SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   OpenSSL Vendors:   OpenSSL.org
(Trustix Issues Fix) OpenSSL SSL/TLS Handshade Flaws May Let Remote Users Crash OpenSSL-based Applications
SecurityTracker Alert ID:  1009494
SecurityTracker URL:  http://securitytracker.com/id/1009494
CVE Reference:   CVE-2004-0079, CVE-2004-0081, CVE-2004-0112   (Links to External Site)
Date:  Mar 19 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 0.9.6c - 0.9.6k and 0.9.7a - 0.9.7c
Description:   Some vulnerabilities were reported in OpenSSL, primarily involving the processing of SSL/TLS protocol handshakes. A remote user can cause OpenSSL to crash.

It is reported that there is a null-pointer assignment in the do_change_cipher_spec() function [CVE: CVE-2004-0079]. A remote user can perform a specially crafted SSL/TLS handshake with a target server to cause OpenSSL to crash on the target system. This may cause the application using OpenSSL to crash.

All versions of OpenSSL from 0.9.6c to 0.9.6k inclusive and from 0.9.7a to 0.9.7c inclusive are reportedly vulnerable to this null-pointer bug.

It is also reported that there is a flaw in performing SSL/TLS handshakes using Kerberos ciphersuites [CVE: CVE-2004-0112]. A remote user can perform a specially crafted SSL/TLS handshake against a server that is using Kerberos ciphersuites to cause OpenSSL to crash on the target system.

OpenSSL versions 0.9.7a, 0.9.7b, and 0.9.7c are reported to be vulnerable to this Kerberos handshake bug.

It is also reported that a remote user may be able to cause OpenSSL to enter an infinite loop due to a flaw in a patch introduced in 0.9.6d [CVE: CVE-2004-0081].

The vendor credits Dr. Stephen Henson of the OpenSSL core team as well as Codenomicon for supplying their TLS Test Tool and Joe Orton of Red Hat for performing the majority of the testing.

Impact:   A remote user can cause OpenSSL to crash, which may cause an application using OpenSSL to crash. The specific impact depends on the application that uses the OpenSSL library.
Solution:   Trustix has released a fix, available at:

http://http.trustix.org/pub/trustix/updates/
ftp://ftp.trustix.org/pub/trustix/updates/

The MD5sums of the packages are:

586ed6a62e01ca094f61002ec4b134e8 1.5/rpms/openssl-0.9.6-17tr.i586.rpm
ac7ebd358ce58ab403a4498da02486be 1.5/rpms/openssl-devel-0.9.6-17tr.i586.rpm
beee208cfb7081cced602a750d1f2145 1.5/rpms/openssl-python-0.9.6-17tr.i586.rpm
7b7d4788687514cf273d5bffe65b6d2e 1.5/rpms/openssl-support-0.9.6-17tr.i586.rpm
5e891874980982a134bb127ba7358f0d 1.5/srpms/openssl-0.9.6-17tr.src.rpm
cd3866fb30d8acb728ef44f8a30d6b37 2.0/rpms/openssl-0.9.7c-2tr.i586.rpm
988123ebb6fb32a717b0b3f85082028b 2.0/rpms/openssl-devel-0.9.7c-2tr.i586.rpm
c8f19e94b6ed3be8892a1a66be9a3644 2.0/rpms/openssl-python-0.9.7c-2tr.i586.rpm
d7f01d2b99e6ded2ab3361ef90dffb62 2.0/rpms/openssl-support-0.9.7c-2tr.i586.rpm
d49d900813432cfaabaaa4454a999ee6 2.0/srpms/openssl-0.9.7c-2tr.src.rpm
26f2286743fcb8f6560b05125e74ea71 2.1/rpms/openssl-0.9.7c-5tr.i586.rpm
32728af4fa90cf13996620304b5fadaa 2.1/rpms/openssl-devel-0.9.7c-5tr.i586.rpm
457e62f027ebf155a454b9dc20cc8891 2.1/rpms/openssl-python-0.9.7c-5tr.i586.rpm
f9f45701b12d2407e473929ffb9699d1 2.1/rpms/openssl-support-0.9.7c-5tr.i586.rpm
8c9a0ad7e420fe6f914338fa5d884996 2.1/srpms/openssl-0.9.7c-5tr.src.rpm

Vendor URL:  www.openssl.org/news/secadv_20040317.txt (Links to External Site)
Cause:   Boundary error, Exception handling error, State error
Underlying OS:  Linux (Trustix)
Underlying OS Comments:  1.5, 2.0, 2.1

Message History:   This archive entry is a follow-up to the message listed below.
Mar 17 2004 OpenSSL SSL/TLS Handshade Flaws May Let Remote Users Crash OpenSSL-based Applications



 Source Message Contents

Subject:  TSLSA-2004-0012 - openssl


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2004-0012

Package name:      openssl
Summary:           Sevaral DoS vulnerabilities
Date:              2004-03-17
Affected versions: Trustix 1.5, 2.0, 2.1

- --------------------------------------------------------------------------
Package description:
  A C library that provides various crytographic algorithms and protocols,
  including DES, RC4, RSA, and SSL.


Problem description:
  Several holes were discovered that could lead to denial of service (DoS)
  attacks on SSL-enabled services.
  See CAN-2004-0079, CAN-2004-0081, and CAN-2004-0112 on 
  <URI:http://cve.mitre.org> for a more thorough description of these
  problems.


Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All Trustix updates are available from
  <URI:http://http.trustix.org/pub/trustix/updates/>
  <URI:ftp://ftp.trustix.org/pub/trustix/updates/>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus
  on security and stability, the system is painlessly kept safe and up to
  date from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.


Public testing:
  Most updates for Trustix are made available for public testing some time
  before release.
  If you want to contribute by testing the various packages in the
  testing tree, please feel free to share your findings on the
  tsl-discuss mailinglist.
  The testing tree is located at
  <URI:http://tsldev.trustix.org/cloud/>

  You may also use swup for public testing of updates:
  
  site {
      class = 0
      location = "http://tsldev.trustix.org/cloud/rdfs/latest.rdf"
      regexp = ".*"
  }
  

Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.org/support/>


Verification:
  This advisory along with all Trustix packages are signed with the
  TSL sign key.
  This key is available from:
  <URI:http://www.trustix.org/TSL-SIGN-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.org/errata/trustix-1.5/>,
  <URI:http://www.trustix.org/errata/trustix-2.0/> and
  <URI:http://www.trustix.org/errata/trustix-2.1/>
  or directly at
  <URI:http://www.trustix.org/errata/misc/2004/TSL-2004-0012-openssl.asc.txt>


MD5sums of the packages:
- --------------------------------------------------------------------------
586ed6a62e01ca094f61002ec4b134e8  1.5/rpms/openssl-0.9.6-17tr.i586.rpm
ac7ebd358ce58ab403a4498da02486be  1.5/rpms/openssl-devel-0.9.6-17tr.i586.rpm
beee208cfb7081cced602a750d1f2145  1.5/rpms/openssl-python-0.9.6-17tr.i586.rpm
7b7d4788687514cf273d5bffe65b6d2e  1.5/rpms/openssl-support-0.9.6-17tr.i586.rpm
5e891874980982a134bb127ba7358f0d  1.5/srpms/openssl-0.9.6-17tr.src.rpm
cd3866fb30d8acb728ef44f8a30d6b37  2.0/rpms/openssl-0.9.7c-2tr.i586.rpm
988123ebb6fb32a717b0b3f85082028b  2.0/rpms/openssl-devel-0.9.7c-2tr.i586.rpm
c8f19e94b6ed3be8892a1a66be9a3644  2.0/rpms/openssl-python-0.9.7c-2tr.i586.rpm
d7f01d2b99e6ded2ab3361ef90dffb62  2.0/rpms/openssl-support-0.9.7c-2tr.i586.rpm
d49d900813432cfaabaaa4454a999ee6  2.0/srpms/openssl-0.9.7c-2tr.src.rpm
26f2286743fcb8f6560b05125e74ea71  2.1/rpms/openssl-0.9.7c-5tr.i586.rpm
32728af4fa90cf13996620304b5fadaa  2.1/rpms/openssl-devel-0.9.7c-5tr.i586.rpm
457e62f027ebf155a454b9dc20cc8891  2.1/rpms/openssl-python-0.9.7c-5tr.i586.rpm
f9f45701b12d2407e473929ffb9699d1  2.1/rpms/openssl-support-0.9.7c-5tr.i586.rpm
8c9a0ad7e420fe6f914338fa5d884996  2.1/srpms/openssl-0.9.7c-5tr.src.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQFAWb7/i8CEzsK9IksRAm0eAJ9my/zsqLQ3pVu/9vrLVD9EX1hTgwCdGQHK
44wiQ5twZJOU4JrpCJtv260=
=SBPt
-----END PGP SIGNATURE-----
_______________________________________________
tsl-announce mailing list
tsl-announce@lists.trustix.org
http://lists.trustix.org/mailman/listinfo/tsl-announce

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC