SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (VPN)  >   OpenSSL Vendors:   OpenSSL.org
OpenSSL Flaw in Encrypt-Then-Mac Extension Negotiation Lets Remote Authenticated Users Cause the Target Service to Crash
SecurityTracker Alert ID:  1037846
SecurityTracker URL:  http://securitytracker.com/id/1037846
CVE Reference:   CVE-2017-3733   (Links to External Site)
Date:  Feb 16 2017
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.1.0 to 1.1.0e
Description:   A vulnerability was reported in OpenSSL. A remote authenticated user can cause the target service to crash.

A remote authenticated user can trigger a crash during a renegotiate handshake and cause the target service to crash, depending on the selected cipher suite.

Negotiating the Encrypt-Then-Mac extension when the original handshake did not include the extension can trigger this flaw. Negotiating without the Encrypt-Then-Mac extension when the original handshake included the extension can also trigger this flaw.

Clients and servers are affected.

The vendor was notified on January 31, 2017.

Joe Orton (Red Hat) reported this vulnerability.
Impact:   A remote authenticated user can cause the target service to crash.
Solution:   The vendor has issued a fix (1.1.0e).

The vendor advisory is available at:

https://www.openssl.org/news/secadv/20170216.txt
Vendor URL:  www.openssl.org/news/secadv/20170216.txt (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Apr 11 2017 (HPE Issues Fix for HPE Operations Agent) OpenSSL Flaw in Encrypt-Then-Mac Extension Negotiation Lets Remote Authenticated Users Cause the Target Service to Crash
HPE has issued a fix for HPE Operations Agent.


 Source Message Contents
Subject:  [openssl-announce] OpenSSL Security Advisory

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


OpenSSL Security Advisory [16 Feb 2017]
========================================

Encrypt-Then-Mac renegotiation crash (CVE-2017-3733)
====================================================

Severity: High

During a renegotiation handshake if the Encrypt-Then-Mac extension is
negotiated where it was not in the original handshake (or vice-versa) then this
can cause OpenSSL to crash (dependent on ciphersuite). Both clients and servers
are affected.

OpenSSL 1.1.0 users should upgrade to 1.1.0e

This issue does not affect OpenSSL version 1.0.2.

This issue was reported to OpenSSL on 31st January 2017 by Joe Orton (Red Hat).
The fix was developed by Matt Caswell of the OpenSSL development team.

Note
====

Support for version 1.0.1 ended on 31st December 2016. Support for versions
0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer
receiving security updates.

References
==========

URL for this Security Advisory:
https://www.openssl.org/news/secadv/20170216.txt

Note: the online version of the advisory may be updated with additional details
over time.

For details of OpenSSL severity classifications please see:
https://www.openssl.org/policies/secpolicy.html
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJYpZMiAAoJENnE0m0OYESRMUgH/0UN9sxxgyDewSCMeTOYPauK
cSPqyw1pndQI6Lu+d3OCdWd01rdLcm+HxlbW5FOUjGZ4G9YefE0+JcvKkIuLGIpQ
1EE0g/ZuBzWDh7/MkFWcmjHceYVXi5sKewtWcQvO9uePzlPhlSZoNIL1G66n1HAo
of3ZlSL5BmibaTiz1WmpDG//0W1pgYP5OdvQ8/AVrJJf8pUnU9Oyubm1yCyK2RHi
jfJWLbMx0ENgW4G1sW4s8bPaj4GwLjIrZl8ocqoyAHhghkBv/UXUhv6i62bKHmxW
vfYwwiU0GlRVwPXzFKbbE3qqCRyDsq+XLAe/09NZZWA+BtscWuUhUpyEODBqzeY=
=zqNG
-----END PGP SIGNATURE-----
-- 
openssl-announce mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-announce


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC