SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   OpenSSL Vendors:   OpenSSL.org
(Slackware Issues Fix) OpenSSL SSL/TLS Handshade Flaws May Let Remote Users Crash OpenSSL-based Applications
SecurityTracker Alert ID:  1009478
SecurityTracker URL:  http://securitytracker.com/id/1009478
CVE Reference:   CVE-2004-0079, CVE-2004-0112   (Links to External Site)
Date:  Mar 18 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 0.9.6c - 0.9.6k and 0.9.7a - 0.9.7c
Description:   Some vulnerabilities were reported in OpenSSL, primarily involving the processing of SSL/TLS protocol handshakes. A remote user can cause OpenSSL to crash.

It is reported that there is a null-pointer assignment in the do_change_cipher_spec() function [CVE: CVE-2004-0079]. A remote user can perform a specially crafted SSL/TLS handshake with a target server to cause OpenSSL to crash on the target system. This may cause the application using OpenSSL to crash.

All versions of OpenSSL from 0.9.6c to 0.9.6k inclusive and from 0.9.7a to 0.9.7c inclusive are reportedly vulnerable to this null-pointer bug.

It is also reported that there is a flaw in performing SSL/TLS handshakes using Kerberos ciphersuites [CVE: CVE-2004-0112]. A remote user can perform a specially crafted SSL/TLS handshake against a server that is using Kerberos ciphersuites to cause OpenSSL to crash on the target system.

OpenSSL versions 0.9.7a, 0.9.7b, and 0.9.7c are reported to be vulnerable to this Kerberos handshake bug.

It is also reported that a remote user may be able to cause OpenSSL to enter an infinite loop due to a flaw in a patch introduced in 0.9.6d [CVE: CVE-2004-0081].

The vendor credits Dr. Stephen Henson of the OpenSSL core team as well as Codenomicon for supplying their TLS Test Tool and Joe Orton of Red Hat for performing the majority of the testing.

Impact:   A remote user can cause OpenSSL to crash, which may cause an application using OpenSSL to crash. The specific impact depends on the application that uses the OpenSSL library.
Solution:   Slackware has released a fix.

Updated packages for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/openssl-0.9.6m-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/openssl-solibs-0.9.6m-i386-1.tgz

Updated packages for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/openssl-0.9.7d-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/openssl-solibs-0.9.7d-i386-1.tgz

Updated packages for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/openssl-0.9.7d-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/openssl-solibs-0.9.7d-i486-1.tgz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-0.9.7d-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-0.9.7d-i486-1.tgz

The MD5 signatures are:

Slackware 8.1 packages:
9526929bee40c6f29ddd3e9549deff3a openssl-0.9.6m-i386-1.tgz
8e9e9121276309c6082d4f16aa1ba31e openssl-solibs-0.9.6m-i386-1.tgz

Slackware 9.0 packages:
51738802d6c2c33852870e5921a96b71 openssl-0.9.7d-i386-1.tgz
18a9c560acf5c9df7f782bd16455d964 openssl-solibs-0.9.7d-i386-1.tgz

Slackware 9.1 packages:
24e4d36cf911d45c5e33a075bb353a85 openssl-0.9.7d-i486-1.tgz
b53517348c04a279fb8139d98367f1cb openssl-solibs-0.9.7d-i486-1.tgz

Slackware -current packages:
04df11995b00fcd19cdf2ced00c962eb openssl-0.9.7d-i486-1.tgz
bd21b8d487217758b903bdbc9ac309a1 openssl-solibs-0.9.7d-i486-1.tgz

Vendor URL:  www.openssl.org/news/secadv_20040317.txt (Links to External Site)
Cause:   Boundary error, Exception handling error, State error
Underlying OS:  Linux (Slackware)
Underlying OS Comments:  8.1, 9.0, 9.1, and -current.

Message History:   This archive entry is a follow-up to the message listed below.
Mar 17 2004 OpenSSL SSL/TLS Handshade Flaws May Let Remote Users Crash OpenSSL-based Applications



 Source Message Contents

Subject:  [slackware-security] OpenSSL security update (SSA:2004-077-01)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  OpenSSL security update (SSA:2004-077-01)

Upgraded OpenSSL packages are available for Slackware 8.1, 9.0,
9.1, and -current.  These fix two potential denial-of-service
issues in earlier versions of OpenSSL.

We recommend sites that use OpenSSL upgrade to the fixed packages
right away.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0079
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0112

Here are the details from the Slackware 9.1 ChangeLog:
+--------------------------+
Wed Mar 17 14:41:42 PST 2004
patches/packages/openssl-0.9.7d-i486-1.tgz:  Upgraded to openssl-0.9.7d.
patches/packages/openssl-solibs-0.9.7d-i486-1.tgz:  Upgraded to
  openssl-0.9.7d.  This fixes two potential denial-of-service issues in
  earlier versions of OpenSSL.  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0079
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0112
  (* Security fix *)
+--------------------------+


WHERE TO FIND THE NEW PACKAGES:
+-----------------------------+

Updated packages for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/openssl-0.9.6m-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/openssl-solibs-0.9.6m-i386-1.tgz

Updated packages for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/openssl-0.9.7d-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/openssl-solibs-0.9.7d-i386-1.tgz

Updated packages for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/openssl-0.9.7d-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/openssl-solibs-0.9.7d-i486-1.tgz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-0.9.7d-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-0.9.7d-i486-1.tgz


MD5 SIGNATURES:
+-------------+

Slackware 8.1 packages:
9526929bee40c6f29ddd3e9549deff3a  openssl-0.9.6m-i386-1.tgz
8e9e9121276309c6082d4f16aa1ba31e  openssl-solibs-0.9.6m-i386-1.tgz

Slackware 9.0 packages:
51738802d6c2c33852870e5921a96b71  openssl-0.9.7d-i386-1.tgz
18a9c560acf5c9df7f782bd16455d964  openssl-solibs-0.9.7d-i386-1.tgz

Slackware 9.1 packages:
24e4d36cf911d45c5e33a075bb353a85  openssl-0.9.7d-i486-1.tgz
b53517348c04a279fb8139d98367f1cb  openssl-solibs-0.9.7d-i486-1.tgz

Slackware -current packages:
04df11995b00fcd19cdf2ced00c962eb  openssl-0.9.7d-i486-1.tgz
bd21b8d487217758b903bdbc9ac309a1  openssl-solibs-0.9.7d-i486-1.tgz


INSTALLATION INSTRUCTIONS:
+------------------------+

Upgrade using upgradepkg (as root):
# upgradepkg openssl-0.9.7d-i486-1.tgz openssl-solibs-0.9.7d-i486-1.tgz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST:                         |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back.  Follow the instructions to  |
| complete the unsubscription.  Do not reply to this message to          |
| unsubscribe!                                                           |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAWPgIakRjwEAQIjMRAq8qAJ9y2KgahJ1na5q0ZZxH9J+QkUc08gCeMj0Z
0n8sxKetGEecG+IKQLNzMuI=
=dGRx
-----END PGP SIGNATURE-----

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC