OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
|
SecurityTracker Alert ID: 1004879 |
SecurityTracker URL: http://securitytracker.com/id/1004879
|
CVE Reference:
CVE-2002-0655, CVE-2002-0656, CVE-2002-0657, CVE-2002-0659
(Links to External Site)
|
Date: Jul 30 2002
|
Impact:
Denial of service via network, Execution of arbitrary code via network, Root access via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 0.9.6d or earlier, 0.9.7-beta2 or earlier, 0.9.7 current development snapshots
|
Description:
Four buffer overflow conditions were reported in OpenSSL. All four may allow a remote user to execute arbitrary code.
The vendor has reported that A.L. Digital Ltd and The Bunker have uncovered multiple buffer overflows in OpenSSL, discovered during a security review.
A remote user could create a specially crafted, oversized client master key and use SSL2 to trigger an overflow on an SSL server. According to the report, this vulnerability was independently discovered by Neohapsis, which has confirmed that the overflow can be exploited to execute arbitrary code.
A remote user with an SSL server could create a specially crafted, oversized session ID and supply this ID to a target client using SSL3 to trigger an overflow.
A remote user could supply a specially crafted, oversized master key to an SSL3 server to trigger an overflow. It is reported that this flaw affects OpenSSL 0.9.7 prior to version 0.9.7-beta3 when Kerberos is enabled.
Several buffers used for ASCII representations of integers are reportedly too small on 64 bit platforms.
The report also states that other potential buffer overflows that are currently considered to be non-exploitable have been discovered.
The vendor notes that Adi Stav and James Yonan independently reported that the ASN1 parser can be confused by certain invalid encodings, potentially allowing a remote user to cause denial of service conditions. An OpenSSL-based application that use the ASN1 library to parse untrusted data (including all SSL or TLS applications using S/MIME [PKCS#7] or certificate generation routines) are affected.
|
Impact:
A remote user acting as an SSL client could execute arbitrary code on an SSL server. A remote user acting as an SSL server could cause arbitrary code to be executed on an SSL client that is connecting to the server. In each case, the code would run with privileges of the affected implementation.
A remote user may be able cause denial of service conditions.
|
Solution:
The vendor has released a fixed version (0.9.6e), available at:
http://www.openssl.org/
Also, patches are available for various versions:
Patches for OpenSSL 0.9.6d:
http://www.openssl.org/news/patch_20020730_0_9_6d.txt
Patches for OpenSSL 0.9.7 beta 2:
http://www.openssl.org/news/patch_20020730_0_9_7.txt
As a workaround, servers can disable SSL2 and all applications using SSL or TLS can be disabled until the patches are applied. Users of 0.9.7 pre-release versions with Kerberos enabled will also have to disable Kerberos.
Client implementations can be disabled altogether until the patches are applied.
|
Vendor URL: www.openssl.org/news/secadv_20020730.txt (Links to External Site)
|
Cause:
Boundary error, Exception handling error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Subject: OpenSSL Security Advisory
|
This is a multi-part message in MIME format.
--------------48F0AACB77AAC21E27194FC9
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
http://www.openssl.org/news/secadv_20020730.txt
--------------48F0AACB77AAC21E27194FC9
Content-Type: text/plain; charset=us-ascii;
name="secadv_20020730.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="secadv_20020730.txt"
OpenSSL Security Advisory [30 July 2002]
This advisory consists of two independent advisories, merged, and is
an official OpenSSL advisory.
Advisory 1
==========
A.L. Digital Ltd and The Bunker (http://www.thebunker.net/) are
conducting a security review of OpenSSL, under the DARPA program
CHATS.
Vulnerabilities
---------------
All four of these are potentially remotely exploitable.
1. The client master key in SSL2 could be oversized and overrun a
buffer. This vulnerability was also independently discovered by
consultants at Neohapsis (http://www.neohapsis.com/) who have also
demonstrated that the vulerability is exploitable. Exploit code is
NOT available at this time.
2. The session ID supplied to a client in SSL3 could be oversized and
overrun a buffer.
3. The master key supplied to an SSL3 server could be oversized and
overrun a stack-based buffer. This issues only affects OpenSSL
0.9.7 before 0.9.7-beta3 with Kerberos enabled.
4. Various buffers for ASCII representations of integers were too
small on 64 bit platforms.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0656 to issues 1-2, CAN-2002-0657 to issue
3, and CAN-2002-0655 to issue 4.
In addition various potential buffer overflows not known to be
exploitable have had assertions added to defend against them.
Who is affected?
----------------
Everyone using OpenSSL 0.9.6d or earlier, or 0.9.7-beta2 or earlier or
current development snapshots of 0.9.7 to provide SSL or TLS is
vulnerable, whether client or server. 0.9.6d servers on 32-bit systems
with SSL 2.0 disabled are not vulnerable.
SSLeay is probably also affected.
Recommendations
---------------
Apply the attached patch to OpenSSL 0.9.6d, or upgrade to OpenSSL
0.9.6e. Recompile all applications using OpenSSL to provide SSL or
TLS.
A patch for 0.9.7 is available from the OpenSSL website
(http://www.openssl.org/).
Servers can disable SSL2, alternatively disable all applications using
SSL or TLS until the patches are applied. Users of 0.9.7 pre-release
versions with Kerberos enabled will also have to disable Kerberos.
Client should be disabled altogether until the patches are applied.
Known Exploits
--------------
There are no know exploits available for these vulnerabilities. As
noted above, Neohapsis have demonstrated internally that an exploit is
possible, but have not released the exploit code.
References
----------
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0657
Acknowledgements
----------------
The project leading to this advisory is sponsored by the Defense
Advanced Research Projects Agency (DARPA) and Air Force Research
Laboratory, Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
The patch and advisory were prepared by Ben Laurie.
Advisory 2
==========
Vulnerabilities
---------------
The ASN1 parser can be confused by supplying it with certain invalid
encodings.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0659 to this issue.
Who is affected?
----------------
Any OpenSSL program which uses the ASN1 library to parse untrusted
data. This includes all SSL or TLS applications, those using S/MIME
(PKCS#7) or certificate generation routines.
Recommendations
---------------
Apply the patch to OpenSSL, or upgrade to OpenSSL 0.9.6e. Recompile
all applications using OpenSSL.
Users of 0.9.7 pre-release versions should apply the patch or upgrade
to 0.9.7-beta3 or later. Recompile all applications using OpenSSL.
Exploits
--------
There are no known exploits for this vulnerability.
References
----------
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0659
Acknowledgements
----------------
This vulnerability was discovered by Adi Stav <stav@mercury.co.il>
and James Yonan <jim@ntlp.com> independently. The patch is partly
based on a version by Adi Stav.
The patch and advisory were prepared by Dr. Stephen Henson.
Combined patches for OpenSSL 0.9.6d:
http://www.openssl.org/news/patch_20020730_0_9_6d.txt
Combined patches for OpenSSL 0.9.7 beta 2:
http://www.openssl.org/news/patch_20020730_0_9_7.txt
URL for this Security Advisory:
http://www.openssl.org/news/secadv_20020730.txt
--------------48F0AACB77AAC21E27194FC9--
|
|