Date: 18 March 2004
References: ESB-2004.0217 ESB-2004.0218 ESB-2004.0219 ESB-2004.0220 ESB-2004.0221 ESB-2004.0225 ESB-2004.0235 ESB-2004.0294 ESB-2004.0334 ESB-2004.0389
ESB-2004.0452 ESB-2004.0705 ESB-2005.0871
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2004.0216 -- UNIRAS ALERT - 12/04
Denial of Service Vulnerabilities in OpenSSL
18 March 2004
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: OpenSSL up to and including 0.9.7c
Publisher: UNIRAS
Impact: Denial of Service
Access Required: Remote
CVE Names: CAN-2004-0079
CAN-2004-0112
CAN-2004-0081
Comment: The OpenSSL Security Advisory on this issue has been included
after the UNIRAS alert.
- --------------------------BEGIN INCLUDED TEXT--------------------
Title
=====
Denial of Service Vulnerabilities in OpenSSL.
Detail
======
What is Affected?
Versions of OpenSSL are vulnerable up to and including 0.9.7c as specified
below.
Severity
If exploited this vulnerability could lead to a Denial of Service.
Summary
The three vulnerabilities described in this document were found through
testing performed by the OpenSSL Project (http://www.openssl.org) using a
commercial test suite for the TLS protocol developed by Codenomicon Ltd.
(see http://www.codenomicon.com/testtools/tls/).
NISCC has been involved in brokering a relationship between Codenomicon
and the OpenSSL Project and in handling all aspects of the vulnerability
disclosure.
Joe Orton of Red Hat performed the testing and Dr Stephen Henson of the
OpenSSL core team provided patches for the vulnerabilities identified.
Details
OpenSSL is an open source toolkit implementing the Secure Sockets Layer
(SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a
general purpose cryptography library.
The vulnerabilities described in this advisory affect the OpenSSL
implementation of the TLS and SSL protocols, which are typically used to
provide security services to a range of Internet application protocols and
in support of web and email applications. TLS and SSL are intermediate
protocols layered onto a TCP connection used to provide additional security
to higher level protocols. These higher-level protocols, particularly
application protocols such as web services or email, may be layered on top
of a TLS/SSL connection.
These vulnerabilities relate to the SSL/TLS session establishment and do
not relate to any ASN.1 related protocol elements.
Vendor specific information will be released as it becomes available and
if vendor permission has been received. Subscribers are advised to check
the following URL regularly for updates:
http://www.uniras.gov.uk/vuls/2004/224012/index.htm
[Please note that updates to this advisory will not be notified by email.]
The identified vulnerabilities (complete with CVE names) are as follows:
NISCC/224012/1 [OpenSSL 0.9.6 and 0.9.7]
CAN-2004-0079 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0079
Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool
uncovered a null-pointer assignment in the do_change_cipher_spec()
function. A remote attacker could perform a carefully crafted SSL/TLS
handshake against a server that used the OpenSSL library in such a way as
to cause OpenSSL to crash. Depending on the application this could lead
to a denial of service. All versions of OpenSSL from 0.9.6c to 0.9.6k
inclusive and from 0.9.7a to 0.9.7c inclusive are affected by this issue.
NISCC/224012/2 [OpenSSL 0.9.7]
CAN-2004-0112 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0112
Dr. Stephen Henson discovered a flaw in SSL/TLS handshaking code when using
Kerberos ciphersuites. A remote attacker could perform a carefully crafted
SSL/TLS handshake against a server configured to use Kerberos ciphersuites
in such a way as to cause OpenSSL to crash. Most applications have no
ability to use Kerberos ciphersuites and will therefore be unaffected.
Versions 0.9.7a, 0.9.7b, and 0.9.7c of OpenSSL are affected by this issue.
NISCC/224012/3 [OpenSSL 0.9.6]
CAN-2004-0081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0081
Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool
uncovered a bug in older versions of OpenSSL 0.9.6 that can lead to a
Denial of Service attack (infinite loop). This issue was traced to a fix
that was added to OpenSSL 0.9.6d some time ago. This issue will affect
vendors that ship older versions of OpenSSL with backported security
patches.
Solution
These vulnerabilities have been fixed in OpenSSL 0.9.6m and 0.9.7d,
available from the OpenSSL web site at:
http://www.openssl.org/news/secadv_20040317.txt.
- -----------------------------------------------------------------------------
OpenSSL Security Advisory [17 March 2004]
Updated versions of OpenSSL are now available which correct two
security issues:
1. Null-pointer assignment during SSL handshake
===============================================
Testing performed by the OpenSSL group using the Codenomicon TLS Test
Tool uncovered a null-pointer assignment in the
do_change_cipher_spec() function. A remote attacker could perform a
carefully crafted SSL/TLS handshake against a server that used the
OpenSSL library in such a way as to cause OpenSSL to crash. Depending
on the application this could lead to a denial of service.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0079 to this issue.
All versions of OpenSSL from 0.9.6c to 0.9.6l inclusive and from
0.9.7a to 0.9.7c inclusive are affected by this issue. Any
application that makes use of OpenSSL's SSL/TLS library may be
affected. Please contact your application vendor for details.
2. Out-of-bounds read affects Kerberos ciphersuites
===================================================
Stephen Henson discovered a flaw in SSL/TLS handshaking code when
using Kerberos ciphersuites. A remote attacker could perform a
carefully crafted SSL/TLS handshake against a server configured to use
Kerberos ciphersuites in such a way as to cause OpenSSL to crash.
Most applications have no ability to use Kerberos ciphersuites and
will therefore be unaffected.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0112 to this issue.
Versions 0.9.7a, 0.9.7b, and 0.9.7c of OpenSSL are affected by this
issue. Any application that makes use of OpenSSL's SSL/TLS library
may be affected. Please contact your application vendor for details.
Recommendations
- ---------------
Upgrade to OpenSSL 0.9.7d or 0.9.6m. Recompile any OpenSSL applications
statically linked to OpenSSL libraries.
OpenSSL 0.9.7d and OpenSSL 0.9.6m are available for download via HTTP and
FTP from the following master locations (you can find the various FTP
mirrors under http://www.openssl.org/source/mirror.html):
ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.7d.tar.gz
MD5 checksum: 1b49e90fc8a75c3a507c0a624529aca5
o openssl-0.9.6m.tar.gz [normal]
MD5 checksum: 1b63bfdca1c37837dddde9f1623498f9
o openssl-engine-0.9.6m.tar.gz [engine]
MD5 checksum: 4c39d2524bd466180f9077f8efddac8c
The checksums were calculated using the following command:
openssl md5 openssl-0.9*.tar.gz
Credits
- -------
Patches for these issues were created by Dr Stephen Henson
(steve@openssl.org) of the OpenSSL core team. The OpenSSL team would
like to thank Codenomicon for supplying the TLS Test Tool which was
used to discover these vulnerabilities, and Joe Orton of Red Hat for
performing the majority of the testing.
References
- ----------
http://www.codenomicon.com/testtools/tls/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0112
URL for this Security Advisory:
http://www.openssl.org/news/secadv_20040317.txt
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business
hours which are GMT+10:00 (AEST). On call after hours
for member emergencies only.
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBQFjeJyh9+71yA2DNAQI9+AQAleAx9m4nZre0A8clb6lroRcYfvNO9Vk3
1RdslreBrFq28tXVTZvi/Yerj6m/QwvUTfxuBR6fvweK3xauYeFIH7R891w4kSJL
5QwGpFvDSNJRWe6WykamFeWUdsbSnLlMPBUJnDOJcjdvYfzG2WWQwetIZ/uxII9x
oo//pMDOHuk=
=KY7N
-----END PGP SIGNATURE-----
|