From owner-freebsd-security@FreeBSD.ORG Thu Sep 28 18:24:47 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A7B716A4C9 for ; Thu, 28 Sep 2006 18:24:47 +0000 (UTC) (envelope-from jllewellyn@twelvehorses.com) Received: from gozer.thtoolbox.com (gozer.thtoolbox.com [208.39.234.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8CAA643D78 for ; Thu, 28 Sep 2006 18:24:35 +0000 (GMT) (envelope-from jllewellyn@twelvehorses.com) Received: from jrlcompaq ([192.168.0.184]) by gozer.thtoolbox.com (8.13.1/8.13.1) with ESMTP id k8SIOOf2000650 for ; Thu, 28 Sep 2006 12:24:24 -0600 From: "John Llewellyn" To: Date: Thu, 28 Sep 2006 12:24:02 -0600 Message-ID: <004c01c6e32b$46227500$b800a8c0@jrlcompaq> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 Thread-Index: AcbjASOy6sBPVvpxR2GRmF71X4POrgAKPc+A X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 In-reply-to: <200609281313.k8SDDsxS040087@freefall.freebsd.org> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.6 (gozer.thtoolbox.com [192.168.0.140]); Thu, 28 Sep 2006 12:24:24 -0600 (MDT) X-Virus-Scanned: ClamAV 0.88.4/1948/Wed Sep 27 10:03:03 2006 on gozer.thtoolbox.com X-Virus-Status: Clean X-Spam-Status: No, score=-1.3 required=5.0 tests=ALL_TRUSTED,AWL autolearn=ham version=3.1.5 X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on gozer.thtoolbox.com Subject: RE: FreeBSD Security Advisory FreeBSD-SA-06:23.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Sep 2006 18:24:47 -0000 Hi, In the openssl advisory, you mention that: > An attacker accessing a server which uses SSL version 2 may be able to execute arbitrary > code with the privileges of that server. [CVE-2006-3738] The description of CVE-2006-3738 in the advisory from openssl.org (http://www.openssl.org/news/secadv_20060928.txt) does not mention SSLv2. Can you confirm whether this flaw only affects servers with SSLv2 enabled? Thanks in advance, John Llewellyn -----Original Message----- From: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-security@freebsd.org] On Behalf Of FreeBSD Security Advisories Sent: Thursday, September 28, 2006 7:14 AM To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-06:23.openssl -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================ = FreeBSD-SA-06:23.openssl Security Advisory The FreeBSD Project Topic: Multiple problems in crypto(3) Category: contrib Module: openssl Announced: 2006-09-28 Credits: Dr S N Henson, Tavis Ormandy, Will Drewry Affects: All FreeBSD releases. Corrected: 2006-09-28 13:02:37 UTC (RELENG_6, 6.1-PRERELEASE) 2006-09-28 13:03:14 UTC (RELENG_6_1, 6.1-RELEASE-p8) 2006-09-28 13:03:41 UTC (RELENG_6_0, 6.0-RELEASE-p13) 2006-09-28 13:03:57 UTC (RELENG_5, 5.5-STABLE) 2006-09-28 13:04:16 UTC (RELENG_5_5, 5.5-RELEASE-p6) 2006-09-28 13:04:47 UTC (RELENG_5_4, 5.4-RELEASE-p20) 2006-09-28 13:05:08 UTC (RELENG_5_3, 5.3-RELEASE-p35) 2006-09-28 13:05:59 UTC (RELENG_4, 4.11-STABLE) 2006-09-28 13:06:23 UTC (RELENG_4_11, 4.11-RELEASE-p23) CVE Name: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4343 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. II. Problem Description Several problems have been found in OpenSSL: 1. During the parsing of certain invalid ASN1 structures an error condition is mishandled, possibly resulting in an infinite loop. [CVE-2006-2937] 2. A buffer overflow exists in the SSL_get_shared_ciphers function. [CVE-2006-3738] 3. A NULL pointer may be dereferenced in the SSL version 2 client code. [CVE-2006-4343] In addition, many applications using OpenSSL do not perform any validation of the lengths of public keys being used. [CVE-2006-2940] III. Impact Servers which parse ASN1 data from untrusted sources may be vulnerable to a denial of service attack. [CVE-2006-2937] An attacker accessing a server which uses SSL version 2 may be able to execute arbitrary code with the privileges of that server. [CVE-2006-3738] A malicious SSL server can cause clients connecting using SSL version 2 to crash. [CVE-2006-4343] Applications which perform public key operations using untrusted keys may be vulnerable to a denial of service attack. [CVE-2006-2940] IV. Workaround No workaround is available, but not all of the vulnerabilities mentioned affect all applications. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE, or to the RELENG_6_1, RELENG_6_0, RELENG_5_5, RELENG_5_4, RELENG_5_3, or RELENG_4_11 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 4.11, 5.3, 5.4, 5.5, 6.0, and 6.1 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-06:23/openssl.patch # fetch http://security.FreeBSD.org/patches/SA-06:23/openssl.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system as described in and reboot the system. NOTE: Any third-party applications, including those installed from the FreeBSD ports collection, which are statically linked to libcrypto(3) should be recompiled in order to use the corrected code. NOTE ALSO: The above patch reduces the functionality of libcrypto(3) by prohibiting the use of exceptionally large public keys. It is believed that no existing applications legitimately use such key lengths as would be affected by this change. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_4 src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.1.2.4 src/crypto/openssl/crypto/dh/dh.h 1.1.1.1.2.8 src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.1.2.7 src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.1.2.11 src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.1.2.8 src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.1.2.7 src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.1.2.11 src/crypto/openssl/crypto/rsa/rsa.h 1.2.2.14 src/crypto/openssl/crypto/rsa/rsa_eay.c 1.2.4.16 src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.1.2.7 src/crypto/openssl/ssl/s2_clnt.c 1.2.2.14 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.1.2.20 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.1.2.14 RELENG_4_11 src/UPDATING 1.73.2.91.2.24 src/sys/conf/newvers.sh 1.44.2.39.2.27 src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.1.2.2.6.1 src/crypto/openssl/crypto/dh/dh.h 1.1.1.1.2.4.8.1 src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.1.2.3.8.1 src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.1.2.7.6.1 src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.1.2.4.8.1 src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.1.2.3.8.1 src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.1.2.7.6.1 src/crypto/openssl/crypto/rsa/rsa.h 1.2.2.8.4.1 src/crypto/openssl/crypto/rsa/rsa_eay.c 1.2.4.8.4.1 src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.1.2.3.8.1 src/crypto/openssl/ssl/s2_clnt.c 1.2.2.8.4.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.1.2.9.4.1 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.1.2.8.4.1 RELENG_5 src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.4.1 src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.6.1 src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.4.6.2 src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.8.4.2 src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.6.6.2 src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.6.1 src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.7.4.2 src/crypto/openssl/crypto/rsa/rsa.h 1.10.4.2 src/crypto/openssl/crypto/rsa/rsa_eay.c 1.12.4.2 src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.6.1 src/crypto/openssl/ssl/s2_clnt.c 1.12.2.2 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.13.2.2 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.2 RELENG_5_5 src/UPDATING 1.342.2.35.2.6 src/sys/conf/newvers.sh 1.62.2.21.2.8 src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.16.1 src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.18.1 src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.4.6.1.4.1 src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.8.4.1.4.1 src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.6.6.1.4.1 src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.18.1 src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.7.4.1.4.1 src/crypto/openssl/crypto/rsa/rsa.h 1.10.4.1.4.1 src/crypto/openssl/crypto/rsa/rsa_eay.c 1.12.4.1.4.1 src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.18.1 src/crypto/openssl/ssl/s2_clnt.c 1.12.2.1.4.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.13.2.1.4.1 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.1.4.1 RELENG_5_4 src/UPDATING 1.342.2.24.2.29 src/sys/conf/newvers.sh 1.62.2.18.2.25 src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.8.1 src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.10.1 src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.4.6.1.2.1 src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.8.4.1.2.1 src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.6.6.1.2.1 src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.10.1 src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.7.4.1.2.1 src/crypto/openssl/crypto/rsa/rsa.h 1.10.4.1.2.1 src/crypto/openssl/crypto/rsa/rsa_eay.c 1.12.4.1.2.1 src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.10.1 src/crypto/openssl/ssl/s2_clnt.c 1.12.2.1.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.13.2.1.2.1 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.1.2.1 RELENG_5_3 src/UPDATING 1.342.2.13.2.38 src/sys/conf/newvers.sh 1.62.2.15.2.40 src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.6.1 src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.8.1 src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.4.8.1 src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.8.6.1 src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.6.8.1 src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.8.1 src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.7.6.1 src/crypto/openssl/crypto/rsa/rsa.h 1.10.6.1 src/crypto/openssl/crypto/rsa/rsa_eay.c 1.12.6.1 src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.8.1 src/crypto/openssl/ssl/s2_clnt.c 1.12.4.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.13.4.1 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.4.1 RELENG_6 src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.10.1 src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.12.1 src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.5.2.1 src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.9.2.1 src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.7.2.1 src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.12.1 src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.8.2.1 src/crypto/openssl/crypto/rsa/rsa.h 1.11.2.1 src/crypto/openssl/crypto/rsa/rsa_eay.c 1.13.2.1 src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.12.1 src/crypto/openssl/ssl/s2_clnt.c 1.13.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.2.1 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.2.1 RELENG_6_1 src/UPDATING 1.416.2.22.2.10 src/sys/conf/newvers.sh 1.69.2.11.2.10 src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.14.1 src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.16.1 src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.5.6.1 src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.9.6.1 src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.7.6.1 src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.16.1 src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.8.6.1 src/crypto/openssl/crypto/rsa/rsa.h 1.11.6.1 src/crypto/openssl/crypto/rsa/rsa_eay.c 1.13.6.1 src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.16.1 src/crypto/openssl/ssl/s2_clnt.c 1.13.6.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.6.1 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.6.1 RELENG_6_0 src/UPDATING 1.416.2.3.2.18 src/sys/conf/newvers.sh 1.69.2.8.2.14 src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.12.1 src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.14.1 src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.5.4.1 src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.9.4.1 src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.7.4.1 src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.14.1 src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.8.4.1 src/crypto/openssl/crypto/rsa/rsa.h 1.11.4.1 src/crypto/openssl/crypto/rsa/rsa_eay.c 1.13.4.1 src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.14.1 src/crypto/openssl/ssl/s2_clnt.c 1.13.4.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.4.1 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.4.1 - ------------------------------------------------------------------------- VII. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-06:23.openssl.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFFG8l8FdaIBMps37IRAn0pAKCRuDXjFm2w7YtoZ9C6oVgM9UK0GgCdHdYu 7owfMI1ZVr22prZNmPTeM7k= =DguL -----END PGP SIGNATURE----- _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"