SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Provider-1 Vendors:   Check Point
(Check Point Issues Fix for Provider-1) OpenSSL SSL/TLS Handshade Flaws May Let Remote Users Crash OpenSSL-based Applications
SecurityTracker Alert ID:  1009565
SecurityTracker URL:  http://securitytracker.com/id/1009565
CVE Reference:   CVE-2004-0079, CVE-2004-0081, CVE-2004-0112   (Links to External Site)
Date:  Mar 26 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): NG, R55
Description:   Some vulnerabilities were reported in OpenSSL, primarily involving the processing of SSL/TLS protocol handshakes. A remote user can cause OpenSSL to crash. Check Point Provider-1 is affected.

It is reported that there is a null-pointer assignment in the do_change_cipher_spec() function [CVE: CVE-2004-0079]. A remote user can perform a specially crafted SSL/TLS handshake with a target server to cause OpenSSL to crash on the target system. This may cause the application using OpenSSL to crash.

All versions of OpenSSL from 0.9.6c to 0.9.6k inclusive and from 0.9.7a to 0.9.7c inclusive are reportedly vulnerable to this null-pointer bug.

It is also reported that there is a flaw in performing SSL/TLS handshakes using Kerberos ciphersuites [CVE: CVE-2004-0112]. A remote user can perform a specially crafted SSL/TLS handshake against a server that is using Kerberos ciphersuites to cause OpenSSL to crash on the target system.

OpenSSL versions 0.9.7a, 0.9.7b, and 0.9.7c are reported to be vulnerable to this Kerberos handshake bug.

It is also reported that a remote user may be able to cause OpenSSL to enter an infinite loop due to a flaw in a patch introduced in 0.9.6d [CVE: CVE-2004-0081].

The vendor credits Dr. Stephen Henson of the OpenSSL core team as well as Codenomicon for supplying their TLS Test Tool and Joe Orton of Red Hat for performing the majority of the testing.

Impact:   A remote user can cause OpenSSL to crash, which may cause an application using OpenSSL to crash. The specific impact depends on the application that uses the OpenSSL library.
Solution:   Check Point has issued the following fixes.

Provider-1 NG with Application Intelligence R55 OpenSSL Hotfix

Provider-1 R55 OpenSSL Hotfix for Linux:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence
&os_selected=Linux&patchlevel_selected=R55%20OpenSSL%20Hotfix

Provider-1 R55 OpenSSL Hotfix for SecurePlatform:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence
&os_selected=SecurePlatform&patchlevel_selected=R55%20OpenSSL%20Hotfix

Provider-1 R55 OpenSSL Hotfix for Solaris:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence
&os_selected=Solaris%202.9&patchlevel_selected=R55%20OpenSSL%20Hotfix

Vendor URL:  www.checkpoint.com/techsupport/alerts/openssl.html (Links to External Site)
Cause:   Boundary error, Exception handling error, State error
Underlying OS:  Linux (Any), UNIX (Solaris - SunOS)

Message History:   This archive entry is a follow-up to the message listed below.
Mar 17 2004 OpenSSL SSL/TLS Handshade Flaws May Let Remote Users Crash OpenSSL-based Applications



 Source Message Contents

Subject:  http://www.checkpoint.com/techsupport/alerts/openssl.html


http://www.checkpoint.com/techsupport/alerts/openssl.html

Check Point issued a security advisory regarding an OpenSSL vulnerability referenced by 
CVE numbers CAN-2004-0079, CAN-2004-0081, and CAN-2004-0112.

The following Check Point products are affected:

VPN-1/FireWall-1 NG and above
VPN-1/FireWall-1 VSX NG with Application Intelligence
Provider-1 NG and above
FireWall-1 GX v2.0

Check Point indicates that VPN-1/FireWall-1 4.1 (all Service Packs) is not vulnerable.

The following fixes are available:

VPN-1/FireWall-1 NG with Application Intelligence
R55 Hotfix HFA-02

R55 HFA-02 for IPSO:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence
&os_selected=IPSO%203.7&patchlevel_selected=R55%20-%20Hotfixes

R55 HFA-02 for Linux:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence
&os_selected=Linux&patchlevel_selected=R55%20-%20Hotfixes

R55 HFA-02 for SecurePlatform:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence
&os_selected=SecurePlatform&patchlevel_selected=R55%20-%20Hotfixes

R55 HFA-02 for Solaris:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence
&os_selected=Solaris%202.8&patchlevel_selected=R55%20-%20Hotfixes


VPN-1/FireWall-1 VSX NG with Application Intelligence

VPN-1/FireWall-1 VSX:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1%20VSX&version_selected=VSX%20NG%20with%20Application%20Intelligence
&os_selected=VSX%20NG%20with%20Application%20Intelligence%20SingleCD&patchlevel_selected=OpenSSL%20Hotfix


Provider-1 NG with Application Intelligence R55 OpenSSL Hotfix

Provider-1 R55 OpenSSL Hotfix for Linux:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence
&os_selected=Linux&patchlevel_selected=R55%20OpenSSL%20Hotfix

Provider-1 R55 OpenSSL Hotfix for SecurePlatform:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence
&os_selected=SecurePlatform&patchlevel_selected=R55%20OpenSSL%20Hotfix

Provider-1 R55 OpenSSL Hotfix for Solaris:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence
&os_selected=Solaris%202.9&patchlevel_selected=R55%20OpenSSL%20Hotfix


FireWall-1 GX v2.0 OpenSSL Hotfix

GX v2.0 OpenSSL Hotfix for IPSO:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0
&os_selected=IPSO&patchlevel_selected=OpenSSL%20Hotfix

GX v2.0 OpenSSL Hotfix for Linux:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0
&os_selected=Linux&patchlevel_selected=OpenSSL%20Hotfix

GX v2.0 OpenSSL Hotfix for SecurePlatform:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0
&os_selected=SecurePlatform&patchlevel_selected=OpenSSL%20Hotfix

GX v2.0 OpenSSL Hotfix for Solaris:

http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0
&os_selected=Solaris&patchlevel_selected=OpenSSL%20Hotfix


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC