SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (VPN)  >   OpenSSL Vendors:   OpenSSL.org
(NetBSD Issues Fix) OpenSSL Bugs Let Remote Users Deny Service and Downgrade Session Security
SecurityTracker Alert ID:  1031960
SecurityTracker URL:  http://securitytracker.com/id/1031960
CVE Reference:   CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206   (Links to External Site)
Date:  Mar 23 2015
Impact:   Denial of service via network, Disclosure of system information, Modification of authentication information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 0.9.8zd, 1.0.0p, 1.0.1k
Description:   Several vulnerabilities were reported in OpenSSL. A remote user can cause denial of service conditions. A remote user can downgrade the session security in certain cases.

A remote user can send a specially crafted DTLS message to trigger a null pointer dereference fault in dtls1_get_record() and cause the target service to crash [CVE-2014-3571].

The vendor was notified on October 22, 2014.

Markus Stenberg of Cisco Systems, Inc. reported this vulnerability.

A remote user can send repeated DTLS records with the same sequence number but for the next epoch to trigger a memory leak in dtls1_buffer_record() and consume excessive memory resources on the target system [CVE-2015-0206]. Versions 1.0.0 and 1.0.1 are affected.

The vendor was notified on January 7, 2015.

Chris Mueller reported this vulnerability.

On systems built with the 'no-ssl3' option, a remote user can send a SSLv3 ClientHello message to later trigger a null pointer dereference [CVE-2014-3569].

The vendor was notified on October 17, 2014.

Frank Schmirler reported this vulnerability.

A remote server can initiate a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate but with the server key exchange message omitted to downgrade from ECDHE to ECDH and remove forward secrecy from the ciphersuite [CVE-2014-3572].

The vendor was notifed on October 22, 2014.

Karthikeyan Bhargavan of the PROSECCO team at INRIA reported this vulnerability.

A remote server can supply a weak RSA temporary key for a non-export RSA key exchange ciphersuite to downgrade the session security [CVE-2015-0204].

The vendor was notified on October 22, 2014.

Karthikeyan Bhargavan of the PROSECCO team at INRIA reported this vulnerability.

A remote client can send a DH certificate for client authentication without the certificate verify message to systems that trust a client certificate authority that issues certificates containing DH keys to authenticate without the use of a private key [CVE-2015-0205]. Versions 1.0.0 and 1.0.1 are affected.

The vendor was notified on October 22, 2014.

Karthikeyan Bhargavan of the PROSECCO team at INRIA reported this vulnerability.

A remote user can modify the certificate fingerprint in certain cases [CVE-2014-8275]. Applications that rely on the uniqueness of certificate fingerprints may be affected.

The vendor was notified on December 1, 2014 and December 12, 2014 by separate parties.

Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program (via NCSC-FI) reported one variant of this vulnerability. Konrad Kraszewski from Google reported another variant of this vulnerability.

Bignum squaring (BN_sqr) may randomly and rarely produce incorrect results on some platforms (including x86_64). The impact was not specified [CVE-2014-3570].

The vendor was notified on November 2, 2014.

Pieter Wuille (Blockstream) reported this vulnerability.

Impact:   A remote user can cause the target system to crash.

A remote user can consume excessive memory resources on the target system.

A remote server can downgrade the session security in certain cases.

A remote user can bypass authentication in certain rare cases.

Solution:   NetBSD has issued a fix.

The NetBSD advisory is available at:

http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2015-006.txt.asc

Vendor URL:  openssl.org/news/secadv_20150108.txt (Links to External Site)
Cause:   Access control error, Authentication error, State error
Underlying OS:  UNIX (NetBSD)
Underlying OS Comments:  5.1, 5.2, 6.0, 6.1

Message History:   This archive entry is a follow-up to the message listed below.
Jan 8 2015 OpenSSL Bugs Let Remote Users Deny Service and Downgrade Session Security



 Source Message Contents

Subject:  NetBSD Security Advisory 2015-006: OpenSSL and SSLv3 vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

		NetBSD Security Advisory 2015-006
		=================================

Topic:		OpenSSL and SSLv3 vulnerabilities


Version:	NetBSD-current:		source prior to Jan 14th
		NetBSD 6.1 - 6.1.5:	affected
		NetBSD 6.0 - 6.0.6:	affected
		NetBSD 5.1 - 5.1.4:	affected
		NetBSD 5.2 - 5.2.2:	affected

Severity:	remote DoS, confidentiality compromise

Fixed:		NetBSD-current:		Jan 14th, 2015
		NetBSD-7 branch:	Jan 18th, 2015
		NetBSD-6-0 branch:	Jan 17th, 2015
		NetBSD-6-1 branch:	Jan 17th, 2015
		NetBSD-6 branch:	Jan 17th, 2015
		NetBSD-5-2 branch:	Jan 27th, 2015
		NetBSD-5-1 branch:	Jan 27th, 2015
		NetBSD-5 branch:	Jan 27th, 2015

Teeny versions released later than the fix date will contain the fix.

Please note that NetBSD releases prior to 5.1 are no longer supported.
It is recommended that all users upgrade to a supported release.


Abstract
========

This advisory covers the OpenSSL Security Advisory of Jan 8th, 2015
which lists eight different vulnerabilities:

DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)             
DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)                 
no-ssl3 configuration sets method to NULL (CVE-2014-3569)               
ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)              
RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)          
DH client certificates accepted without verification [Server] (CVE-2015-0205)
Certificate fingerprints can be modified (CVE-2014-8275)                
Bignum squaring may produce incorrect results (CVE-2014-3570)           

Please note that the OpenSSL project has announced the release of
a new version of OpenSSL, with advisories, on March 19th, 2015.


Technical Details
=================

see https://www.openssl.org/news/secadv_20150108.txt



Solutions and Workarounds
=========================

Workarounds: the MiTM weakening of chosen encryption will not work
if the server does not allow weak encryption; this is usually
configurable on the server side.

Solution:
Update the OpenSSL libraries.

- From source:
+-----------
Update src and rebuild and install.
Note: OpenSSL in NetBSD-6, NetBSD-7 and NetBSD-current has been updated
to version 1.0.1k; NetBSD-5 received a more selective patch but that's
still 59 files touched. Updating the entire src tree is recommended.


- From tarballs:
+-------------
To obtain fixed binaries, fetch the appropriate base.tgz and comp.tgz
from a daily build later than the fix dates, from
http://nyftp.netbsd.org/pub/NetBSD-daily/<rel>/<date>/<arch>/binary/sets/
with a date later than the fix date for your branch as listed above,
and your release version and architecture
(e.g. http://nyftp.netbsd.org/pub/NetBSD-daily/netbsd-6-1/201501300500Z/amd64/binary/sets/),
and then extract the files:

Shared libraries:

tar xzpf base.tgz \*libssl\* \*libcrypto\*

And static libraries and linker config files:

tar xzpf comp.tgz \*libssl\* \*libcrypto\*

Get the fixed library into use
+-----------------------------
Since the vulnerability is in a shared library, getting the old
library purged and the fixed one into use requires restarting
all programs that load libssl.
The easiest way to do this is to reboot the system.
Another method: using /bin/sh,
ps ax -o pid | (while read pid; do \
        pmap $pid | egrep '(libssl|libcrypto)' && echo found $pid ;\
done)
will find non-chrooted programs that have the affected libraries open;
restart them. sshd will not show up in this list since it runs chrooted
and re-exec'ed but also needs to be restartet.
ldd <programname> will show the shared libraries a program will want to use.


Thanks To
=========

Thanks to the OpenSSL team for the advisory and fixes,
Markus Stenberg of Cisco Systems, Inc. for reporting CVE-2014-3571,
Chris Mueller for reporting CVE-2015-0206,
Frank Schmirler for reporting CVE-2014-3569,
Karthikeyan Bhargavan of the PROSECCO team at INRIA for reporting
	CVE-2014-3572, CVE-2015-0204 and CVE-2015-0205,
Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program,
and Konrad Kraszewski from Google, for reporting CVE-2014-8275,
Pieter Wuille from Blockstream, for reporting CVE-2014-3570 and suggesting
an initial fix, and Adam Langley of Google for further analysis of the issue.


Revision History
================

	2015-03-17	Initial release


More Information
================

Advisories may be updated as new information becomes available.
The most recent version of this advisory (PGP signed) can be found at 
  http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2015-006.txt.asc

Information about NetBSD and NetBSD security can be found at
http://www.NetBSD.org/ and http://www.NetBSD.org/Security/ .


Copyright 2015, The NetBSD Foundation, Inc.  All Rights Reserved.
Redistribution permitted only in full, unmodified form.

$NetBSD: NetBSD-SA2015-006.txt,v 1.1 2015/03/17 06:58:44 spz Exp $

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVCweSAAoJEAZJc6xMSnBu29sP/2x28vgdCOJI9PC1O3qdnzZt
a2CFdH6S03b/teyrW2/wW1eLOeW4giJ6hMOR9j0z6SpK9tKcWxRXTuRmFpo01K6c
+OOiMDg22qEaEdUsPWBscYM6gYV1SYmlibk/6mRSaV+Yb69m/sTYcONPBdG2elad
6aTtdaZe2TDIHisYEm+xw2ewI1JLZT0ao/6UIaeFjfrso0XLb4MnevARY24AZzi1
64ReVul+EtSG/qqiAawVi14LT5g3INqhq4Po7P+Ks66zK24tz2naa1EtPMHnfnBq
9OITiNPgh1qiF6YqB4DKVwW3QBjK13LStZ9MUgzjSEcgD6H8JCyiA/RaZBvBVnh2
6f9dUEdDbXwVhwJl3Sek0HzK5X0rNpNZVhLUfINpEn9cCslZvKleFuZnMzSCJeGv
ugAm+wSzCsZ3d3pFtf5Ff8IB8uEO4QAf9P8ZQoCL7EkDm9ou3X+I6iFxEM17A3+s
1yzNbKkf/87UYDqFhLhEOvBaJ3L7Rvtx3TSc32dpcbzFvrmD/TKUELalHH463f1e
YsF8olLwUAd2/F+Sr11bccBEPU4tim8r4seGraCyLnN7p//3WjSLd+v1Dyl2k0G3
95sMPMI7LkxjfXnL7j2CzlO+MmlArRZwrWqWyKDmMXPEqwGC0KLSeayIyugKaFTx
kJ6qw80GQeHF8+oTV1iO
=0Los
-----END PGP SIGNATURE-----
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC