HTTP: OpenSSL CMS Structure OriginatorInfo File Memory Corruption
This signature detects attempts to exploit a known vulnerability in OpenSSL. An attacker can create a malformed CMS file that, if downloaded and used by OpenSSL, can result in arbitrary code execution.
Extended Description
OpenSSL is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue by supplying specially crafted structures to a vulnerable application that uses the affected library. Successfully exploiting this issue can allow the attacker to execute arbitrary code. Failed exploit attempts will result in a denial-of-service condition. Versions of OpenSSL 0.9.h through 0.9.8n and OpenSSL 1.0.x prior to 1.0.0a are affected. NOTE: Cryptographic Message Syntax (CMS) functionality is only enabled by default in OpenSSL versions 1.0.x.
Affected Products
Voodoo_circle circle_xtelnet
Short Name
HTTP:STC:DL:OPENSSL-CMS-FILE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CMS CVE-2010-0742 Corruption File Memory OpenSSL OriginatorInfo Structure bid:40502
Release Date
10/07/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3726
False Positive
Unknown
Vendors
Blue_coat_systems
Red_hat
Voodoo_circle
Hp
Pardus
Kolab
Openssl_project
CVSS Score
7.5