Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 SSL:OPENSSL-MITM-SEC-BYPASS

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 SSL

Keywords

 OpenSSL ChangeCipherSpec MITM Security Bypass

Release Date

 2014/06/11

Update Number

 2386

Supported Platforms

 idp-4.0+, isg-3.4+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

SSL: OpenSSL ChangeCipherSpec MITM Security Bypass


This signature detects attempts to exploit a known security-bypass vulnerability against OpenSSL. A successful exploitation would provide an attacker the ability to decrypt traffic and inject plaintext into a TLS connection.

Extended Description

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.

Affected Products

  • Fedoraproject fedora 19
  • Fedoraproject fedora 20
  • Filezilla-project filezilla_server 0.9.21
  • Filezilla-project filezilla_server 0.9.22
  • Filezilla-project filezilla_server 0.9.26
  • Filezilla-project filezilla_server 0.9.27
  • Filezilla-project filezilla_server 0.9.28
  • Filezilla-project filezilla_server 0.9.29
  • Filezilla-project filezilla_server 0.9.30
  • Filezilla-project filezilla_server 0.9.31
  • Filezilla-project filezilla_server 0.9.32
  • Filezilla-project filezilla_server 0.9.33
  • Filezilla-project filezilla_server 0.9.34
  • Filezilla-project filezilla_server 0.9.35
  • Filezilla-project filezilla_server 0.9.36
  • Filezilla-project filezilla_server 0.9.37
  • Filezilla-project filezilla_server 0.9.38
  • Filezilla-project filezilla_server 0.9.39
  • Filezilla-project filezilla_server 0.9.40
  • Filezilla-project filezilla_server 0.9.41
  • Filezilla-project filezilla_server 0.9.42
  • Filezilla-project filezilla_server 0.9.43
  • Filezilla-project filezilla_server 0.9.44
  • Filezilla-project filezilla_server 0.9.6
  • Openssl openssl -
  • Openssl openssl 0.9.1c
  • Openssl openssl 0.9.2b
  • Openssl openssl 0.9.3
  • Openssl openssl 0.9.3a
  • Openssl openssl 0.9.4
  • Openssl openssl 0.9.5
  • Openssl openssl 0.9.5a
  • Openssl openssl 0.9.6
  • Openssl openssl 0.9.6a
  • Openssl openssl 0.9.6b
  • Openssl openssl 0.9.6c
  • Openssl openssl 0.9.6d
  • Openssl openssl 0.9.6e
  • Openssl openssl 0.9.6f
  • Openssl openssl 0.9.6g
  • Openssl openssl 0.9.6h
  • Openssl openssl 0.9.6i
  • Openssl openssl 0.9.6j
  • Openssl openssl 0.9.6k
  • Openssl openssl 0.9.6l
  • Openssl openssl 0.9.6m
  • Openssl openssl 0.9.7
  • Openssl openssl 0.9.7a
  • Openssl openssl 0.9.7b
  • Openssl openssl 0.9.7c
  • Openssl openssl 0.9.7d
  • Openssl openssl 0.9.7e
  • Openssl openssl 0.9.7f
  • Openssl openssl 0.9.7g
  • Openssl openssl 0.9.7h
  • Openssl openssl 0.9.7i
  • Openssl openssl 0.9.7j
  • Openssl openssl 0.9.7k
  • Openssl openssl 0.9.7l
  • Openssl openssl 0.9.7m
  • Openssl openssl 0.9.8
  • Openssl openssl 0.9.8a
  • Openssl openssl 0.9.8b
  • Openssl openssl 0.9.8c
  • Openssl openssl 0.9.8d
  • Openssl openssl 0.9.8e
  • Openssl openssl 0.9.8f
  • Openssl openssl 0.9.8g
  • Openssl openssl 0.9.8h
  • Openssl openssl 0.9.8i
  • Openssl openssl 0.9.8j
  • Openssl openssl 0.9.8k
  • Openssl openssl 0.9.8l
  • Openssl openssl 0.9.8m
  • Openssl openssl 0.9.8n
  • Openssl openssl 0.9.8o
  • Openssl openssl 0.9.8p
  • Openssl openssl 0.9.8q
  • Openssl openssl 0.9.8r
  • Openssl openssl 0.9.8s
  • Openssl openssl 0.9.8t
  • Openssl openssl 0.9.8u
  • Openssl openssl 0.9.8v
  • Openssl openssl 0.9.8w
  • Openssl openssl 0.9.8x
  • Openssl openssl 0.9.8y
  • Openssl openssl 0.9.8z
  • Openssl openssl 1.0.0
  • Openssl openssl 1.0.0a
  • Openssl openssl 1.0.0b
  • Openssl openssl 1.0.0c
  • Openssl openssl 1.0.0d
  • Openssl openssl 1.0.0e
  • Openssl openssl 1.0.0f
  • Openssl openssl 1.0.0g
  • Openssl openssl 1.0.0h
  • Openssl openssl 1.0.0i
  • Openssl openssl 1.0.0j
  • Openssl openssl 1.0.0k
  • Openssl openssl 1.0.0l
  • Openssl openssl 1.0.1
  • Openssl openssl 1.0.1a
  • Openssl openssl 1.0.1b
  • Openssl openssl 1.0.1c
  • Openssl openssl 1.0.1d
  • Openssl openssl 1.0.1e
  • Openssl openssl 1.0.1f
  • Openssl openssl 1.0.1g
  • Opensuse opensuse 13.1
  • Opensuse opensuse 13.2
  • Redhat enterprise_linux 4
  • Redhat enterprise_linux 5
  • Redhat enterprise_linux 6.0
  • Redhat jboss_enterprise_application_platform 5.2.0
  • Redhat jboss_enterprise_application_platform 6.2.3
  • Redhat jboss_enterprise_web_platform 5.2.0
  • Redhat jboss_enterprise_web_server 2.0.1
  • Redhat storage 2.1

References

  • BugTraq: 67899
  • CVE: CVE-2015-0204
  • CVE: CVE-2014-0224

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out