[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[linux-security] ALERT: remote root exploit in openssl library
- To: linux-security
- Subject: [linux-security] ALERT: remote root exploit in openssl library
- From: Martin Siegert <siegert@sfu.ca>
- Date: Tue, 30 Jul 2002 12:01:39 -0700
- User-Agent: Mutt/1.4i
Topic
=====
buffer overflow in openssl library may lead to remote root exploit
Problem Description
===================
A security audit of the OpenSSL code found several buffer overflows in
OpenSSL which affect versions 0.9.7 and 0.9.6d and earlier:
1. The client master key in SSL2 could be oversized and overrun a
buffer. It has already been demonstrated that this vulnerability
is exploitable. Exploit code is NOT available at this time (yet).
2. The session ID supplied to a client in SSL3 could be oversized and
overrun a buffer.
3. The master key supplied to an SSL3 server could be oversized and
overrun a stack-based buffer. This issues only affects OpenSSL
0.9.7 before 0.9.7-beta3 with Kerberos enabled.
4. Various buffers for ASCII representations of integers were too
small on 64 bit platforms.
A large number of applications within all Linux distributions make use of
the OpenSSL library to provide SSL support. All users are therefore advised
to upgrade the OpenSSL packages to correct these vulnerabilities.
Affected Systems
================
all openssl versions 0.9.6d and earlier (and 0.9.7-beta2 and earlier 0.9.7
versions).
Solution
========
upgrade to openssl-0.9.6e (or patched version for your distribution)
RedHat 6.x
----------
rpm -Fvh openssl-0.9.5a-26.i386.rpm \
openssl-devel-0.9.5a-26.i386.rpm \
openssl-perl-0.9.5a-26.i386.rpm \
openssl-python-0.9.5a-26.i386.rpm
RedHat 7.0, 7.1
---------------
rpm -Fvh openssl-0.9.6-10.i386.rpm \
openssl-devel-0.9.6-10.i386.rpm \
openssl-perl-0.9.6-10.i386.rpm \
openssl-python-0.9.6-10.i386.rpm \
openssl095a-0.9.5a-14.i386.rpm
RedHat 7.2
----------
rpm -Fvh openssl-0.9.6b-24.<arch>.rpm \
openssl-devel-0.9.6b-24.i386.rpm \
openssl-perl-0.9.6b-24.i386.rpm \
openssl096-0.9.6-9.i386.rpm \
openssl095a-0.9.5a-14.i386.rpm
where <arch> is either i386 or i686
RedHat 7.3
----------
rpm -Fvh openssl-0.9.6b-24.<arch>.rpm \
openssl-devel-0.9.6b-24.i386.rpm \
openssl-perl-0.9.6b-24.i386.rpm \
openssl095a-0.9.5a-14.i386.rpm \
openssl096-0.9.6-9.i386.rpm
where <arch> is either i386 or i686
Debian 3.0 (woody)
-------------------
upgrade to ssleay_0.9.6c-2.woody.0_all.deb
openssl_0.9.6c-2.woody.0_i386.deb
libssl09_0.9.4-6.woody.0_i386.deb
libssl0.9.6_0.9.6c-2.woody.0_i386.deb
libssl-dev_0.9.6c-2.woody.0_i386.deb
libssl095a_0.9.5a-6.woody.0_i386.deb