CERT-In Vulnerability Note CIVN-2008-73
OpenSSL Multiple Denial of Service Vulnerabilities
Original Issue Date:
June 05, 2008
Severity Rating:
Medium
System Affected
- OpenSSL 0.9.8g
- OpenSSL 0.9.8f
Overview
Two vulnerabilities have been reported in OpenSSL 0.9.8f and 0.9.8g, which can be exploited by a remote attacker to cause a denial of service.
Description
1. OpenSSL Server Name extension crash (CVE-2008-0891)
This Vulnerability is caused due to a double-free error in the handling of server name extension data if "server_name" set to 0x00. This can be exploited by sending a specially crafted TLS 1.0 Client Hello packet to crash a server application using OpenSSL.
2. OpenSSL Omit ‘Server Key Exchange message' crash
(CVE-2008-1672)
This Vulnerability is due to a NULL pointer dereference error. When the ‘Server key exchange' message is omitted from a TLS handshake. This can be exploited to crash a vulnerable client when connected to a malicious server with particular cipher suites.
Solution
Update to version openSSL 0.9.8h.
http://www.openssl.org/source/openssl-0.9.8h.tar.gz
Vendor Information
OpenSSL
http://www.openssl.org/news/secadv_20080528.txt
References
SecurityFocus
http://www.securityfocus.com/bid/29405
FrSIRT
http://www.frsirt.com/english/advisories/2008/1680
Secunia
http://secunia.com/advisories/30405/ CVE-Name
CVE-2008-0891
CVE-2008-1672
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
