CVE-2015-7575
Published: 31 December 2015
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.
Notes
| Author | Note |
|---|---|
| mdeslaur | This is called "SLOTH" |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
firefox Launchpad, Ubuntu, Debian |
artful |
Released
(43.0.4+build3-0ubuntu1)
|
| bionic |
Released
(43.0.4+build3-0ubuntu1)
|
|
| cosmic |
Released
(43.0.4+build3-0ubuntu1)
|
|
| disco |
Released
(43.0.4+build3-0ubuntu1)
|
|
| precise |
Released
(43.0.4+build3-0ubuntu0.12.04.1)
|
|
| trusty |
Released
(43.0.4+build3-0ubuntu0.14.04.1)
|
|
| upstream |
Released
(43.0.2)
|
|
| vivid |
Released
(43.0.4+build3-0ubuntu0.15.04.1)
|
|
| wily |
Released
(43.0.4+build3-0ubuntu0.15.10.1)
|
|
| xenial |
Released
(43.0.4+build3-0ubuntu1)
|
|
| yakkety |
Released
(43.0.4+build3-0ubuntu1)
|
|
| zesty |
Released
(43.0.4+build3-0ubuntu1)
|
|
|
gnutls26 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
| bionic |
Does not exist
|
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| precise |
Released
(2.12.14-5ubuntu3.11)
|
|
| trusty |
Released
(2.12.23-12ubuntu2.4)
|
|
| upstream |
Needs triage
|
|
| vivid |
Does not exist
|
|
| wily |
Does not exist
|
|
| xenial |
Does not exist
|
|
| yakkety |
Does not exist
|
|
| zesty |
Does not exist
|
|
|
Patches: upstream: https://gitlab.com/gnutls/gnutls/commit/778b4825c4e9fbd087f6fd5e3c94e547b93ae10e |
||
|
gnutls28 Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(3.3.18-1ubuntu1)
|
| bionic |
Not vulnerable
(3.3.18-1ubuntu1)
|
|
| cosmic |
Not vulnerable
(3.3.18-1ubuntu1)
|
|
| disco |
Not vulnerable
(3.3.18-1ubuntu1)
|
|
| precise |
Ignored
(end of life)
|
|
| trusty |
Does not exist
(trusty was needed)
|
|
| upstream |
Released
(3.4.1,3.3.15)
|
|
| vivid |
Released
(3.3.8-3ubuntu3.2)
|
|
| wily |
Not vulnerable
(3.3.15-5ubuntu2)
|
|
| xenial |
Not vulnerable
(3.3.18-1ubuntu1)
|
|
| yakkety |
Not vulnerable
(3.3.18-1ubuntu1)
|
|
| zesty |
Not vulnerable
(3.3.18-1ubuntu1)
|
|
|
Patches: upstream: https://gitlab.com/gnutls/gnutls/commit/6ef0d5dd3cbd5dfc1bdc05f1d5ce918d04d23752 upstream: https://gitlab.com/gnutls/gnutls/commit/1e013f4c660fa79c2398dbcfd4f0e054c724c5ec upstream: https://gitlab.com/gnutls/gnutls/commit/a8076fa599f0a37f8e12e30eeadd50a0ea3c67b7 upstream: https://gitlab.com/gnutls/gnutls/commit/3d333e59621f6cf9381c846c405b23d79020d031 upstream: https://gitlab.com/gnutls/gnutls/commit/20ba9c563c435b20ce5000fe4f831a07a2a6a0cf |
||
|
mbedtls Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(2.2.1-2)
|
| bionic |
Not vulnerable
(2.2.1-2)
|
|
| cosmic |
Not vulnerable
(2.2.1-2)
|
|
| disco |
Not vulnerable
(2.2.1-2)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(2.2.1-1)
|
|
| wily |
Does not exist
|
|
| xenial |
Not vulnerable
(2.2.1-2)
|
|
| yakkety |
Not vulnerable
(2.2.1-2)
|
|
| zesty |
Not vulnerable
(2.2.1-2)
|
|
|
nss Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(2:3.21-1ubuntu2)
|
| bionic |
Not vulnerable
(2:3.21-1ubuntu2)
|
|
| cosmic |
Not vulnerable
(2:3.21-1ubuntu2)
|
|
| disco |
Not vulnerable
(2:3.21-1ubuntu2)
|
|
| precise |
Released
(3.19.2.1-0ubuntu0.12.04.2)
|
|
| trusty |
Released
(2:3.19.2.1-0ubuntu0.14.04.2)
|
|
| upstream |
Released
(2:3.21-1)
|
|
| vivid |
Released
(2:3.19.2.1-0ubuntu0.15.04.2)
|
|
| wily |
Released
(2:3.19.2.1-0ubuntu0.15.10.2)
|
|
| xenial |
Not vulnerable
(2:3.21-1ubuntu2)
|
|
| yakkety |
Not vulnerable
(2:3.21-1ubuntu2)
|
|
| zesty |
Not vulnerable
(2:3.21-1ubuntu2)
|
|
|
Patches: upstream: https://hg.mozilla.org/projects/nss/rev/94e1157f3fbb upstream: https://hg.mozilla.org/projects/nss/rev/891676aa0d85 |
||
|
openjdk-6 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
| bionic |
Does not exist
|
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| precise |
Released
(6b38-1.13.10-0ubuntu0.12.04.1)
|
|
| trusty |
Released
(6b38-1.13.10-0ubuntu0.14.04.1)
|
|
| upstream |
Needs triage
|
|
| vivid |
Released
(6b38-1.13.10-0ubuntu0.15.04.1)
|
|
| wily |
Released
(6b38-1.13.10-0ubuntu0.15.10.1)
|
|
| xenial |
Does not exist
|
|
| yakkety |
Does not exist
|
|
| zesty |
Does not exist
|
|
|
openjdk-7 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
| bionic |
Does not exist
|
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| precise |
Released
(7u95-2.6.4-0ubuntu0.12.04.1)
|
|
| trusty |
Released
(7u95-2.6.4-0ubuntu0.14.04.1)
|
|
| upstream |
Needs triage
|
|
| vivid |
Released
(7u95-2.6.4-0ubuntu0.15.04.1)
|
|
| wily |
Released
(7u95-2.6.4-0ubuntu0.15.10.1)
|
|
| xenial |
Does not exist
|
|
| yakkety |
Does not exist
|
|
| zesty |
Does not exist
|
|
|
openjdk-8 Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(8u72-b15-1)
|
| bionic |
Not vulnerable
(8u72-b15-1)
|
|
| cosmic |
Not vulnerable
(8u72-b15-1)
|
|
| disco |
Not vulnerable
(8u72-b15-1)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(8u72-b15-1)
|
|
| vivid |
Ignored
(end of life)
|
|
| wily |
Released
(8u91-b14-0ubuntu4~15.10.1)
|
|
| xenial |
Not vulnerable
(8u72-b15-1)
|
|
| yakkety |
Not vulnerable
(8u72-b15-1)
|
|
| zesty |
Not vulnerable
(8u72-b15-1)
|
|
|
openssl Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(1.0.2e-1ubuntu1)
|
| bionic |
Not vulnerable
(1.0.2e-1ubuntu1)
|
|
| cosmic |
Not vulnerable
(1.0.2e-1ubuntu1)
|
|
| disco |
Not vulnerable
(1.0.2e-1ubuntu1)
|
|
| precise |
Released
(1.0.1-4ubuntu5.33)
|
|
| trusty |
Not vulnerable
(1.0.1f-1ubuntu2.16)
|
|
| upstream |
Released
(1.0.1f)
|
|
| vivid |
Not vulnerable
(1.0.1f-1ubuntu11.5)
|
|
| wily |
Not vulnerable
(1.0.2d-0ubuntu1.2)
|
|
| xenial |
Not vulnerable
(1.0.2e-1ubuntu1)
|
|
| yakkety |
Not vulnerable
(1.0.2e-1ubuntu1)
|
|
| zesty |
Not vulnerable
(1.0.2e-1ubuntu1)
|
|
|
Patches: upstream: https://git.openssl.org/?p=openssl.git;a=commit;h=45473632c54947859a731dfe2db087c002ef7aa7 upstream: https://git.openssl.org/?p=openssl.git;a=commit;h=5e1ff664f95ab4c9176b3e86b5111e5777bad61a |
||
|
openssl098 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
| bionic |
Does not exist
|
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| precise |
Not vulnerable
|
|
| trusty |
Does not exist
(trusty was not-affected)
|
|
| upstream |
Needs triage
|
|
| vivid |
Not vulnerable
|
|
| wily |
Does not exist
|
|
| xenial |
Does not exist
|
|
| yakkety |
Does not exist
|
|
| zesty |
Does not exist
|
|
|
polarssl Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
| bionic |
Does not exist
|
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| precise |
Ignored
(end of life)
|
|
| trusty |
Does not exist
(trusty was needed)
|
|
| upstream |
Released
(1.2.19,1.3.16)
|
|
| vivid |
Ignored
(end of life)
|
|
| wily |
Ignored
(end of life)
|
|
| xenial |
Does not exist
|
|
| yakkety |
Does not exist
|
|
| zesty |
Does not exist
|
|
|
thunderbird Launchpad, Ubuntu, Debian |
artful |
Released
(1:38.6.0+build1-0ubuntu1)
|
| bionic |
Released
(1:38.6.0+build1-0ubuntu1)
|
|
| cosmic |
Released
(1:38.6.0+build1-0ubuntu1)
|
|
| disco |
Released
(1:38.6.0+build1-0ubuntu1)
|
|
| precise |
Released
(1:38.6.0+build1-0ubuntu0.12.04.1)
|
|
| trusty |
Released
(1:38.6.0+build1-0ubuntu0.14.04.1)
|
|
| upstream |
Released
(38.6.0)
|
|
| vivid |
Ignored
(end of life)
|
|
| wily |
Released
(1:38.6.0+build1-0ubuntu0.15.10.1)
|
|
| xenial |
Released
(1:38.6.0+build1-0ubuntu1)
|
|
| yakkety |
Released
(1:38.6.0+build1-0ubuntu1)
|
|
| zesty |
Released
(1:38.6.0+build1-0ubuntu1)
|
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.9 |
| Attack vector | Network |
| Attack complexity | High |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | None |
| Availability impact | None |
| Vector | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
References
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/
- http://www.mitls.org/pages/attacks/SLOTH
- http://www.gnutls.org/security.html#GNUTLS-SA-2015-2
- http://lists.gnutls.org/pipermail/gnutls-devel/2015-April/007572.html
- https://ubuntu.com/security/notices/USN-2863-1
- https://ubuntu.com/security/notices/USN-2864-1
- https://ubuntu.com/security/notices/USN-2865-1
- https://ubuntu.com/security/notices/USN-2866-1
- https://ubuntu.com/security/notices/USN-2884-1
- http://blog.fuseyism.com/index.php/2016/01/25/security-icedtea-1-13-10-for-openjdk-6-released/
- https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released
- https://ubuntu.com/security/notices/USN-2904-1
- https://www.cve.org/CVERecord?id=CVE-2015-7575
- NVD
- Launchpad
- Debian