Date: Fri, 5 Oct 2007 18:05:04 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Mike Tancsa <mike@sentex.net> Cc: freebsd-security@freebsd.org, Stefan Esser <se@freebsd.org> Subject: Re: OpenSSL bufffer overflow Message-ID: <20071005160502.GA1222@zaphod.nitro.dk> In-Reply-To: <200710032349.l93Nn8Co011720@lava.sentex.ca> References: <46FD7595.8090506@FreeBSD.org> <200710032349.l93Nn8Co011720@lava.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2007.10.03 19:49:31 -0400, Mike Tancsa wrote: > At 05:43 PM 9/28/2007, Stefan Esser wrote: >> I did not see any commits to the OpenSSL code, recently; is anybody >> going to commit the fix? >> >> See http://www.securityfocus.com/archive/1/480855/30/0 for details ... > > How serious is this particular issue ? Is it easily exploitable, or > difficult to do ? Are some apps more at risk of exploitation than others ? > e.g. ssh,apache ? (/me kicks mutt again for not showing new mails in mailboxes...) Anyway, I don't think it's very likely many people are affected by this since not many programs call SSL_get_shared_ciphers(). No application in the base system calls SSL_get_shared_ciphers acording to grep, other than openssl(1)'s built in ssl client/server. I also did a quick grep in apache 2.2 (I think it was 2.2) and it didn't reference the function either, but this was a quick check so if it matters to anyone, check yourself. -- Simon L. Nielsen FreeBSD Security Team
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071005160502.GA1222>