Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
  home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability announce CVE-2011-4108 CVE-2011-4109 CVE-2011-4576

OpenSSL: six vulnerabilities

Synthesis of the vulnerability

An attacker can use several OpenSSL vulnerabilities, in order to obtain information, to create a denial of service, and possibly to execute code.
Impacted products: Debian, BIG-IP Appliance, Fedora, FreeBSD, HP-UX, AIX, Tivoli Workload Scheduler, IVE OS, Junos Pulse, Juniper SA, MES, Mandriva Linux, NetBSD, OpenSSL, openSUSE, Solaris, RHEL, JBoss Enterprise, SUSE Linux Enterprise Desktop, SLES, ESX, ESXi, VMware vSphere, VMware vSphere Hypervisor.
Severity: 3/4.
Creation date: 05/01/2012.
Identifiers: 1643316, BID-51281, c03141193, CERTA-2012-AVI-006, CERTA-2012-AVI-171, CERTA-2012-AVI-479, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2012-0027, DSA-2390-1, ESX410-201208101-SG, ESX410-201208102-SG, ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG, ESX410-201208106-SG, ESX410-201208107-SG, ESXi410-201208101-SG, ESXi500-201212102-SG, FEDORA-2012-0232, FEDORA-2012-0250, FreeBSD-SA-12:01.openssl, HPSBUX02734, MDVSA-2012:006, MDVSA-2012:007, openSUSE-SU-2012:0083-1, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, PSN-2012-09-712, RHSA-2012:0059-01, RHSA-2012:0060-01, RHSA-2012:0086-01, RHSA-2012:0109-01, RHSA-2012:0168-01, RHSA-2012:1306-01, RHSA-2012:1307-01, RHSA-2012:1308-01, SOL15388, SOL15389, SOL15395, SSRT100729, SUSE-SU-2012:0084-1, SUSE-SU-2014:0320-1, VIGILANCE-VUL-11257, VMSA-2012-0005.2, VMSA-2012-0012.1, VMSA-2012-0012.2, VMSA-2012-0013, VMSA-2012-0013.2, VMSA-2013-0003.

Description of the vulnerability

Several vulnerabilities were announced in OpenSSL.

The DTLS (Datagram Transport Layer Security) protocol, based on TLS, provides a cryptographic layer over the UDP protocol. In CBC mode, an attacker can measure time difference of decryption computation, in order to retrieve the clear text (VIGILANCE-VUL-11262). [severity:1/4; CERTA-2012-AVI-006, CERTA-2012-AVI-171, CVE-2011-4108]

When the X509_V_FLAG_POLICY_CHECK is set on OpenSSL 0.9.8, an attacker can generate a double memory free, which may lead to code execution. Apache httpd does not use this flag. [severity:3/4; CVE-2011-4109]

When SSL 3.0 is used, each message can contain up to 15 bytes which are not reset before being sent. This occurs when a message is larger than the previous message, and in practice these data come from the handshake and are not sensitive. [severity:2/4; CVE-2011-4576]

When OpenSSL is configured with "enable-rfc3779", a certificate containing malformed RFC 3779 data (X.509 Extensions for IP Addresses and AS Identifiers) generates an assertion error, which stops the application. [severity:2/4; CVE-2011-4577]

The SGC (Server Gated Cryptography) technology processes weak algorithms/keys, and it is considered as obsolete. An attacker can use the handshake restart feature of SGC, in order to create a denial of service. [severity:2/4; CVE-2011-4619]

When GOST ENGINE (GOST algorithms defined in draft-chudov-cryptopro-cptls-04) are enabled, an attacker can send invalid parameters, in order to stop the TLS server. [severity:2/4; CVE-2012-0027]
Complete Vigil@nce bulletin.... (free access)

Share this bulletin

Delicious Digg Facebook Google bookmarks LinkedIn Mail Reddit StumbleUpon Technorati Twitter 

Computer vulnerabilities tracking service

Vigil@nce provides a networks vulnerabilities patch. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The technology watch team tracks security threats targeting the computer system.



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française