The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of OpenSSL 0.9.8: memory corruption via asn1_d2i_read_bio

Synthesis of the vulnerability 

An attacker can use malformed ASN.1 data, with an application linked to OpenSSL 0.9.8, in order to corrupt the memory, which leads to a denial of service or to code execution.
Vulnerable systems: Debian, HP-UX, AIX, Tivoli Workload Scheduler, Junos Space, Mandriva Linux, OpenSSL, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity of this threat: 3/4.
Creation date: 24/04/2012.
Références of this weakness: 1643316, BID-53212, c03333987, CERTA-2012-AVI-286, CERTA-2012-AVI-419, CERTFR-2014-AVI-480, CERTFR-2016-AVI-300, CVE-2012-2131, DSA-2454-2, HPSBUX02782, JSA10659, MDVSA-2012:064, RHSA-2012:0518-01, RHSA-2012:0522-01, SSRT100844, SUSE-SU-2012:0623-1, SUSE-SU-2012:0637-1, VIGILANCE-VUL-11564.

Description of the vulnerability 

The version 0.9.8v of OpenSSL was published to correct the vulnerability VIGILANCE-VUL-11559.

However, the vulnerability was not fully corrected by this version.

An attacker can therefore still use malformed ASN.1 data, with an application linked to OpenSSL 0.9.8, in order to corrupt the memory, which leads to a denial of service or to code execution.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This security bulletin impacts software or systems such as Debian, HP-UX, AIX, Tivoli Workload Scheduler, Junos Space, Mandriva Linux, OpenSSL, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES.

Our Vigil@nce team determined that the severity of this cybersecurity announce is important.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this vulnerability alert.

Solutions for this threat 

OpenSSL: version 0.9.8w.
The version 0.9.8w is corrected:
  http://www.openssl.org/

AIX: OpenSSL version 0.9.8.1802.
OpenSSL version 0.9.8.1802 is corrected:
  https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp
OpenSSH version 5.8.0.6102 is available.

Debian: new openssl packages.
New packages are available:
  openssl 0.9.8o-4squeeze12

HP-UX: OpenSSL version A.00.09.08w.
OpenSSL version A.00.09.08w is corrected:
  https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=OPENSSL11I

IBM Tivoli Workload Scheduler: solution for OpenSSL.
The solution is indicated in information sources.

Junos Space: version 14.1R1.
The version 14.1R1 is fixed:
  http://www.juniper.net/support/downloads/?p=space#sw

Mandriva: new openssl0.9.8 packages.
New packages are available:
  openssl0.9.8-0.9.8w-0.1mdv2010.2

RHEL: new openssl packages.
New packages are available:
  openssl-0.9.7a-33.28 (RHEL 3)
  openssl-0.9.7a-43.20.el4 (RHEL 4)
  openssl-0.9.8e-7.el5_3.2
  openssl-0.9.8e-12.el5_6.9
  openssl-0.9.8e-22.el5_8.3
  openssl-1.0.0-4.el6_0.3
  openssl-1.0.0-10.el6_1.6
  openssl-1.0.0-20.el6_2.4

Solaris 10: patch for OpenSSL.
A patch is available:
  SPARC: 147159-05 147707-06
  X86: 146672-07

Solaris 11: patch 11/11 SRU 8.5.
A patch is available:
  https://support.oracle.com/CSP/main/article?type=NOT&id=1470139.1

SUSE LE: new openssl packages.
New packages are available:
  SUSE LE 10 : openssl-0.9.8a-18.68.1
  SUSE LE 11 : openssl-0.9.8j-0.36.1
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides systems vulnerabilities bulletins. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.