Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Unix :: General :: m-103.txt

Multiple Vulnerabilities in OpenSSL (CIAC M-103)




             __________________________________________________________

                       The U.S. Department of Energy
                   Computer Incident Advisory Capability
                           ___  __ __    _     ___
                          /       |     /_\   /
                          \___  __|__  /   \  \___
             __________________________________________________________

                             INFORMATION BULLETIN

                      Multiple Vulnerabilities in OpenSSL
                          [CERT Advisory CA-2002-23 ]

July 30, 2002 17:00 GMT                                           Number M-103
[Revised 21 August 2002]
______________________________________________________________________________
PROBLEM:       There are four remotely exploitable buffer overflows in 
               OpenSSL. There are also encoding problems in the ASN.1 library 
               used by OpenSSL. 
AFFECTED VERSIONS:      
               OpenSSL prior to 0.9.6e, up to and including pre-release 
               0.9.7-beta2 
               OpenSSL pre-release 0.9.7-beta2 and prior with Kerberos enabled 
               SSLeay library 
DAMAGE:        All could be used to create denial of service. Several of these 
               vulnerabilities could be used by a remote attacker to execute 
               arbitrary code on the target system. 
SOLUTION:      Apply available patches or disable applications or services. 
______________________________________________________________________________
VULNERABILITY  The risk is HIGH. By exploiting the buffer overflows, a remote 
ASSESSMENT:    attacker can execute arbitrary code on a vulnerable server or 
               client system or cause a denial-of-service situation. 
               Exploitation of the ASN.1 encoding errors can lead to a denial 
               of service. 
______________________________________________________________________________
LINKS: 
 CIAC BULLETIN:      http://www.ciac.org/ciac/bulletins/m-103.shtml 
 ORIGINAL BULLETIN:  http://www.cert.org/advisories/CA-2002-23.html
 PATCHES:            21 August 2002 - Sun Mircrosystems - Solaris 8
                     http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=112869&rev=02 
______________________________________________________________________________
[***** Start CERT Advisory CA-2002-23  *****]


CERTŪ Advisory CA-2002-23 Multiple Vulnerabilities In OpenSSL
Original release date: July 30, 2002
Last revised: --
Source: CERT/CC

A complete revision history can be found at the end of this file.


Systems Affected
  OpenSSL prior to 0.9.6e, up to and including pre-release 0.9.7-beta2 
  OpenSSL pre-release 0.9.7-beta2 and prior with Kerberos enabled 
  SSLeay library 


Overview

There are four remotely exploitable buffer overflows in OpenSSL. There are also 
encoding problems in the ASN.1 library used by OpenSSL. Several of these 
vulnerabilities could be used by a remote attacker to execute arbitrary code on 
the target system. All could be used to create denial of service. 

I.  Description

OpenSSL is a widely deployed, open source implementation of the Secure Sockets 
Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as 
a full-strength general purpose cryptography library. The SSL and TLS protocols 
are used to provide a secure connection between a client and a server for 
higher level protocols such as HTTP. Four remotely exploitable vulnerabilities 
exist in many OpenSSL client and server systems. 

VU#102795 - OpenSSL servers contain a buffer overflow during the SSLv2 handshake 
process 

Versions of OpenSSL servers prior to 0.9.6e and pre-release version 0.9.7-beta2 
contain a remotely exploitable buffer overflow vulnerability. This vulnerability 
can be exploited by a client using a malformed key during the handshake process 
with an SSL server connection. Note that only SSLv2-supported sessions are 
affected by this issue. 

This issue is also being referenced as CAN-2002-0656. 

VU#258555 - OpenSSL clients contain a buffer overflow during the SSLv3 handshake 
process

OpenSSL clients using SSLv3 prior to version 0.9.6e and pre-release version 
0.9.7- beta2 contain a buffer overflow vulnerability. A malicious server can 
exploit this by sending a large session ID to the client during the handshake 
process. 

This issue is also being referenced as CAN-2002-0656. 

VU#561275 - OpenSSL servers with Kerberos enabled contain a remotely exploitable 
buffer overflow vulnerability during the SSLv3 handshake process 

Servers running OpenSSL pre-release version 0.9.7 with Kerberos enabled contain a 
remotely exploitable buffer overflow vulnerability. This vulnerability can be 
exploited by a malicious client sending a malformed key during the SSLv3 handshake 
process with the server. 

This issue is also being referenced as CAN-2002-0657. 

VU#308891 - OpenSSL contains multiple buffers overflows in buffers that are used 
to hold ASCII representations of integers 

OpenSSL clients and servers prior to version 0.9.6e and pre-release version 
0.9.7- beta2 contain multiple remotely exploitable buffer overflow 
vulnerabilities if running on 64-bit platforms. These buffers are used to 
hold ASCII representations of integers. 

This issue is also being referenced as CAN-2002-0655. 

In addition, a separate issue has been identified in OpenSSL involving malformed 
ASN.1 encodings. Affected components include SSL or TLS applications, as well 
as S/MIME, PKCS#7, and certificate creation routines. 

VU#748355 - ASN.1 encoding errors exist in implementations of SSL, TLS, 
S/MIME, PKCS#7 routines 

The ASN.1 library used by OpenSSL has various encoding errors that allow 
malformed certificate encodings to be parsed incorrectly. Exploitation of this 
vulnerability can lead to remote denial-of-service issues. Routines affected 
include those supporting SSL and TLS applications, as well as those supporting 
S/MIME, PKCS#7, and certificate creation. 

This issue is also being referenced as CAN-2002-0659. 

Although these vulnerabilities affect OpenSSL, other implementations of the SSL 
protocol that use or share a common code base may be affected. This includes 
implementations that are derived from the SSLeay library developed by Eric A. 
Young and Tim J. Hudson. 

As noted in the OpenSSL advisory as well, sites running OpenSSL 0.9.6d servers 
on 32-bit platforms with SSLv2 handshaking disabled will not be affected by any 
of the buffer overflows described above. However, due to the nature of the 
ASN.1 encoding errors, such sites may still be affected by denial-of-service 
situations. 

II. Impact

By exploiting the buffer overflows above, a remote attacker can execute arbitrary 
code on a vulnerable server or client system or cause a denial-of-service 
situation. Exploitation of the ASN.1 encoding errors can lead to a denial of 
service. 


III. Solution

Apply a patch from your vendor
Appendix A contains information provided by vendors for this advisory. As vendors 
report new information to the CERT/CC, we will update this section and note the 
changes in our revision history. If a particular vendor is not listed below or 
in the individual vulnerability notes, we have not received their comments. 
Please contact your vendor directly. 

Upgrade to version 0.9.6e of OpenSSL
Upgrade to version 0.9.6e of OpenSSL to resolve the issues addressed in this 
advisory. As noted in the OpenSSL advisory, separate patches are available:


Combined patches for OpenSSL 0.9.6d:
http://www.openssl.org/news/patch_20020730_0_9_6d.txt 
After either applying the patches above or upgrading to 0.9.6e, recompile all 
applications using OpenSSL to support SSL or TLS services, and restart said 
services or systems. This will eliminate all known vulnerable code. 

Sites running OpenSSL pre-release version 0.9.7-beta2 may wish to upgrade to 
0.9.7-beta3, which corrects these vulnerabilities. Separate patches are 
available as well:


Combined patches for OpenSSL 0.9.7 beta 2:
http://www.openssl.org/news/patch_20020730_0_9_7.txt 

Disable vulnerable applications or services
Until fixes for these vulnerabilities can be applied, disable all applications 
that use vulnerable implementations of OpenSSL. Systems with OpenSSL 0.9.7 
pre-release with Kerberos enabled also need to disable Kerberos to protect 
against VU#561275. As a best practice, the CERT/CC recommends disabling all 
services that are not explicitly required. Before deciding to disable SSL or 
TLS, carefully consider the impact that this will have on your service 
requirements. 

Disabling SSLv2 handshaking will prevent exploitation of VU#102795. However, 
due to the nature of the ASN.1 encoding errors, such sites would still be 
vulnerable to denial-of-service attacks. 

Appendix A. - Vendor Information
This appendix contains information provided by vendors for this advisory. 
As vendors report new information to the CERT/CC, we will update this section 
and note the changes in our revision history. If a particular vendor is not 
listed below or in the individual vulnerability notes, we have not received 
their comments. 

OpenLDAP
The OpenLDAP Project uses OpenSSL. Rebuilding OpenLDAP with updated versions 
of OpenSSL should adequately address reported issues. Those using packaged 
versions of OpenLDAP should contact the package distributor for update 
information. 

OpenSSL
Please see http://www.openssl.org/news/secadv_20020730.txt. 

Red Hat
Red Hat distributes affected versions of OpenSSL in all Red Hat Linux 
distributions as well as the Stronghold web server. Red Hat Linux errata 
packages that fix the above vulnerabilities (CAN-2002-0655 and CAN-2002-0656) 
are available from the URL below. Users of the Red Hat Network are able to 
update their systems using the 'up2date' tool. A future update will fix the 
potential remote DOS in the ASN.1 encoding (CAN-2002-0659) 

http://rhn.redhat.com/errata/RHSA-2002-155.html 


--------------------------------------------------------------------------------

These vulnerabilities were discovered and reported by the following: 

VU#102795 - discovered by A.L. Digital Ltd and independently discovered and 
reported by John McDonald of Neohapsis 
VU#258555, VU#561275, VU#308891 - discovered by A.L. Digital Ltd 
VU#748355 - discovered by Adi Stav and James Yonan independently 

The CERT/CC thanks the OpenSSL team for the work they put into their advisory, 
on which this document is largely based. 


--------------------------------------------------------------------------------

Feedback can be directed to the authors: Jason A. Rafail, Cory F. Cohen, 
Jeffrey S. Havrilla, Shawn V. Hernan. 


--------------------------------------------------------------------------------


[***** End CERT Advisory CA-2002-23  *****]
_______________________________________________________________________________

CIAC wishes to acknowledge the contributions of CERT for the 
information contained in this bulletin.
_______________________________________________________________________________


CIAC, the Computer Incident Advisory Capability, is the computer
security incident response team for the U.S. Department of Energy
(DOE) and the emergency backup response team for the National
Institutes of Health (NIH). CIAC is located at the Lawrence Livermore
National Laboratory in Livermore, California. CIAC is also a founding
member of FIRST, the Forum of Incident Response and Security Teams, a
global organization established to foster cooperation and coordination
among computer security teams worldwide.

CIAC services are available to DOE, DOE contractors, and the NIH. CIAC
can be contacted at:
    Voice:    +1 925-422-8193 (7x24)
    FAX:      +1 925-423-8002
    STU-III:  +1 925-423-2604
    E-mail:   ciac@ciac.org

Previous CIAC notices, anti-virus software, and other information are
available from the CIAC Computer Security Archive.

   World Wide Web:      http://www.ciac.org/
   Anonymous FTP:       ftp.ciac.org

PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing
communities receive CIAC bulletins.  If you are not part of these
communities, please contact your agency's response team to report
incidents. Your agency's team will coordinate with CIAC. The Forum of
Incident Response and Security Teams (FIRST) is a world-wide
organization. A list of FIRST member organizations and their
constituencies can be obtained via WWW at http://www.first.org/.

This document was prepared as an account of work sponsored by an
agency of the United States Government. Neither the United States
Government nor the University of California nor any of their
employees, makes any warranty, express or implied, or assumes any
legal liability or responsibility for the accuracy, completeness, or
usefulness of any information, apparatus, product, or process
disclosed, or represents that its use would not infringe privately
owned rights. Reference herein to any specific commercial products,
process, or service by trade name, trademark, manufacturer, or
otherwise, does not necessarily constitute or imply its endorsement,
recommendation or favoring by the United States Government or the
University of California. The views and opinions of authors expressed
herein do not necessarily state or reflect those of the United States
Government or the University of California, and shall not be used for
advertising or product endorsement purposes.

LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC)

M-093: Apache HTTP Server Chunk Encoding Vulnerability
M-094: Microsoft SQL Server 2000 OpenDataSource Buffer Overflow
M-095: OpenSSH Challenge Response Vulnerabilities
M-096: Microsoft Windows Media Player Vulnerabilities
M-097: Cisco ACS Acme.server traversal Vulnerability
M-098: PGP Outlook Encryption Plug-in Vulnerability
M-099: Microsoft Cumulative Patch for SQL Server
M-100: MS Server Response To SMTP Client EHLO Command 
M-101: MS Unchecked Buffer in SQL Server 2000 Utilities  
M-102: MS SQL Server 2000 Resolution Service Buffer Overflow 




TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH