Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2014.0092 Lexmark has released updates for many of its products that include OpenSSL 1 August 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Lexmark printer products Perceptive Content: ImageNow Perceptive Search Perceptive Process Lexmark Document Distributor Lexmark Print Management, On-Premise Lexmark Fleet Manager Cloud Configuration Services Operating System: Printer Windows Impact/Access: Access Privileged Data -- Remote/Unauthenticated Provide Misleading Information -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2014-3470 CVE-2014-0224 CVE-2014-0221 CVE-2014-0198 CVE-2014-0195 CVE-2014-0076 CVE-2010-5298 Member content until: Sunday, August 31 2014 OVERVIEW Lexmark has released updates for many of its products that include OpenSSL [1]. IMPACT The vendor has provided the following information regarding this vulnerability: "CVE-2014-0224 SSL/TLS MITM vulnerability A remote attacker with the ability to intercept and inject traffic between a vulnerable client and server could successfully force the SSL/TLS protocols to use a known session key, thus rendering the content of those communications vulnerable to interception and modification. CVSS Base Score: 6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) Impact Subscore: 6.4 Exploitability Subscore: 8.6 CVE-2014-0221 DTLS recursion flaw Sending an invalid DTLS handshake can cause a crash leading to a denial of service attack. NOTE: No Lexmark products support the DTLS protocol; therefore no Lexmark products are vulnerable to this issue. CVE-2014-0195 DLTS invalid fragment vulnerability A buffer overrun can be triggered by sending an invalid DTLS fragment. NOTE: No Lexmark products support the DTLS protocol; therefore no Lexmark products are vulnerable to this issue. CVE-2014-0198 SSL_MODE_RELEASE_BUFFERS NULL pointer dereference A remote attacker could send a specially crafted packet that would trigger a crash leading to a denial of service attack. CVSS Base Score: 4.3 (AV:N/AC:M/AU:N/C:N/I:N/A:P) Impact Subscore: 2.9 Exploitability Subscore: 8.6 CVE-2010-5298 SSL_MODE_RELEASE_BUFFERS session injection of denial of service A remote attacker could send a specially crafted packet that would trigger a crash leading to a denial of service attack. CVSS Base Score: 4.0 (AV:N/AC:H/AU:N/C:N/I:P/A:P) Impact Subscore: 4.9 Exploitability Subscore: 4.9 CVE-2014-3470 ECDH denial of service A remote attacker could trigger a crash leading to a denial of service attack. CVSS Base Score: 4.3 (AV:N/AC:M/AU:N/C:N/I:N/A:P) Impact Subscore: 2.9 Exploitability Subscore: 8.6 CVE-2014-0076 ECDSA NONCE side channel attack ECDSA nonce is vulnerable to a timing based side channel attack. CVSS Base Score: 4.3 (AV:N/AC:M/AU:N/C:PI:N/A:N) Impact Subscore: 2.9 Exploitability Subscore: 8.6 CVSS scores are calculated in accordance with CVSS version 2.0 (http://www.first.org/cvss/cvss-guide.html)." [1] MITIGATION Updated firmware or software patches have been created to address these vulnerabilities. Lexmark has advised that customers contact them to receive the updates. Specific details can be found within the original advisory. [1] REFERENCES [1] Multiple OpenSSL Vulnerabilities http://support.lexmark.com/index?page=content&id=TE626&locale=en&userlocale=EN_US AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBU9rwoBLndAQH1ShLAQLCvA/5AXiIKm4kUNolWDRkPY/tKpMRNTN34uao n5uWRkMFouYh6H18wE7ENG5DCZJ34PCVIbh5h9IzPN8BMF8tCVcWGz4zkFfLXxVR Q9DXUAg1e++HPh6xmRvSMJlNVEsva+sjH6+mPJiWoUBLjhInh5ua3BSdBx19O2jm RMKQ4oN8+Y63ZJ4sR7QTpjP8dIgO2yawLd2PumTE1pZI/CHKmMiyUeSp2/gEO2Si hvwMTtqoILi8MJI88hQSbgm0rSy6AOCmQmwaQnG2UT07fyVgSWEqAeXuPGbYeR2W 6v8msR/hNZ5VvwYEJCG5V0YodiWDEsq67YO6aILBIEnqDqcYSfNW7+lRjoDphmdO NhpimGYqD6A/iPq7aheUdudrtnDMtxstKhYec+dMEBlJaKL1OgZa/yb4gqbYvnHN 2qKSXVeXQU+rqCDFz1hh7NywTt3uHwOBd4tJTWXJf0vE/dRYj07lPEhaWT80dzmG YXqKqPJC9nZKCoA3h2yRgW/9+nFNyq4YhbwYqMY395EyDj6oJ1XnpwNuk+btNaR8 VJoI8mSeuQ9gRUUSXd8gbeFIfTAiHqSsqSdK5mqA1rArEuEBD+dtJxabEN87+Rtz xUzadO08SVOpcX64k53tFdVVJxZ4v9Q3e7V+X7ke0HRNIvgIVwAJe/oz6G09ADC3 XYXhLTfeoyM= =uVKk -----END PGP SIGNATURE-----