SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (VPN)  >   OpenSSL Vendors:   OpenSSL.org
OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
SecurityTracker Alert ID:  1028082
SecurityTracker URL:  http://securitytracker.com/id/1028082
CVE Reference:   CVE-2013-0169   (Links to External Site)
Date:  Feb 5 2013
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 0.9.8x, 1.0.0j, 1.0.1c; and prior versions
Description:   A vulnerability was reported in OpenSSL. A remote user can recover plaintext in certain cases.

A remote user with the ability to conduct a man-in-the-middle attack against TLS or DTLS protected connections can recover the original plaintext when CBC-mode encryption is used.

A user with low latency access to the target server's network can send specially crafted encrypted data and monitor the response timing to determine the plaintext contents of the data. For certain message lengths where the HMAC-SHA1 MAC algorithm is used, TLS messages containing at least two bytes of correct padding will be processed slightly faster than TLS messages containing one byte of correct padding or padding that is incorrectly formatted. By analyzing the timing variations over a large number of connections, the original plaintext can be determined.

This attack is known as the 'Lucky Thirteen' attack.

The vulnerability resides in the TLS/DTLS protocol specification rather than in the specific OpenSSL implementation. Many other implementations are affected.

The original advisory is available at:

http://www.isg.rhul.ac.uk/tls/

Nadhem J. AlFardan and Kenneth G. Paterson of the Information Security Group Royal Holloway, University of London, reported this vulnerability.

Impact:   A remote user can recover plaintext.
Solution:   The vendor has issued a fix (0.9.8y, 1.0.0k, 1.0.1d).

The vendor's advisory is available at:

http://www.openssl.org/news/secadv_20130205.txt

Vendor URL:  www.openssl.org/news/secadv_20130205.txt (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Feb 19 2013 (Oracle Issues Fix for Java) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
Oracle has issued a fix for Java.
Mar 4 2013 (Red Hat Issues Fix) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
Red Hat has issued a fix for Red Hat Enterprise Linux 5 and 6.
Mar 16 2013 (IBM Issues Fix for AIX) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
IBM has issued a fix for AIX 5.3, 6.1, and 7.1.
Mar 21 2013 (HP Issues Fix for HP-UX) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
HP has issued a fix for HP-UX 11.11, 11.23, and 11.31.
Mar 26 2013 (HP Issues Fix for OpenVMS) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
HP has issued a fix for OpenVMS.
Apr 2 2013 (FreeBSD Issues Fix) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
FreeBSD has issued a fix for FreeBSD 8.3, 9.0, and 9.1.
Apr 23 2013 (McAfee Issues Fix for ePolicy Orchestrator) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
McAfee has issued a fix for McAfee ePolicy Orchestrator.
Apr 30 2013 (HP Issues Fix for HP Service Manager) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
HP has issued a fix for HP Service Manager.
May 1 2013 (Red Hat Issues Fix for JBoss) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
Red Hat has issued a fix for JBoss Enterprise Web Platform.
May 1 2013 (Red Hat Issues Fix for JBoss) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
Red Hat has issued a fix for JBoss Enterprise Application Platform.
May 8 2013 (Oracle Issues Fix for VirtualBox) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
Oracle has issued a fix for Oracle VM VirtualBox.
Jun 10 2013 (IBM Issues Fix for IBM Tivoli Federated Identity Manager) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
IBM has issued a fix for IBM Tivoli Federated Identity Manager and Tivoli Federated Identity Manager Business Gateway.
Jun 13 2013 (Oracle Issues Fix for Sun QFS) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
Oracle has issued a fix for Sun QFS and Sun Storage Archive Manager.
Jun 20 2013 (RSA Issues Fix for BSAFE Micro Edition Suite) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
RSA has issued a fix for RSA BSAFE Micro Edition Suite.
Jun 20 2013 (RSA Issues Fix for BSAFE SSL-J) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
RSA has issued a fix for RSA BSAFE SSL-J.
Jun 20 2013 (RSA Issues Fix for BSAFE SSL-C) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
RSA has issued a fix for RSA BSAFE SSL-C.
Aug 2 2013 (HP Issues Fix for HP-UX) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
HP has issued a fix for HP-UX.
Oct 25 2013 (IBM Issues Fix for IBM Rational Build Forge) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
IBM has issued a fix for IBM Rational Build Forge.
Apr 4 2014 (RSA Issues Fix for RSA BSAFE SSL-J) OpenSSL TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
RSA has issued a fix for RSA BSAFE SSL-J.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC