-11 V1.3 UPDATE Update the affected product list and fixed version
2016-12-27 V1.2 UPDATE Update the affected product list and fixed version
2016-08-03 V1.1 UPDATE Update the affected product list and fixed version
2016-07-06 V1.0 INITIAL

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.

To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.

This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no event shall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Huawei is entitled to amend or update this document from time to time.