| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability bulletin CVE-2009-3245
OpenSSL: buffer overflow via bn_wexpand
Synthesis of the vulnerability
| The OpenSSL library does not check the error code of the bn_wexpand() function, which can generate a denial of service, or lead to code execution. |
Severity: 2/4.
Creation date: 08/03/2010.
|
Description of the vulnerability
The BN (BIGNUM) module of the OpenSSL suite implements the management of big numbers.
The bn_wexpand() function extends the size of a BIGNUM, to ensure it can contain 'n' bytes:
bn_wexpand(bignumber, n);
Several functions of OpenSSL use bn_wexpand(), in files crypto/bn/bn_div.c, crypto/bn/bn_gf2m.c, crypto/ec/ec2_smpl.c, and engines/e_ubsec.c. However, they do not check if the size extension failed, before using the BIGNUM. An overflow can thus occur.
When an application uses the affected functions, this overflow can create a denial of service, or lead to code execution. |
Complete Vigil@nce bulletin
Characteristics
Title: OpenSSL: buffer overflow via bn_wexpand.
Keywords: BIGNUM OpenSSL bn_div bn_gf2m bn_wexpand buffer e_ubsec ec2_smpl overflow.
Identifiers: BID-38562, c02079216, CVE-2009-3245, FEDORA-2010-5357, FEDORA-2010-8742, HPSBUX02517, MDVSA-2010:076, MDVSA-2010:076-1, RHSA-2010:0162-01, RHSA-2010:0173-02, SSA:2010-060-02, SSRT100058, SUSE-SA:2010:020, SUSE-SR:2010:013, VIGILANCE-VUL-9503.
|
Information sources
Solutions for this vulnerability
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerability bulletins
|
