Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 145510 - dev-libs/openssl: Multiple issues (CVE-2006-3738)
Summary: dev-libs/openssl: Multiple issues (CVE-2006-3738)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High critical (vote)
Assignee: Gentoo Security
URL: http://www.openssl.org/news/secadv_20...
Whiteboard: A1 [glsa] Falco
Keywords:
Depends on:
Blocks: 148654
  Show dependency tree
 
Reported: 2006-08-29 11:53 UTC by Sune Kloppenborg Jeppesen
Modified: 2019-12-28 12:34 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
openssl-goo-sec.diff (openssl-goo-sec.diff,1.43 KB, patch)
2006-08-29 12:09 UTC, Sune Kloppenborg Jeppesen
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen gentoo-dev 2006-08-29 11:53:16 UTC
Hi there, a review of openssl-0.9.8a revealed some security issues.

A buffer overflow exists in the SSL_get_shared_ciphers() utility
function, used to generate human readable strings from the list of
shared ciphers supported on an SSL connection. A web search suggests
at least exim, mysql, openssl(1) and psybnc are using this function
and may be affected.

char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len) {
...
 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
   {
   /* Decrement for either the ':' or a '\0' */
   len--;                        <------------ b
   c=sk_SSL_CIPHER_value(sk,i);
   for (cp=c->name; *cp; )
     {
     if (len-- == 0)          <------------ a
       {
       *p='\0';
       return(buf);
       }
     else
       *(p++)= *(cp++);
     }
   *(p++)=':';
   }
 p[-1]='\0';
 return(buf);
 }

In the code above, if at the location marked a `len` is 1, len will be
decremented to zero, a character will be copied to the destination
buffer and then at location b len will be decremented again to -1, and
thus not satisfying the end condition `len == 0`.

An attacker could send a list of ciphers (you can send a long list of
the same cipher to pad up to the boundary) and then by careful
selection of the final ciphers overrun the buffer with data. Although
it wouldnt be easy (as you have to choose from the characters in the
list of available ciphers, or ':', or '\0'), this is clearly going to
be exploitable in some situations.

A denial of service was discovered in the sslv2 client code, where a
missing check for NULL could allow a malicious ssl server to crash a
connecting client.

The following perl command can be used to reproduce this issue,
followed by `wget https://localhost/`

# perl -e 'print "\x80\xec\x04\x4d\x00\x00\x02","\x00"x"5","A"x"512"'
| nc -lp 443


If there are no objections I'll suggest 5th September as an embargo date.

Please credit "Tavis Ormandy and Will Drewry, Google Security Team" in
any advisories relating to these issues.

Thanks, Tavis.
Comment 1 Sune Kloppenborg Jeppesen gentoo-dev 2006-08-29 12:09:18 UTC
Created attachment 95404 [details, diff]
openssl-goo-sec.diff
Comment 2 SpanKY gentoo-dev 2006-08-30 07:49:32 UTC
0.9.7j is affected as well (we dont have 0.9.8x in ~arch yet)
Comment 3 Sune Kloppenborg Jeppesen gentoo-dev 2006-09-13 23:41:20 UTC
SpanKY do we want pretesting of this one or are we waiting for an upstream release?
Comment 4 SpanKY gentoo-dev 2006-09-18 07:15:44 UTC
is upstream aware of the issue ?  i havent contacted them at all
Comment 5 Sune Kloppenborg Jeppesen gentoo-dev 2006-09-18 20:54:07 UTC
Upstream is informed about the issue.
Comment 6 SpanKY gentoo-dev 2006-09-28 06:47:07 UTC
openssl-0.9.7l and openssl-0.9.8d in portage
Comment 7 Matthias Geerdsen (RETIRED) gentoo-dev 2006-09-28 07:25:11 UTC
advisory public at http://www.openssl.org/news/secadv_20060928.txt

arches, please test and mark stable if possible...
Comment 8 Chris Gianelloni (RETIRED) gentoo-dev 2006-09-28 08:54:57 UTC
Which? 7j or 8d? or both?
Comment 9 Chris Gianelloni (RETIRED) gentoo-dev 2006-09-28 09:04:17 UTC
err... 7l... not 7j...
Comment 10 SpanKY gentoo-dev 2006-09-28 09:12:49 UTC
ideally you'd do both
Comment 11 Bo Ørsted Andresen (RETIRED) gentoo-dev 2006-09-28 09:34:56 UTC
I have tested:
dev-libs/openssl-0.9.7l USE="test zlib -bindist -emacs (-sse2%*)"
dev-libs/openssl-0.9.8d USE="sse2 test zlib -bindist -emacs":

The following applies to both of them:
1) emerges fine
2) passes test suite
3) passes collision test
4) works with openssh

Gentoo Base System version 1.12.5
Portage 2.1.1 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.4-r3, 2.6.17-suspend2-r5 i686)
=================================================================
System uname: 2.6.17-suspend2-r5 i686 Intel(R) Pentium(R) M processor 1600MHz
Last Sync: Thu, 28 Sep 2006 00:00:08 +0000
ccache version 2.3 [enabled]
app-admin/eselect-compiler: [Not Present]
dev-java/java-config: 1.3.7, 2.0.30
dev-lang/python:     2.4.3-r4
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache:     2.3
dev-util/confcache:  [Not Present]
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.59-r7
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2
sys-devel/binutils:  2.16.1-r3
sys-devel/gcc-config: 1.3.13-r3
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.17-r1
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-march=pentium-m -Os -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/splash /etc/terminfo"
CXXFLAGS="-march=pentium-m -Os -pipe"
DISTDIR="/opt/distfiles"
FEATURES="autoconfig buildpkg ccache collision-protect distlocks fixpackages metadata-transfer parallel-fetch sandbox sfperms splitdebug strict test userfetch"
GENTOO_MIRRORS="http://mirror.uni-c.dk/pub/gentoo http://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo"
LC_ALL="en_GB.utf8"
LINGUAS="da en en_GB"
MAKEOPTS="-j2"
PKGDIR="/opt/packages"
PORTAGE_RSYNC_EXTRA_OPTS="--timeout=60"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://zlin.dk/gentoo-portage"
USE="x86 X aac acpi alsa asf bash-completion berkdb bitmap-fonts bluetooth bzip2 cairo cdr cli crypt css cups dlloader dri dvd dvdr elibc_glibc emboss encode fam fat fbcon ffmpeg firefox flac fortran gdbm gif gphoto2 gpm i8x0 ieee1394 imagemagick input_devices_evdev input_devices_keyboard input_devices_mouse input_devices_synaptics input_devices_void irda irmc isdnlog jfs jpeg kde kdehiddenvisibility kernel_linux lcd libg++ linguas_da linguas_en linguas_en_GB logitech-mouse mad mikmod mmx mmxext mp3 mpeg mplayer msn ncurses nls nptl nptlonly nsplugin ntfs ogg opengl pam pcre pdf perl png ppds pppd python qt3 quicktime readline real reflection reiser4 reiserfs scanner sdl session slp spell spl sse sse2 ssl subversion svg svga syslog tcpd test tetex tiff truetype truetype-fonts type1-fonts udev unicode usb userland_GNU vcd video_cards_fbdev video_cards_fglrx video_cards_i810 video_cards_radeon video_cards_vesa vim vorbis wifi win32codecs xcomposite xfs xine xml xorg xscreensaver xv xvid zlib"
Unset:  CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LDFLAGS
Comment 12 Brent Baude (RETIRED) gentoo-dev 2006-09-28 09:42:28 UTC
Marked openssl-0.9.7l ppc64 stable; have to check with corsair about 8d.
Comment 13 Christoph Mende (RETIRED) gentoo-dev 2006-09-28 09:43:54 UTC
dev-libs/openssl-0.9.8d:
- emerges fine on amd64
- passes collision-protect
- passes multilib-strict
- passes test suite
- works (tried wget, openssh)

dev-libs/openssl-0.9.7l
- emerges fine on amd64
- passes collision-protect
- passes multilib-strict
- passes test suite
- wget works, but openssh failed to compile against it:
checking for dlopen in -ldl... no
checking for pam_set_item in -lpam... no
configure: error: *** libpam missing

Portage 2.1.1-r1 (default-linux/amd64/2006.1/desktop, gcc-4.1.1, glibc-2.4-r3, 2.6.18-ck1 x86_64)
=================================================================
System uname: 2.6.18-ck1 x86_64 AMD Athlon(tm) 64 Processor 3000+
Gentoo Base System version 1.12.5
Last Sync: Thu, 28 Sep 2006 15:20:01 +0000
app-admin/eselect-compiler: [Not Present]
dev-java/java-config: [Not Present]
dev-lang/python:     2.4.3-r4
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache:     [Not Present]
dev-util/confcache:  [Not Present]
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.59-r7
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2
sys-devel/binutils:  2.16.1-r3
sys-devel/gcc-config: 1.3.13-r3
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="amd64"
AUTOCLEAN="yes"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=k8 -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/X11/xkb"
CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo"
CXXFLAGS="-march=k8 -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig ccache collision-protect distlocks metadata-transfer multilib-strict parallel-fetch sandbox sfperms strict test"
GENTOO_MIRRORS="ftp://linux.rz.ruhr-uni-bochum.de/gentoo-mirror/ ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ ftp://ftp.gentoo.mesh-solutions.com/gentoo/ ftp://pandemonium.tiscali.de/pub/gentoo/ "
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_EXTRA_OPTS="--exclude-from=/etc/portage/rsync_excludes"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="amd64 X a52 aac acpi alsa amr avi berkdb bitmap-fonts branding bzip2 cairo cdinstall cdparanoia cdr cli crypt cups dbus divx dlloader dri dvd dvdr dvdread elibc_glibc emboss encode expat fam firefox foomaticdb fortran gdbm gif glut gnutls gpm gstreamer gtk gtk2 hal imagemagick input_devices_evdev input_devices_keyboard isdnlog jpeg kernel_linux lcms ldap libg++ lirc lirc_devices_inputlirc logrotate mad mikmod mng mp3 mpeg musicbrainz ncurses nls nptl nptlonly offensive ogg opengl pam pcre pdflib php png ppds pppd quicktime readline reflection reiserfs rtc sdl session socks5 spl ssl svg symlink tcpd tiff truetype truetype-fonts type1-fonts udev unicode userland_GNU userlocales v4l v4l2 video_cards_fglrx video_cards_radeon vim-with-x vorbis wmp x264 xfs xine xinerama xml xorg xv xvid zlib"
Unset:  CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY
Comment 14 Chris Gianelloni (RETIRED) gentoo-dev 2006-09-28 11:12:11 UTC
Stable on amd64/x86.. thanks AT's!
Comment 15 Jason Wever (RETIRED) gentoo-dev 2006-09-28 11:31:17 UTC
SPARC stable on both versions.
Comment 16 Gustavo Zacarias (RETIRED) gentoo-dev 2006-09-28 14:59:02 UTC
hppa stable on both, 0.9.8d looks sane, otherwise... shoot me.
Comment 17 Tobias Scherbaum (RETIRED) gentoo-dev 2006-09-28 15:09:31 UTC
ppc stable
Comment 18 Markus Rothe (RETIRED) gentoo-dev 2006-09-28 22:23:38 UTC
as ranger said in comment #12 he marked 0.9.7l stable on ppc64. For now we (ppc64) will stick with 0.9.7 series until last issues with .8 are fixed (toolchain specific).

removing ppc64 from CC.
Comment 19 Fernando J. Pereda (RETIRED) gentoo-dev 2006-09-30 15:04:59 UTC
Done for alpha.
Comment 20 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-10-13 08:30:09 UTC
errr.... what about app-emulation/emul-linux-x86-baselibs? CCing amd64@
Comment 21 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-10-16 02:19:44 UTC
is app-emulation/emul-linux-x86-baselibs also vulnerable to these issues ?

The last time we upgraded openssl for a security reason, emul-linux-x86-baselibs was also concerned.
Comment 22 Simon Stelling (RETIRED) gentoo-dev 2006-10-16 02:35:29 UTC
Latest stable baselibs contains dev-libs/openssl-0.9.8c, so yes, we're vulnerable.  Herbs is working on this already, AFAIK.
Comment 23 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-10-17 01:03:15 UTC
OK thank you. I update the glsa draft and we'll wait until this package is updated before sending it.
Comment 24 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-10-20 01:05:30 UTC
Ping Herbs / amd64 team ? Tell me if this will be long, thus we will probably send a GLSA for openssl only without app-emulation/emul-linux-x86-baselibs, thanks
Comment 25 Simon Stelling (RETIRED) gentoo-dev 2006-10-24 02:40:44 UTC
(In reply to comment #24)
> Ping Herbs / amd64 team ? Tell me if this will be long, thus we will probably
> send a GLSA for openssl only without app-emulation/emul-linux-x86-baselibs,

I think we will need a seperate GLSA. I repeatedly tried to ping Herbs without success, but for this update a whole bunch of other libs included in the emul-packages must be rebuilt, so this is not a trivial change which I'd rather let Herbs do.
Comment 26 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-10-24 03:02:13 UTC
> 
> I think we will need a seperate GLSA. I repeatedly tried to ping Herbs without
> success, but for this update a whole bunch of other libs included in the
> emul-packages must be rebuilt, so this is not a trivial change which I'd rather
> let Herbs do.
> 

OK. I open a new bug to handle emul-linux-x86-baselibs.
Comment 27 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-10-26 15:14:15 UTC
GLSA 200610-11