virus logo FortiClient Vulnerability

OpenSSL CVE-2015-1789 Buffer Overflow Vulnerability

description-logoDescription

Severity: ModerateX509_cmp_time does not properly check the length of the ASN1_TIMEstring and can read a few bytes out of bounds. In addition,X509_cmp_time accepts an arbitrary number of fractional seconds in thetime string.An attacker can use this to craft malformed certificates and CRLs ofvarious sizes and potentially cause a segmentation fault, resulting ina DoS on applications that verify certificates or CRLs. TLS clientsthat verify CRLs are affected. TLS clients and servers with clientauthentication enabled may be affected if they use custom verificationcallbacks.This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.OpenSSL 1.0.2 users should upgrade to 1.0.2bOpenSSL 1.0.1 users should upgrade to 1.0.1nOpenSSL 1.0.0 users should upgrade to 1.0.0sOpenSSL 0.9.8 users should upgrade to 0.9.8zgThis issue was reported to OpenSSL on 8th April 2015 by Robert Swieckiwas developed by Emilia Ksper of the OpenSSL development team.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2015-1789

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39835
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL