OpenSSL Security Advisory [30 September 2003] Vulnerabilities in ASN.1 parsing ================================ NISCC (www.niscc.gov.uk) prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificates. Dr Stephen Henson (steve@openssl.org) of the OpenSSL core team identified and prepared fixes for a number of vulnerabilities in the OpenSSL ASN1 code when running the test suite. A bug in OpenSSLs SSL/TLS protocol was also identified which causes OpenSSL to parse a client certificate from an SSL/TLS client when it should reject it as a protocol error. Vulnerabilities --------------- 1. Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure, corrupting the stack. This can be used as a denial of service attack. It is currently unknown whether this can be exploited to run malicious code. This issue does not affect OpenSSL 0.9.6. 2. Unusual ASN.1 tag values can cause an out of bounds read under certain circumstances, resulting in a denial of service vulnerability. 3. A malformed public key in a certificate will crash the verify code if it is set to ignore public key decoding errors. Public key decode errors are not normally ignored, except for debugging purposes, so this is unlikely to affect production code. Exploitation of an affected application would result in a denial of service vulnerability. 4. Due to an error in the SSL/TLS protocol handling, a server will parse a client certificate when one is not specifically requested. This by itself is not strictly speaking a vulnerability but it does mean that *all* SSL/TLS servers that use OpenSSL can be attacked using vulnerabilities 1, 2 and 3 even if they don't enable client authentication. Who is affected? ---------------- All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all versions of SSLeay are affected. Any application that makes use of OpenSSL's ASN1 library to parse untrusted data. This includes all SSL or TLS applications, those using S/MIME (PKCS#7) or certificate generation routines. Recommendations --------------- Upgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications statically linked to OpenSSL libraries. References ---------- The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0545 for issue 1: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545 and CAN-2003-0543 and CAN-2003-0544 for issue 2: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544 URL for this Security Advisory: http://www.openssl.org/news/secadv_20030930.txt
*** Bug 29999 has been marked as a duplicate of this bug. ***
New ebuilds in portage.. Please test.
GMSoft of the hppa herd confirmed that openssl 0.9.7c compiles and links fine and he plans to mark stable if now error show up in the new few days. -------------------------------------- Kumba verified that openssl compiles and links fine on sparc64 (but fails with -fstack-protector enabled sparc32 & sparc64) -------------------------------------- <rac> solar: openssl 0.9.7c works on amd64 - i can restart sshd and login via ssh afterwards I requested that rac mark openssl stable for amd64 when he feels its ready. -------------------------------------- <bazik> solar: oh btw, my cflags are CFLAGS="-mcpu=ultrasparc -mtune=ultrasparc -O3 -pipe -fomit-frame-pointer" verified works on sparc without fstack-protector. --------------------------------------
*** Bug 30043 has been marked as a duplicate of this bug. ***
GENTOO LINUX SECURITY ANNOUNCEMENT 200309-19 was sent to gentoo-announce@gentoo.org, bugtraq@securityfocus.com, full-disclosure@lists.netsys.com changing resolution to FIXED
changing resolution to FIXED again.
