Oracle API Gateway 11.1.2.4.0 OpenSSL 信息泄漏漏洞

CVE编号

CVE-2019-1559

利用情况

暂无

补丁情况

官方补丁

披露时间

2019-02-28

漏洞描述

如果应用程序遇到致命的协议错误，然后调用SSL_shutdown()两次（一次发送close_notify，并一次接收一个），则OpenSSL可以对调用应用程序做出不同的响应，如果接收到0字节的记录时，接收到无效的MAC，则OpenSSL会对调用应用程序做出不同的响应。如果应用程序然后基于可检测到远程对等端的方式进行不同的行为，那么这相当于可以用来解密数据的填充Oracle。为了使之成为可利用的&quot;未缝合的&quot;，必须使用加密套件。缝合的加密套件是某些常用的加密套件的最佳实现方式。此外，即使发生了协议错误，应用程序也必须调用SSL_shutdown()两次（应用程序不应该执行此操作，但无论如何也不能执行）。在OpenSSL1.0.2R（受影响的1.0.2-1.0.2q）中已经修复。&nbsp;<br /> &nbsp;

解决建议

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：
https://www.openssl.org/news/secadv/20190226.txt

参考链接
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html
http://www.securityfocus.com/bid/107174
https://access.redhat.com/errata/RHSA-2019:2304
https://access.redhat.com/errata/RHSA-2019:2437
https://access.redhat.com/errata/RHSA-2019:2439
https://access.redhat.com/errata/RHSA-2019:2471
https://access.redhat.com/errata/RHSA-2019:3929
https://access.redhat.com/errata/RHSA-2019:3931
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9bbefbf0f24c576...
https://kc.mcafee.com/corporate/index?page=content&id=SB10282
https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html
https://lists.fedoraproject.org/archives/list/[email protected]...
https://lists.fedoraproject.org/archives/list/[email protected]...
https://lists.fedoraproject.org/archives/list/[email protected]...
https://security.gentoo.org/glsa/201903-10
https://security.netapp.com/advisory/ntap-20190301-0001/
https://security.netapp.com/advisory/ntap-20190301-0002/
https://security.netapp.com/advisory/ntap-20190423-0002/
https://support.f5.com/csp/article/K18549143
https://support.f5.com/csp/article/K18549143?utm_source=f5support&utm_medium=RSS
https://usn.ubuntu.com/3899-1/
https://usn.ubuntu.com/4376-2/
https://www.debian.org/security/2019/dsa-4400
https://www.openssl.org/news/secadv/20190226.txt
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.tenable.com/security/tns-2019-02
https://www.tenable.com/security/tns-2019-03

受影响软件情况

#	类型	厂商	产品	版本	影响面
1
	运行在以下环境
	应用	f5	traffix_signaling_delivery_controller	*	From (including) 5.0.0	Up to (including) 5.1.0
	运行在以下环境
	应用	f5	traffix_signaling_delivery_controller	4.4.0	-
	运行在以下环境
	应用	netapp	element_software	-	-
	运行在以下环境
	应用	netapp	hyper_converged_infrastructure	-	-
	运行在以下环境
	应用	netapp	oncommand_unified_manager	-	-
	运行在以下环境
	应用	netapp	oncommand_workflow_automation	-	-
	运行在以下环境
	应用	netapp	ontap_select_deploy	-	-
	运行在以下环境
	应用	netapp	ontap_select_deploy_administration_utility	-	-
	运行在以下环境
	应用	netapp	santricity_smi-s_provider	-	-
	运行在以下环境
	应用	netapp	snapcenter	-	-
	运行在以下环境
	应用	netapp	snapdrive	-	-
	运行在以下环境
	应用	netapp	steelstore_cloud_integrated_storage	-	-
	运行在以下环境
	应用	netapp	storagegrid	*	From (including) 9.0.0	Up to (including) 9.0.4
	运行在以下环境
	应用	netapp	storagegrid	-	-
	运行在以下环境
	应用	netapp	storage_automation_store	-	-
	运行在以下环境
	应用	openssl	openssl	*	From (including) 1.0.2	Up to (including) 1.0.2q
	运行在以下环境
	应用	tenable	nessus	*		Up to (including) 8.2.3
	运行在以下环境
	系统	alibaba_cloud_linux_2.1903	openssl	*		Up to (excluding) 1.0.2k-19.2.al7
	运行在以下环境
	系统	alpine_3.6	openssl	*		Up to (excluding) 1.0.2r-r0
	运行在以下环境
	系统	alpine_3.7	openssl	*		Up to (excluding) 1.0.2r-r0
	运行在以下环境
	系统	alpine_3.8	openssl	*		Up to (excluding) 1.0.2r-r0
	运行在以下环境
	系统	amazon_2	openssl	*		Up to (excluding) 1.0.2k-19.amzn2.0.1
	运行在以下环境
	系统	amazon_AMI	openssl	*		Up to (excluding) 1.0.2k-16.150.amzn1
	运行在以下环境
	系统	centos_6	openssl	*		Up to (excluding) 1.0.1e-58.el6_10
	运行在以下环境
	系统	debian_8	openssl	*		Up to (excluding) 1.0.1t-1+deb8u8
	运行在以下环境
	系统	debian_9	openssl	*		Up to (excluding) 1.0.2r-1~deb9u1
	运行在以下环境
	系统	fedora_29	openssl	*		Up to (excluding) 1.0.2o-7.fc29
	运行在以下环境
	系统	fedora_30	openssl	*		Up to (excluding) 1.0.2o-7.fc30
	运行在以下环境
	系统	fedora_31	openssl	*		Up to (excluding) 1.0.2o-8.fc31
	运行在以下环境
	系统	opensuse_Leap_15.0	openssl	*		Up to (excluding) 1.0.2p-lp150.2.13.1
	运行在以下环境
	系统	opensuse_Leap_15.1	openssl	*		Up to (excluding) 1.0.2p-lp151.5.3.1
	运行在以下环境
系统	opensuse_Leap_42.3	openssl	*		Up to (excluding) 6.17.0-21.1
运行在以下环境
系统	oracle_6	openssl	*		Up to (excluding) 1.0.1e-58.0.1.el6_10
运行在以下环境
系统	oracle_7	openssl	*		Up to (excluding) 1.0.2k-19.0.1.el7
运行在以下环境
系统	suse_12_SP3	openssl	*		Up to (excluding) 0.9.8j-106.12.1
运行在以下环境
系统	suse_12_SP4	openssl	*		Up to (excluding) 0.9.8j-106.12.1
运行在以下环境
系统	ubuntu_14.04	openssl	*		Up to (excluding) 1.0.1f-1ubuntu2.27+esm1
运行在以下环境
系统	ubuntu_16.04	openssl	*		Up to (excluding) 1.0.2g-1ubuntu4.15
运行在以下环境
系统	ubuntu_18.04	openssl	*		Up to (excluding) 1.0.2n-1ubuntu5.3
查看完整数据

阿里云评分 2.7

• 攻击路径 远程
• 攻击复杂度 困难
• 权限要求 无需权限
• 影响范围 有限影响
• EXP成熟度 未验证
• 补丁情况 官方补丁
• 数据保密性 无影响
• 数据完整性 无影响
• 服务器危害 无影响
• 全网数量 100

CWE-ID 漏洞类型 CWE-203 通过差异性导致的信息暴露