David Adrian

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.5 **Description** The issue is related to the lack of protection for internal data in the Tcl component of the operating system. It can be exploited by a remote attacker to obtain sensitive information by leveraging SSLv2 support. **Recommendations** For Apple OS X versions prior to 10.11.5, update to version 10.11.5 or later to resolve the issue. As a temporary workaround, consider disabling SSLv2 support to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OpenSSL versions prior to 0.9.8zf OpenSSL versions prior to 1.0.0r OpenSSL versions prior to 1.0.1m OpenSSL versions prior to 1.0.2a **Description** The issue allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle. This is related to an issue where the get client master key function in s2 srvr.c in the SSLv2 implementation accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher. **Recommendations** For versions prior to 0.9.8zf, update to version 0.9.8zf or later. For versions prior to 1.0.0r, update to version 1.0.0r or later. For versions prior to 1.0.1m, update to version 1.0.1m or later. For versions prior to 1.0.2a, update to version 1.0.2a or later.

**Name of the Vulnerable Software and Affected Versions** OpenSSL versions prior to 0.9.8zf OpenSSL versions 1.0.0 prior to 1.0.0r OpenSSL versions 1.0.1 prior to 1.0.1m OpenSSL versions 1.0.2 prior to 1.0.2a **Description** The issue is related to the get client master key function in the SSLv2 implementation, where an oracle protection mechanism incorrectly overwrites MASTER-KEY bytes during the use of export cipher suites. This makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle. **Recommendations** For OpenSSL versions prior to 0.9.8zf, update to version 0.9.8zf or later. For OpenSSL versions 1.0.0 prior to 1.0.0r, update to version 1.0.0r or later. For OpenSSL versions 1.0.1 prior to 1.0.1m, update to version 1.0.1m or later. For OpenSSL versions 1.0.2 prior to 1.0.2a, update to version 1.0.2a or later.