Alert GCSA-07105 - Vulnerabilita' in OpenSSL
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-07105
Data : 23 ottobre 2007
Titolo : Vulnerabilita' in OpenSSL
******************************************************************
:: Descrizione del problema
Sono state scoperte due vulnerabilita' in OpenSSL:
* nell'implementazione del protocollo DTLS esiste un difetto
che puo' portare alla compromissione di client e server
che abbiano DTLS abilitato.
La vulnerabilita' non coivolge i protocolli SSL e TLS,
sono esposti unicamente i client e i server che usano
esplicitamente DTLS.
* esite un difetto di tipo 'off-by-one error' nella funzione
SSL_get_shared_ciphers().
:: Piattaforme e Software interessati
OpenSSL tutte le versioni 0.9.7 precedenti alla 0.9.7m
OpenSSL tutte le versioni 0.9.8 precedenti alla 0.9.8f
:: Impatto
Remote code execution
:: Soluzioni
a) disabilitare DTLS e non utilizzare la funzione
SSL_get_shared_ciphers().
oppure
b) Aggiornare OpenSSL alla versione 0.9.8f ed eseguire il
rebuild di tutti i package che utilizzano OpenSSL per DTLS.
NOTA: il 19-Oct-2007 e' stata rilasciata una ulteriore
versione del prodotto (0.9.8g)
http://www.openssl.org/news/
http://www.openssl.org/source/
:: Riferimenti
OpenSSL Security Advisory
http://www.openssl.org/news/secadv_20071012.txt
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135
FrSIRT
http://www.frsirt.com/english/advisories/2006/3820
Secunia
http://secunia.com/advisories/22130
Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/25831
CIAC Advisory
http://www.ciac.org/ciac/bulletins/s-001.shtml
Red Hat Security Advisory
http://rhn.redhat.com/errata/RHSA-2007-0964.html
http://rhn.redhat.com/errata/RHSA-2007-0813.html
Fedora Core 6 Update
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00218.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00263.html
Ubuntu Security Notice
http://www.ubuntu.com/usn/usn-534-1
http://www.ubuntu.com/usn/usn-522-1
FreeBSD Security Advisory
http://security.freebsd.org/advisories/FreeBSD-SA-07:08.openssl.asc
rPath Security Advisory
http://lists.rpath.com/pipermail/security-announce/2007-October/000259.html
Gentoo Linux Security Advisory
http://www.gentoo.org/security/en/glsa/glsa-200710-06.xml
Mandriva Linux Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:193
Debian Security Advisory
http://www.debian.org/security/2007/dsa-1379
HP-UX
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958
-----BEGIN PGP SIGNATURE-----
iQCVAwUBRx3+q/OB+SpikaiRAQJYjAP/RjnP6cn37JzM9uXy0S/qvrpItdlfzV8O
7o0CYX0AC8LhYd+GZlVspFyQRdcXJ1sZ4BwD5CUyOMYQJJh3khMQ2lgccc8kRl0r
usITxTUtGDI0n/DSrtIIX5yf8wnkqY8fpjZ1cd5jVUulO51F5SxSd49urKKNMDo0
uoCL76iRUpw=
=DxQY
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-07105
Data : 23 ottobre 2007
Titolo : Vulnerabilita' in OpenSSL
******************************************************************
:: Descrizione del problema
Sono state scoperte due vulnerabilita' in OpenSSL:
* nell'implementazione del protocollo DTLS esiste un difetto
che puo' portare alla compromissione di client e server
che abbiano DTLS abilitato.
La vulnerabilita' non coivolge i protocolli SSL e TLS,
sono esposti unicamente i client e i server che usano
esplicitamente DTLS.
* esite un difetto di tipo 'off-by-one error' nella funzione
SSL_get_shared_ciphers().
:: Piattaforme e Software interessati
OpenSSL tutte le versioni 0.9.7 precedenti alla 0.9.7m
OpenSSL tutte le versioni 0.9.8 precedenti alla 0.9.8f
:: Impatto
Remote code execution
:: Soluzioni
a) disabilitare DTLS e non utilizzare la funzione
SSL_get_shared_ciphers().
oppure
b) Aggiornare OpenSSL alla versione 0.9.8f ed eseguire il
rebuild di tutti i package che utilizzano OpenSSL per DTLS.
NOTA: il 19-Oct-2007 e' stata rilasciata una ulteriore
versione del prodotto (0.9.8g)
http://www.openssl.org/news/
http://www.openssl.org/source/
:: Riferimenti
OpenSSL Security Advisory
http://www.openssl.org/news/secadv_20071012.txt
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135
FrSIRT
http://www.frsirt.com/english/advisories/2006/3820
Secunia
http://secunia.com/advisories/22130
Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/25831
CIAC Advisory
http://www.ciac.org/ciac/bulletins/s-001.shtml
Red Hat Security Advisory
http://rhn.redhat.com/errata/RHSA-2007-0964.html
http://rhn.redhat.com/errata/RHSA-2007-0813.html
Fedora Core 6 Update
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00218.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00263.html
Ubuntu Security Notice
http://www.ubuntu.com/usn/usn-534-1
http://www.ubuntu.com/usn/usn-522-1
FreeBSD Security Advisory
http://security.freebsd.org/advisories/FreeBSD-SA-07:08.openssl.asc
rPath Security Advisory
http://lists.rpath.com/pipermail/security-announce/2007-October/000259.html
Gentoo Linux Security Advisory
http://www.gentoo.org/security/en/glsa/glsa-200710-06.xml
Mandriva Linux Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:193
Debian Security Advisory
http://www.debian.org/security/2007/dsa-1379
HP-UX
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958
-----BEGIN PGP SIGNATURE-----
iQCVAwUBRx3+q/OB+SpikaiRAQJYjAP/RjnP6cn37JzM9uXy0S/qvrpItdlfzV8O
7o0CYX0AC8LhYd+GZlVspFyQRdcXJ1sZ4BwD5CUyOMYQJJh3khMQ2lgccc8kRl0r
usITxTUtGDI0n/DSrtIIX5yf8wnkqY8fpjZ1cd5jVUulO51F5SxSd49urKKNMDo0
uoCL76iRUpw=
=DxQY
-----END PGP SIGNATURE-----