SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (VPN)  >   OpenSSL Vendors:   OpenSSL.org
OpenSSL Buffer Overflow in TLS Server Extension Parsing May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1024743
SecurityTracker URL:  http://securitytracker.com/id/1024743
CVE Reference:   CVE-2010-3864   (Links to External Site)
Updated:  Dec 3 2010
Original Entry Date:  Nov 16 2010
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 0.9.8f through 0.9.8o; also 1.0.0, 1.0.0a
Description:   A vulnerability was reported in OpenSSL. A remote user can cause denial of service conditions. A remote user may be able to execute arbitrary code on the target system.

A remote user can send specially crafted data to exploit a TLS extension parsing race condition and trigger a buffer overflow, causing the target service to crash or potentially execute arbitrary code.

Multi-threaded TLS server applications that use OpenSSL's internal caching mechanism are affected.

The Apache HTTP server and Stunnel are not affected.

Rob Hulswit reported this vulnerability.

Impact:   A remote user may be able to execute arbitrary code on the target system.

A remote user can cause denial of service conditions.

Solution:   The vendor has issued a fix (0.9.8p, 1.0.0c).

A patch is also available for 0.9.8 releases.

The vendor's advisories are available at:

http://www.openssl.org/news/secadv_20101116.txt
http://www.openssl.org/news/secadv_20101202.txt

[Editor's note: The vendor initially issued 1.0.0b as a fix for version 1.x. On December 2, 2010, the vendor issued version 1.0.0c to provide a corrected fix.]

Vendor URL:  www.openssl.org/news/secadv_20101116.txt (Links to External Site)
Cause:   Boundary error
Underlying OS:   Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Nov 16 2010 (Red Hat Issues Fix) OpenSSL Buffer Overflow in TLS Server Extension Parsing May Let Remote Users Execute Arbitrary Code   (bugzilla@redhat.com)
Red Hat has issued a fix for Red Hat Enterprise Linux 6.
Nov 29 2010 (FreeBSD Issues Fix) OpenSSL Buffer Overflow in TLS Server Extension Parsing May Let Remote Users Execute Arbitrary Code   (FreeBSD Security Advisories <security-advisories@freebsd.org>)
FreeBSD has issued a fix for FreeBSD 7.1, 7.3, 8.0, and 8.1.
Dec 6 2010 (Sun Issues Fix) OpenSSL Buffer Overflow in TLS Server Extension Parsing May Let Remote Users Execute Arbitrary Code
Sun has issued a fix for OpenSolaris.
Mar 3 2011 (HP Issues Fix for HP-UX) OpenSSL Buffer Overflow in TLS Server Extension Parsing May Let Remote Users Execute Arbitrary Code
HP has issued a fix for HP-UX 11.11, 11.23, and 11.31.
Nov 5 2011 (IBM Issues Fix for AIX) OpenSSL Buffer Overflow in TLS Server Extension Parsing May Let Remote Users Execute Arbitrary Code
IBM has issued a fix for AIX 5.3, 6.1, and 7.1.
Feb 2 2012 (Blue Coat Issues Fix for Reporter) OpenSSL Buffer Overflow in TLS Server Extension Parsing May Let Remote Users Execute Arbitrary Code
Bluecoat has issued a fix for Bluecoat Reporter.



 Source Message Contents

Date:  Tue, 16 Nov 2010 18:14:35 +0000
Subject:  OpenSSL


http://www.openssl.org/news/secadv_20101116.txt

CVE-2010-3864

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC