copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2014.0887 - ALERT [Win][UNIX/Linux] OpenSSL: Multiple vulnerabilities

Date: 06 June 2014
References: ESB-2014.0492.5  ESB-2014.0505  ESB-2014.0511  ESB-2014.0750  ESB-2014.0751  ESB-2014.0755  ESB-2014.0886  ESB-2014.0888  ESB-2014.0889  ESB-2014.0890  
ESB-2014.0891  ESB-2014.0892  ESB-2014.0894.2  ESB-2014.0897  ESB-2014.0898.2  ESB-2014.0902  ESB-2014.0905  ESB-2014.0908  ESB-2014.0912  ESB-2014.0932  ESB-2014.0933  
ESB-2014.0951  ESB-2014.0952.2  ESB-2014.0953  ESB-2014.0962  ESB-2014.0978  ESB-2014.0979  ESB-2014.0987  ESB-2014.1000  ASB-2014.0073  ESB-2014.1022.2  ESB-2014.1023  
ESB-2014.1024  ESB-2014.1025  ESB-2014.1029  ESB-2014.1030.2  ESB-2014.1042  ESB-2014.1046  ESB-2014.1048  ESB-2014.1049  ESB-2014.1053  ESB-2014.1054  ESB-2014.1076  
ESB-2014.1084  ESB-2014.1099  ESB-2014.1113  ESB-2014.1115  ESB-2014.1116  ESB-2014.1130  ESB-2014.1131  ESB-2014.1132  ESB-2014.1137  ESB-2014.1139  ESB-2014.1141  
ESB-2014.1157  ESB-2014.1158  ESB-2014.1163  ASB-2014.0076  ESB-2014.1170  ASB-2014.0077  ESB-2014.1207  ESB-2014.1215  ESB-2014.1249  ESB-2014.1259  ESB-2014.1265  
ESB-2014.1277  ESB-2014.1299.2  ESB-2014.1303  ESB-2014.1314  ESB-2014.1315  ESB-2014.1318  ESB-2014.1366  ESB-2014.1382  ESB-2014.1388  ESB-2014.1413  ESB-2014.1414  
ESB-2014.1422  ESB-2014.1434  ESB-2014.1435  ESB-2014.1446  ESB-2014.1464  ESB-2014.1485  ESB-2014.1527  ESB-2014.1532.2  ESB-2014.1617  ESB-2014.1643.2  ESB-2014.1649  
ESB-2014.1796  ASB-2014.0121  ESB-2014.1900  ESB-2014.1908  ESB-2014.2003  ESB-2014.2386  ESB-2015.0381  ESB-2015.0488  ESB-2015.1016  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.0887
                  OpenSSL Security Advisory [05 Jun 2014]
                                6 June 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           OpenSSL
Publisher:         OpenSSL
Operating System:  UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Access Privileged Data          -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
                   Provide Misleading Information  -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-3470 CVE-2014-0224 CVE-2014-0221
                   CVE-2014-0198 CVE-2014-0195 CVE-2014-0076
                   CVE-2010-5298  

Reference:         ESB-2014.0886
                   ESB-2014.0755
                   ESB-2014.0751
                   ESB-2014.0750
                   ESB-2014.0511
                   ESB-2014.0505
                   ESB-2014.0492.5

Original Bulletin: 
   http://www.openssl.org/news/secadv_20140605.txt

- --------------------------BEGIN INCLUDED TEXT--------------------

OpenSSL Security Advisory [05 Jun 2014]
========================================

SSL/TLS MITM vulnerability (CVE-2014-0224)
===========================================

An attacker using a carefully crafted handshake can force the use of weak
keying material in OpenSSL SSL/TLS clients and servers. This can be exploited
by a Man-in-the-middle (MITM) attack where the attacker can decrypt and 
modify traffic from the attacked client and server.

The attack can only be performed between a vulnerable client *and*
server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers
are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users
of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.

OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za.
OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m.
OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.

Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and
researching this issue.  This issue was reported to OpenSSL on 1st May
2014 via JPCERT/CC.

The fix was developed by Stephen Henson of the OpenSSL core team partly based
on an original patch from KIKUCHI Masashi.

DTLS recursion flaw (CVE-2014-0221)
====================================

By sending an invalid DTLS handshake to an OpenSSL DTLS client the code
can be made to recurse eventually crashing in a DoS attack.

Only applications using OpenSSL as a DTLS client are affected.

OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za
OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.

Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.  This
issue was reported to OpenSSL on 9th May 2014.

The fix was developed by Stephen Henson of the OpenSSL core team.

DTLS invalid fragment vulnerability (CVE-2014-0195)
====================================================

A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
run arbitrary code on a vulnerable client or server.

Only applications using OpenSSL as a DTLS client or server affected.

OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za
OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.

Thanks to Jüri Aedla for reporting this issue.  This issue was
reported to OpenSSL on 23rd April 2014 via HP ZDI.

The fix was developed by Stephen Henson of the OpenSSL core team.

SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)
=================================================================

A flaw in the do_ssl3_write function can allow remote attackers to
cause a denial of service via a NULL pointer dereference.  This flaw
only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is
enabled, which is not the default and not common.

OpenSSL 1.0.0 users should upgrade to 1.0.0m.
OpenSSL 1.0.1 users should upgrade to 1.0.1h.

This issue was reported in public.  The fix was developed by
Matt Caswell of the OpenSSL development team.

SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)
===============================================================================
 
A race condition in the ssl3_read_bytes function can allow remote
attackers to inject data across sessions or cause a denial of service.
This flaw only affects multithreaded applications using OpenSSL 1.0.0
and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the
default and not common.

OpenSSL 1.0.0 users should upgrade to 1.0.0m.
OpenSSL 1.0.1 users should upgrade to 1.0.1h.

This issue was reported in public.  

Anonymous ECDH denial of service (CVE-2014-3470)
================================================

OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a
denial of service attack.

OpenSSL 0.9.8 users should upgrade to 0.9.8za
OpenSSL 1.0.0 users should upgrade to 1.0.0m.
OpenSSL 1.0.1 users should upgrade to 1.0.1h.

Thanks to Felix Gröbert and Ivan Fratric at Google for discovering this
issue.  This issue was reported to OpenSSL on 28th May 2014.

The fix was developed by Stephen Henson of the OpenSSL core team.

Other issues
============

OpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for
CVE-2014-0076: Fix for the attack described in the paper "Recovering
OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
Reported by Yuval Yarom and Naomi Benger.  This issue was previously
fixed in OpenSSL 1.0.1g.


References
==========

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20140605.txt

Note: the online version of the advisory may be updated with additional
details over time.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBU5EOGBLndAQH1ShLAQIrlw/+L80TW724kcOTFVvwdF/LiIrFgNSsXC8i
ZGvh7LAOsoV4THsMY9BnfoQatQi4AVWgv2zEdoHwqRiCDiDdsF6ccwb+b1qnYHXg
8Qniam3+/kEQFEGSdss4gVts+Y/IOK9W+BjjeYK5MeufapW1OjAzT4vvCyJo2P6F
Q6tlPEK6E5O09TXz1VUVgGwXZvSnrPQfqHo+ldWb8HkXwrvYd17fW1WpkkQBYD3I
xTit/JXCEciZOPLmqkM5GH8nd7uTC5bTkevx7NVeu2uqhxitvkvR/AsFeZ/4TnUt
rXg2K+LCphqE+fmsHz00RfvS+JD7Oe66Q1GgR5fkWSB0VD9/twNK9yoqX21sDyjF
BHNfe5hZI8CqcFTHraUS0cEhPyh4YCy5HzafDaZV3vZrdK+06Iq/UdVaUSI0j5Jl
IzXSX1zyHbCgauGcyvk3esS2FN7YjhGYc+Y3rusjemzK42xlCcfOqDtNDX54Cc9M
j+u8Ot+TpcCElJ981YSyr6oyR68qfK4zWxo1aTeP7916kmpDw59MW4NHZJB6MEJB
gVDX/UDG8/ihsx6V8+6XMWpKHbHefqcFcOwVzL/yUiNbvt+hC82uEe6K/G3PZkhZ
7+A5qrV0yIoW7JsUARAuHx979xPeVCjNNSmPR6IiqcFgSZLX/aAGRfT6Xq+sXCHW
WwL1rhTjGXs=
=zoq6
-----END PGP SIGNATURE-----