SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   Sun ONE/iPlanet Web Server Vendors:   Sun
(Sun Issues Fix for iPlanet Web Server) Re: OpenSSL Flaw in Processing Padding Errors May Let Remote Users Obtain Certain Plaintext Information
SecurityTracker Alert ID:  1007486
SecurityTracker URL:  http://securitytracker.com/id/1007486
CVE Reference:   CVE-2003-0078   (Links to External Site)
Date:  Aug 13 2003
Impact:   Disclosure of authentication information, Disclosure of system information, Disclosure of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6.0 Service Pack 1 through 5
Description:   A vulnerability was reported in OpenSSL when using CBC encryption. A remote user conducting a timing-based adaptive attack against connections with certain types of plaintext information may be able to determine the plaintext. The Sun ONE/iPlanet Web Server is affected.

It is reported that a remote user with access to the encrypted traffic stream can substitute specially crafted cipher text blocks for valid cipher text blocks based on a fixed plaintext block (such as a password). The remote user can then measure the time between the injection and an error response. Timing differences between cipher padding errors and message authentication code (MAC) verification errors may yield enough information so that an adaptive attack can successfully obtain the original plain text block.

According to the report, OpenSSL is intended to treat block cipher padding errors in the same manner as MAC verification errors during record decryption. However, in the affected versions, the MAC verification step was skipped if a padding error was detected, permitting the attack to be successful.

The vendor notes that other SSL/TLS implementations may also be affected.

The vendor credits Brice Canvel (EPFL), Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and Martin Vuagnoux (EPFL, Ilion) with reporting this flaw.

Impact:   A remote user with access to the encrypted traffic stream and the encryption endpoint may be able to deterimine certain types of plaintext (repeated, common plain text) by conducting a timing-based adaptive attack.
Solution:   Sun has issued a fix in Sun ONE/iPlanet Web Server 6.0 Service Pack 6, available at:

http://wwws.sun.com/software/download/products/3f186391.html

Vendor URL:  sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F54147 (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Red Hat Linux), Linux (Sun), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000)

Message History:   This archive entry is a follow-up to the message listed below.
Feb 19 2003 OpenSSL Flaw in Processing Padding Errors May Let Remote Users Obtain Certain Plaintext Information



 Source Message Contents

Subject:  http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F54147


54147   Security Vulnerability in SSL/TLS Block Ciphers May Affect Sun ONE/iplanet Web 
Server and Application Server   5 Aug 2003

Sun updated Alert 54147 indicating that a fix is now available for Sun ONE Application 
Server and Sun ONE/iPlanet Web Server for a previously reported SSL vulnerability.

The following versions are affected:

Sun ONE/iPlanet Web Server 6.0 Service Pack 1 through 5
Sun ONE Application Server 7.0

A workaround is described in the Sun Alert.

A fix is available in:

Sun ONE/iPlanet Web Server 6.0 Service Pack 6 and later
Sun ONE Application Server 7.0 Update Release 1 and later

Download locations:

Sun ONE/iPlanet Web Server 6.0 Service Pack 6

http://wwws.sun.com/software/download/products/3f186391.html

Sun ONE Application Server 7.0 Update Release 1

Standard Edition: http://wwws.sun.com/software/download/products/3ec3e772.html
Platform Edition: http://wwws.sun.com/software/download/products/3ec1008e.html


-----

Sun Alert ID: 54147
Synopsis: Security Vulnerability in SSL/TLS Block Ciphers may affect Sun ONE/iPlanet Web 
Server and Application Server
Category: Security
Product: Sun ONE/iPlanet Web Server, Sun ONE Application Server
BugIDs: 4828761
Avoidance: Workaround, Upgrade
State: Resolved
Date Released: 06-May-2003, 08-May-2003, 05-Aug-2003
Date Closed: 05-Aug-2003
Date Modified: 08-May-2003, 05-Aug-2003




 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC