From technical-alerts@us-cert.gov Fri Mar 19 01:34:52 2004 From: US-CERT Technical Alerts To: technical-alerts@us-cert.gov Date: Thu, 18 Mar 2004 17:30:15 -0500 Subject: US-CERT Technical Cyber Security Alert TA04-078A -- Multiple Vulnerabilities in OpenSSL -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Technical Cyber Security Alert TA04-078A Multiple Vulnerabilities in OpenSSL Original release date: March 18, 2004 Last revised: -- Source: US-CERT Systems Affected * Applications and systems that use the OpenSSL SSL/TLS library Overview Several vulnerabilities in the OpenSSL SSL/TLS library could allow an unauthenticated, remote attacker to cause a denial of service. I. Description OpenSSL implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols and includes a general purpose cryptographic library. SSL and TLS are commonly used to provide authentication, encryption, integrity, and non-repudiation services to network applications including HTTP, IMAP, POP3, SMTP, and LDAP. OpenSSL is widely deployed across a variety of platforms and systems. In particular, many routers and other types of networking equipment use OpenSSL. The U.K. National Infrastructure Security Co-ordination Centre (NISCC) and the OpenSSL Project have reported three vulnerabilities in the OpenSSL SSL/TLS library (libssl). Any application or system that uses this library may be affected. VU#288574 - OpenSSL contains null-pointer assignment in do_change_cipher_spec() function Versions of OpenSSL from 0.9.6c to 0.9.6k inclusive and 0.9.7a to 0.9.7c inclusive contain a null-pointer assignment in the do_change_cipher_spec() function. By performing a specially crafted SSL/TLS handshake, an attacker could cause OpenSSL to crash, which may result in a denial of service in the target application. (Other resources: OpenSSL Security Advisory (1.), CAN-2004-0079, NISCC/224012/OpenSSL/1) VU#484726 - OpenSSL does not adequately validate length of Kerberos tickets during SSL/TLS handshake Versions 0.9.7a, 0.9.7b, and 0.9.7c of OpenSSL do not adequately validate the length of Kerberos tickets (RFC 2712) during an SSL/TLS handshake. OpenSSL is not configured to use Kerberos by default. By performing a specially crafted SSL/TLS handshake with an OpenSSL system configured to use Kerberos, an attacker could cause OpenSSL to crash, which may result in a denial of service in the target application. OpenSSL 0.9.6 is not affected. (Other resources: OpenSSL Security Advisory (2.), CAN-2004-0112, NISCC/224012/OpenSSL/2) VU#465542 - OpenSSL does not properly handle unknown message types OpenSSL prior to version 0.9.6d does not properly handle unknown SSL/TLS message types. An attacker could cause the application using OpenSSL to enter an infinite loop, which may result in a denial of service in the target application. OpenSSL 0.9.7 is not affected. (Other resources: CAN-2004-0081, NISCC/224012/OpenSSL/3) II. Impact An unauthenticated, remote attacker could cause a denial of service in any application or system that uses a vulnerable OpenSSL SSL/TLS library. III. Solution Upgrade or Apply a patch from your vendor Upgrade to OpenSSL 0.9.6m or 0.9.7d. Alternatively, upgrade or apply a patch as specified by your vendor. Note that it is necessary to recompile any applications that are statically linked to the OpenSSL SSL/TLS library. Appendix A. Vendor Information Multiple vendors are affected by different combinations of these vulnerabilities. For updated information, please see the Systems Affected sections of VU#288574, VU#484726, and VU#465542. Appendix B. References * US-CERT Technical Cyber Security Alert TA04-078A - * Vulnerability Note VU#288574 - * Vulnerability Note VU#484726 - * Vulnerability Note VU#465542 - * OpenSSL Security Advisory [17 March 2004] - * NISCC Vulnerability Advisory 224012 - * RFC 2712 Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) - _________________________________________________________________ These vulnerabilities were researched and reported by the OpenSSL Project and the U.K. National Infrastructure Security Co-ordination Centre (NISCC). _________________________________________________________________ Feedback can be directed to the authors: Art Manion and Damon Morda. _________________________________________________________________ Copyright 2004 Carnegie Mellon University. Terms of use. Revision History March 18, 2004: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFAWiHMXlvNRxAkFWARAvBKAJ4zD2uh0dqSXy4CjyPphrJlcpAD/QCfZASx PLs+5hkNGzVPGQF08K2kPj0= =Lxfo -----END PGP SIGNATURE-----