The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of OpenSSL: memory corruption in ssl3_get_key_exchange

Synthesis of the vulnerability

An attacker can invite the victim to connect to a malicious SSL/TLS server, in order to corrupt the memory of the client, to create a denial of service or to execute code.
Severity of this bulletin: 2/4.
Creation date: 09/08/2010.
Revision date: 10/08/2010.
Références of this threat: BID-42306, CVE-2010-2939, DSA-2100-1, FreeBSD-SA-10:10.openssl, MDVSA-2010:168, NetBSD-SA2010-011, openSUSE-SU-2010:0951-1, openSUSE-SU-2010:0952-1, SSA:2010-326-01, SUSE-SR:2010:021, VIGILANCE-VUL-9819, VMSA-2011-0003, VMSA-2011-0003.1, VMSA-2011-0003.2.

Description of the vulnerability

The RSA algorithm uses two prime numbers named "p" and "q". The SSL/TLS algorithm uses a certificate containing keys based on these numbers.

When the OpenSSL client connects to a SSL/TLS server, it uses the RSA_verify() function to check the certificate signature. If p and q are not prime numbers, the signature is invalid and the client interrupts the session. However, this error processing frees twice the bn_ctx context in the ssl3_get_key_exchange() function of the ssl/s3_clnt.c file.

An attacker can therefore invite the victim to connect to a malicious SSL/TLS server, in order to corrupt the memory of the client, to create a denial of service or to execute code.
Full Vigil@nce bulletin... (Request your free trial)

This security note impacts software or systems such as Debian, FreeBSD, Mandriva Linux, NetBSD, OpenSSL, openSUSE, Slackware, SLES, ESX, ESXi, vCenter Server, VirtualCenter, VMware vSphere, VMware vSphere Hypervisor.

Our Vigil@nce team determined that the severity of this threat announce is medium.

The trust level is of type confirmed by the editor, with an origin of internet server.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this computer weakness announce.

Solutions for this threat

OpenSSL: patch for ssl3_get_key_exchange.
A patch is available in information sources.

Debian: new openssl packages.
New packages are available:
  openssl_0.9.8g-15+lenny8

FreeBSD: patch for OpenSSL.
A patch is available:
FreeBSD 7.x :
  fetch http://security.FreeBSD.org/patches/SA-10:10/openssl7.patch
FreeBSD 8.x :
  fetch http://security.FreeBSD.org/patches/SA-10:10/openssl.patch

Mandriva 2010.1: new openssl packages.
New packages are available:
  openssl-1.0.0a-1.1mdv2010.1

NetBSD: patch for OpenSSL.
A patch is available in information sources.

openSUSE: new openssl packages.
New packages are available:
  openSUSE 11.1 : openssl-0.9.8h-28.16.1
  openSUSE 11.2 : openssl-0.9.8k-3.8.1
  openSUSE 11.3 : openssl-1.0.0-6.1.1

Slackware: new openssl packages.
New packages are available:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-0.9.8p-i486-1_slack11.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-solibs-0.9.8p-i486-1_slack11.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-0.9.8p-i486-1_slack12.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-solibs-0.9.8p-i486-1_slack12.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-0.9.8p-i486-1_slack12.1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-solibs-0.9.8p-i486-1_slack12.1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-0.9.8p-i486-1_slack12.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-solibs-0.9.8p-i486-1_slack12.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8p-i486-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8p-i486-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8p-i486-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8p-i486-1_slack13.1.txz

SUSE: new packages (16/11/2010).
New packages are available, as indicated in information sources.

VMware: corrected versions.
Following versions are corrected:
VMware vCenter Server 4.1 Update 1 and modules
  http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0
  http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html
VMware vCenter Server 4.0 Update 3
  http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0
  http://www.vmware.com/support/vsphere4/doc/vsp_vc40_u3_rel_notes.html
ESXi 4.1 Installable Update 1
  http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0
  http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html
  http://kb.vmware.com/kb/1027919
ESX 4.1 Update 1
  http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0
  http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html
  http://kb.vmware.com/kb/1029353
ESXi 4.0
  https://hostupdate.vmware.com/software/VUM/OFFLINE/release-274-20110303-677367/ESXi400-201103001.zip
  http://kb.vmware.com/kb/1032823
ESX 4.0
  https://hostupdate.vmware.com/software/VUM/OFFLINE/release-273-20110303-574144/ESX400-201103001.zip
  http://kb.vmware.com/kb/1032822
Full Vigil@nce bulletin... (Request your free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a system vulnerability alert. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.