[SECURITY-L] NISCC Vulnerability Advisory 006489/OpenSSL

[Security Team - UNICAMP]

----- Forwarded message from Nelson Murilo <nelson em pangeia.com.br> -----

From: Nelson Murilo <nelson em pangeia.com.br>
Subject: [S] NISCC Vulnerability Advisory 006489/OpenSSL
To: seguranca em pangeia.com.br
Date: Tue, 30 Sep 2003 20:32:55 -0300


[http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm]

NISCC Vulnerability Advisory 006489/OpenSSL

Vulnerability Issues in OpenSSL

Version Information

Advisory Reference 006489/OpenSSL 
Release Date 30 September 2003 
Last Revision 30 September 2003 
Version Number 1.1 
 
What is Affected?

All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all versions 
of SSLeay. (SSLeay is no longer maintained.)

Severity

Three specific vulnerabilities have been discovered in the OpenSSL libraries. 
Two of these could allow a Denial of Service attack, the third may result in an attacker being able to execute malicious code under certain conditions.

Summary

During 2002 the University of Oulu Security Programming Group (OUSPG) discovered a number of implementation specific vulnerabilities in the Simple Network Management Protocol (SNMP). NISCC has performed and commissioned further work to identify implementation specific vulnerabilities in related protocols that are vital to the UK Critical National Infrastructure (CNI). The OpenSSL implementation of the TLS (Transport Layer Security) and SSL (Secure Sockets Layer) protocols, which add communications protection to a range of Internet protocols, has been studied in this context.

NISCC has provided a test suite to the OpenSSL project. The OpenSSL development team has utilised the test suite to determine whether their product is vulnerable. Three specific vulnerabilities have been identified. The codebase has been updated to address the issues found.

Details

OpenSSL is an open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a general purpose cryptography library.

The vulnerabilities described in this advisory affect the OpenSSL implementation of the TLS and SSL protocols, which are typically used to provide security services to a range of Internet application protocols and in support of web and email applications.

TLS and SSL are intermediate protocols layered onto a TCP connection used to provide additional security to higher level protocols. These higher level protocols, particularly application protocols such as web services or email, may be layered on top of a TLS/SSL connection.

TLS is based on SSL v3, and although the two are not interoperable, implementations of TLS v1 are likely to support SSL v3. For the purpose of this discussion the two will be considered equivalent. TLS and SSL are not Abstract Syntax Notation One (ASN.1) based protocols and define their own presentation language as part of the TLS/SSL specification. However, they do depend on a number of ASN.1 objects used as part of the protocol exchange.

For example, if one of the parties involved in a TLS/SSL connection sends an ASN.1 element that cannot be handled properly, the behaviour of the receiving application may be unpredictable. It has been found that a vulnerability can arise where one of the parties generates an exceptional ASN.1 element as part of a client certificate. A Denial of Service may arise in the receiving application, or there may be an opportunity for further exploitation.

Vendor specific information will be released as it becomes available and if vendor permission has been received. Subscribers are advised to check the following URL regularly for updates:

http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm

[Please note that updates to this advisory will not be notified by email.]

The identified vulnerabilities (complete with CVE names) are as follows:

NISCC/006489/OpenSSL/1 [OpenSSL 0.9.6 and 0.9.7]
CAN-2003-0543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543
CAN-2003-0544 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544
An unusual ASN.1 tag value can cause an out of bounds read under certain circumstances resulting in a Denial of Service condition.

NISCC/006489/OpenSSL/2 [OpenSSL 0.9.6 and 0.9.7]
[No CVE name]
An invalid public key in a certificate will crash the verify code if it is set to ignore all errors. This is only done for debugging purposes and is not present in production code. Successful exploitation would result in a Denial of Service condition.

NISCC/006490/OpenSSL/3 [OpenSSL 0.9.7]
CAN-2003-0545 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545
Certain ASN.1 structures which are rejected as invalid by the parser result in part of the corresponding structure being freed up incorrectly. In theory exploitation of this vulnerability could result in an attacker being able to execute malicious code.



Solution

Please refer to the Vendor Information section of this advisory for implementation specific remediation.

These vulnerabilities have been fixed in OpenSSL 0.9.7c and 0.9.6k, available from the OpenSSL web site at:

http://www.openssl.org/news/secadv_20030930.txt

[OpenSSL was analysed by Stephen Henson, a member of the OpenSSL core team (steve em openssl.org). Stephen has also produced the patches to address the issues identified.]



Vendor Information 

The following vendors have provided information about how their products are affected by these vulnerabilities. 

Apple 
"Vulnerable. This is fixed in Mac OS X 10.2.8 which is available from http://www.apple.com/support/." 

Hewlett-Packard 
"At the time of writing this document, HP is investigating the potential impact to HP's optional software products. As further information becomes available HP will provide notice of the availability of necessary patches through the standard security bulletin announcements and through your normal HP Services support channel. 



HP-UX - not impacted
HP Tru64 Unix - not impacted
HP NonStop Servers - not impacted" 

Nortel Networks 
"Nortel Networks products incorporating TLS/SSL enabled web servers are not configured to accept or require client authentication; accordingly they are Not Impacted by this vulnerability. Nortel Networks will apply available third-party patches to future product releases or Maintenance Releases." 



Red Hat 
"Red Hat distributes OpenSSL 0.9.6 in various Red Hat Linux distributions and with the Stronghold secure web server. Updated packages which contain backported patches for these issues are available along with our advisories at the URL below. Users of the Red Hat Network will be able to update their systems using the 'up2date' tool. 

Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2003-293.html 
Red Hat Linux 7.1, 7.2, 7.3, 8.0: http://rhn.redhat.com/errata/RHSA-2003-291.html 
Stronghold 4 cross-platform: http://rhn.redhat.com/errata/RHSA-2003-290.html 

Red Hat distributes OpenSSL 0.9.7 in Red Hat Linux 9. Updated packages which contain backported patches for these issues are available along with our advisory at the URL below. Users of the Red Hat Network will be able to update their systems using the 'up2date' tool. 

Red Hat Linux 9: http://rhn.redhat.com/errata/RHSA-2003-292.html" 



Contact Information

The NISCC Vulnerability Management Team can be contacted as follows:


Email vulteam em niscc.gov.uk 
(Please quote the advisory reference in the subject line.) 
Telephone +44 (0)20 7821 1330 Extension 4511 
(Monday to Friday 08:30 - 17:00) 
Fax +44 (0)20 7821 1686 
Post Vulnerability Management Team
NISCC
PO Box 832
London
SW1P 1BG 


We encourage those who wish to communicate via email to make use of our PGP key. This is available from http://www.uniras.gov.uk/UNIRAS.asc.

Please note that UK government protectively marked material should not be sent to the email address above.

If you wish to be added to our email distribution list, please email your request to uniras em niscc.gov.uk.



What is NISCC?

For further information regarding the UK National Infrastructure Security Co-Ordination Centre, please visit the NISCC web site at: 
http://www.niscc.gov.uk/aboutniscc/index.htm

Reference to any specific commercial product, process or service by trade name, trademark manufacturer or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by NISCC. The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes.

Neither shall NISCC accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this notice.

© 2003 Crown Copyright

Revision History 

September 30, 2003: Initial release
September 30, 2003: Added Nortel impact statement

<End of NISCC Vulnerability Advisory>


----- End forwarded message -----