SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   OpenSSL Vendors:   OpenSSL.org
OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
SecurityTracker Alert ID:  1004879
SecurityTracker URL:  http://securitytracker.com/id/1004879
CVE Reference:   CVE-2002-0655, CVE-2002-0656, CVE-2002-0657, CVE-2002-0659   (Links to External Site)
Date:  Jul 30 2002
Impact:   Denial of service via network, Execution of arbitrary code via network, Root access via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 0.9.6d or earlier, 0.9.7-beta2 or earlier, 0.9.7 current development snapshots
Description:   Four buffer overflow conditions were reported in OpenSSL. All four may allow a remote user to execute arbitrary code.

The vendor has reported that A.L. Digital Ltd and The Bunker have uncovered multiple buffer overflows in OpenSSL, discovered during a security review.

A remote user could create a specially crafted, oversized client master key and use SSL2 to trigger an overflow on an SSL server. According to the report, this vulnerability was independently discovered by Neohapsis, which has confirmed that the overflow can be exploited to execute arbitrary code.

A remote user with an SSL server could create a specially crafted, oversized session ID and supply this ID to a target client using SSL3 to trigger an overflow.

A remote user could supply a specially crafted, oversized master key to an SSL3 server to trigger an overflow. It is reported that this flaw affects OpenSSL 0.9.7 prior to version 0.9.7-beta3 when Kerberos is enabled.

Several buffers used for ASCII representations of integers are reportedly too small on 64 bit platforms.

The report also states that other potential buffer overflows that are currently considered to be non-exploitable have been discovered.

The vendor notes that Adi Stav and James Yonan independently reported that the ASN1 parser can be confused by certain invalid encodings, potentially allowing a remote user to cause denial of service conditions. An OpenSSL-based application that use the ASN1 library to parse untrusted data (including all SSL or TLS applications using S/MIME [PKCS#7] or certificate generation routines) are affected.

Impact:   A remote user acting as an SSL client could execute arbitrary code on an SSL server. A remote user acting as an SSL server could cause arbitrary code to be executed on an SSL client that is connecting to the server. In each case, the code would run with privileges of the affected implementation.

A remote user may be able cause denial of service conditions.

Solution:   The vendor has released a fixed version (0.9.6e), available at:

http://www.openssl.org/

Also, patches are available for various versions:

Patches for OpenSSL 0.9.6d:

http://www.openssl.org/news/patch_20020730_0_9_6d.txt

Patches for OpenSSL 0.9.7 beta 2:

http://www.openssl.org/news/patch_20020730_0_9_7.txt

As a workaround, servers can disable SSL2 and all applications using SSL or TLS can be disabled until the patches are applied. Users of 0.9.7 pre-release versions with Kerberos enabled will also have to disable Kerberos.

Client implementations can be disabled altogether until the patches are applied.

Vendor URL:  www.openssl.org/news/secadv_20020730.txt (Links to External Site)
Cause:   Boundary error, Exception handling error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
(Patches for Earlier Versions are Available) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Some patches for earlier versions are provided.
(Red Hat Issues Fix) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Red Hat issues fix.
(Debian Issues Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Debian has released a fix.
(EnGarde Issues Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
EnGarde has released a fix.
(Trustix Issues Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Trustix has released a fix.
(SuSE Issues Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
SuSE has released a fix.
(Mandrake Issues Fix) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Mandrake has issued a fix.
(Caldera Issues Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Caldera has released a fix for OpenLinux.
(Conectiva Issues Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Conectiva has released a fix.
(FreeBSD Issues Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
FreeBSD has released a fix.
(NetBSD Issues Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
NetBSD has released a fix.
(Apple Issues Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Apple has released a fix.
(FreeBSD Issues Revised Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
FreeBSD has released a revised fix.
(Red Hat Issues Revised Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Red Hat has released a revised fix.
(Mandrake Issues Revised Fix) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Mandrake has released a revised fix.
(EnGarde Issues Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
EnGarde has released a fix.
(Conectiva Issues Revised Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Conectiva has released a revised fix.
(Oracle Plans Patch for Oracle HTTP Server) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Oracle plans to issue patches for Oracle HTTP Server (a component of Oracle database).
(Oracle Plans Patch for Oracle 9iAS) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Oracle plans to issue patches for Oracle iAS.
(Oracle Plans Fix for Corporate Time Outlook Connector) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Oracle plans patch for Corporate Time Outlook Connector.
(Trustix Issues Revised Fix) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Trustix has released a revised fix.
(HP Issues Fix for HP Secure OS for Linux) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
HP has released a fix for HP Secure OS for Linux.
(Sun Issues Fix for Crypto Accelerator) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Sun has issued a fix for the Sun Crypto Accelerator 1000 board.
(HP Issues Warning for JetDirect Print Servers) OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
HP has issued a warning for JetDirect users.
(Exploit Code and Scanner is Available) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Some demonstration exploit code and a vulnerability scanner is available.
(Sun Issues Additional Fix for Crypto Accelerator) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Sun has issued a patch for the Crypto Accelerator on Solaris 9.
(Cisco Fixes Cisco Secure Content Accelerator) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Cisco has issued a fix for their Cisco Secure Content Accelerator, which is affected by the OpenSSL bug.
(Tarantella Issues Fix for Tarantella Enterprise) Re: OpenSSL Has Multiple Buffer Overflows That Allow Remote Users to Execute Arbitrary Code with Root Privileges
Tarantella has issued a fix.



 Source Message Contents

Subject:  OpenSSL Security Advisory


This is a multi-part message in MIME format.
--------------48F0AACB77AAC21E27194FC9
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

http://www.openssl.org/news/secadv_20020730.txt
--------------48F0AACB77AAC21E27194FC9
Content-Type: text/plain; charset=us-ascii;
 name="secadv_20020730.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="secadv_20020730.txt"

OpenSSL Security Advisory [30 July 2002]

This advisory consists of two independent advisories, merged, and is
an official OpenSSL advisory.

Advisory 1
==========

A.L. Digital Ltd and The Bunker (http://www.thebunker.net/) are
conducting a security review of OpenSSL, under the DARPA program
CHATS.

Vulnerabilities
---------------

All four of these are potentially remotely exploitable.

1. The client master key in SSL2 could be oversized and overrun a
    buffer. This vulnerability was also independently discovered by
    consultants at Neohapsis (http://www.neohapsis.com/) who have also
    demonstrated that the vulerability is exploitable. Exploit code is
    NOT available at this time.

2. The session ID supplied to a client in SSL3 could be oversized and
    overrun a buffer.

3. The master key supplied to an SSL3 server could be oversized and
    overrun a stack-based buffer. This issues only affects OpenSSL
    0.9.7 before 0.9.7-beta3 with Kerberos enabled.

4. Various buffers for ASCII representations of integers were too
    small on 64 bit platforms.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0656 to issues 1-2, CAN-2002-0657 to issue
3, and CAN-2002-0655 to issue 4.

In addition various potential buffer overflows not known to be
exploitable have had assertions added to defend against them.

Who is affected?
----------------

Everyone using OpenSSL 0.9.6d or earlier, or 0.9.7-beta2 or earlier or
current development snapshots of 0.9.7 to provide SSL or TLS is
vulnerable, whether client or server. 0.9.6d servers on 32-bit systems
with SSL 2.0 disabled are not vulnerable.

SSLeay is probably also affected.

Recommendations
---------------

Apply the attached patch to OpenSSL 0.9.6d, or upgrade to OpenSSL
0.9.6e. Recompile all applications using OpenSSL to provide SSL or
TLS.

A patch for 0.9.7 is available from the OpenSSL website
(http://www.openssl.org/).

Servers can disable SSL2, alternatively disable all applications using
SSL or TLS until the patches are applied. Users of 0.9.7 pre-release
versions with Kerberos enabled will also have to disable Kerberos.

Client should be disabled altogether until the patches are applied.

Known Exploits
--------------

There are no know exploits available for these vulnerabilities. As
noted above, Neohapsis have demonstrated internally that an exploit is
possible, but have not released the exploit code.

References
----------

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0657

Acknowledgements
----------------

The project leading to this advisory is sponsored by the Defense
Advanced Research Projects Agency (DARPA) and Air Force Research
Laboratory, Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.

The patch and advisory were prepared by Ben Laurie.



Advisory 2
==========

Vulnerabilities
---------------

The ASN1 parser can be confused by supplying it with certain invalid
encodings.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0659 to this issue.

Who is affected?
----------------

Any OpenSSL program which uses the ASN1 library to parse untrusted
data. This includes all SSL or TLS applications, those using S/MIME
(PKCS#7) or certificate generation routines.

Recommendations
---------------

Apply the patch to OpenSSL, or upgrade to OpenSSL 0.9.6e. Recompile
all applications using OpenSSL.

Users of 0.9.7 pre-release versions should apply the patch or upgrade
to 0.9.7-beta3 or later. Recompile all applications using OpenSSL.

Exploits
--------

There are no known exploits for this vulnerability.

References
----------

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0659

Acknowledgements
----------------

This vulnerability was discovered by Adi Stav <stav@mercury.co.il>
and James Yonan <jim@ntlp.com> independently. The patch is partly
based on a version by Adi Stav.

The patch and advisory were prepared by Dr. Stephen Henson.




Combined patches for OpenSSL 0.9.6d:
http://www.openssl.org/news/patch_20020730_0_9_6d.txt

Combined patches for OpenSSL 0.9.7 beta 2:
http://www.openssl.org/news/patch_20020730_0_9_7.txt

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20020730.txt

--------------48F0AACB77AAC21E27194FC9--



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC