Date: 24 August 2001
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2001.359 -- NetBSD Security Advisory 2001-013
OpenSSL PRNG weakness
24 August 2001
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: OpenSSL
Vendor: NetBSD
Operating System: NetBSD-current: source prior to July 10, 2001
NetBSD 1.5.1
NetBSD 1.5
Impact: Reduced Security
Access Required: Remote
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
NetBSD Security Advisory 2001-013
=================================
Topic: OpenSSL PRNG weakness (up to 0.9.6a)
Version: NetBSD-current: source prior to July 10, 2001
NetBSD 1.5.1: affected
NetBSD 1.5: affected
pkgsrc: openssl packages prior to 0.9.6b or 0.9.6nb1
Severity: attacker can predict sequence of future PRNG outputs
Fixed: NetBSD-current: July 10, 2001
NetBSD-1.5 branch: July 29, 2001 (1.5.2 includes the fix)
pkgsrc: openssl-0.9.6b or openssl-0.9.6nb1
Abstract
========
The OpenSSL libcrypto includes a PRNG (pseudo random number generator)
implementation. The logic used for PRNG was not strong enough,
and allows attackers to guess the internal state of the PRNG.
Therefore, attackers can predict future PRNG output.
Technical Details
=================
http://www.openssl.org/news/secadv_prng.txt
Solutions and Workarounds
=========================
The problem can be remedied by replacing the libcrypto library,
and recompiling all statically-linked binaries on the system that
use this library.
The following instructions describe how to upgrade your openssl
libraries by updating your source tree and rebuilding and installing
a new version of telnetd(8).
* All NetBSD releases using openssl from pkgsrc:
If you are using openssl from pkgsrc, upgrade it to either of
the following packages:
openssl-0.9.6b or higher
openssl-0.9.6nb1 (0.9.6 + specific fix for the issue)
Also, make sure that you upgrade any statically-linked binaries
in packages and local applications that have been linked with
libcrypto.
* NetBSD-current:
Systems running NetBSD-current dated from before 2001-07-10
should be upgraded to NetBSD-current dated 2001-07-11 or later.
The following directories need to be updated from the
netbsd-current CVS branch (aka HEAD):
src/crypto/dist/openssl
src/lib/libcrypto
To update from CVS, re-build, and re-install the openssl
libraries:
# cd src
# cvs update -d -P crypto/dist/openssl lib/libcrypto
# cd lib/libcrypto
# make cleandir dependall
# make install
You also need to upgrade any statically-linked binaries
that use libcrypto. Whilst there are no statically-linked
binaries in the default NetBSD installation that use
libcrypto, it would be a good idea to run a full build
(i.e. "make build").
* NetBSD 1.5, 1.5.1:
Systems running NetBSD 1.5 or 1.5.1 sources dated from
before 2001-07-29 should be upgraded from NetBSD 1.5.x
sources dated 2001-07-30 or later.
NetBSD 1.5.2 is not vulnerable.
The following source needs to be updated to version 1.2
or later from the netbsd-1-5 CVS branch:
crypto/dist/openssl/crypto/rand/md_rand.c
To update from CVS, re-build, and re-install the openssl
libraries:
# cd src
# cvs update -d -P crypto/dist/openssl/crypto/rand
# cd lib/libcrypto
# make cleandir dependall
# make install
Alternatively, apply the following patch (with potential offset
differences):
ftp://ftp.netbsd.org/pub/NetBSD/security/patches/SA2001-013-openssl-1.5.patch
To patch, re-build and re-install the openssl libraries:
# cd src/crypto/dist/openssl/crypto/rand
# patch < /path/to/SA2001-013-openssl-1.5.patch
# cd ../../../../../lib/libcrypto
# make cleandir dependall
# make install
You also need to upgrade any statically-linked binaries
that use libcrypto. Whilst there are no statically-linked
binaries in the default NetBSD installation that use
libcrypto, it would be a good idea to run a full build
(i.e. "make build").
Thanks To
=========
Jun-ichiro Hagino for the fix to -current and 1.5
Markku-Juhani O. Saarinen for discovering the problem
in the PRNG and reporting it to the OpenSSL project.
Revision History
================
2001-08-23 Initial release
More Information
================
An up-to-date PGP signed copy of this release will be maintained at
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-013.txt.asc
Information about NetBSD and NetBSD security can be found at
http://www.NetBSD.ORG/ and http://www.NetBSD.ORG/Security/.
Copyright 2001, The NetBSD Foundation, Inc. All Rights Reserved.
$NetBSD: NetBSD-SA2001-013.txt,v 1.13 2001/08/23 02:03:23 lukem Exp $
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (NetBSD)
Comment: For info see http://www.gnupg.org
iQCVAwUBO4RlGD5Ru2/4N2IFAQHJkAP/Su564Mbn4Hl4+pkMh/fWiwtRIAE8aYex
PcfCSW22nPrGpDdMwOPAvQAANCzNIJ2liXn9kzGqjNodOdSKDZ92hw6Yq/hlXhN/
9R5CY3HR7ETFJtXBe3+8X5yqsrdAebDSh6Cz49HU2YxU+IN9idmy/JstNC6Ie69e
U/XVIkv+BGM=
=VRtV
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to use any or all of this information is
the responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the original authors to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/Information/advisories.html
If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for emergencies.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key
iQCVAwUBO4YsySh9+71yA2DNAQG9nwP8Cg/FlCX87B2pvMP2mFfgvh/eCTKeswNK
IZR2/rdiK4N4Piw8GUW++2SojFmGOhfd/+cfD2ODQtl0GY+IdL9DfsrbLMMOqjcg
lvyBnehccbWlsDBLq2xSx2Fy0cdWsvA0cR+UiuwM5bL/vwSl1H5HHd84RhXQC9Oq
kwYBb2vHsp8=
=NW0x
-----END PGP SIGNATURE-----
|