Advisories

CERT-In Advisory CIAD-2015-0068

Multiple Vulnerabilities in OpenSSL

Original Issue Date: December 15, 2015

Severity Rating: High

Systems Affected

OpenSSL 1.0.2
OpenSSL 1.0.1
OpenSSL 1.0.0
OpenSSL 0.9.8

Overview

Multiple vulnerabilities have been reported in OpenSSL which could allow a remote attacker to cause denial of service conditions or obtain sensitive information.

Description

1. Information Disclosure Vulnerability ( CVE-2015-3193   )

This vulnerability exists in Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform due to an error while implementing the BN_mod_exp function. A remote attacker could exploit this vulnerability by sending specially crafted requests to a targeted application which relies on OpenSSL. This could lead to produce weaker cryptographic protection than expected. Successful exploitation of this vulnerability could result in obtaining sensitive private key information.

2. OpenSSL Certificate Processing Denial of Service Vulnerability ( CVE-2015-3194   )

This vulnerability exists in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 due to its failure of handling certificate signatures. A remote attacker could exploit this vulnerability by sending a certificate with a specially crafted ASN.1 signature that uses the RSA PSS algorithmand absentmask generation function parameter. This could lead to the application to crash with a NULL pointers dereference. Successful exploitation of this vulnerability could lead to denial of service conditions.

3. OpenSSL X509_ATTRIBUTE Memory Leak Vulnerability ( CVE-2015-3195   )

This vulnerability exists in the ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL due to improper handling caused by the malformed X509_ATTRIBUTE data. A remote attacker could exploit this vulnerability by sending malicious requests to an application which uses the OpenSSL library. This triggers a memory leak resulting in disclosure of sensitive information.

4. Race Condition Vulnerability ( CVE-2015-3196   )

This vulnerability exists in ssl/s3_clnt.c in OpenSSL due to improper memory operations. A remote attacker could exploit this vulnerability by sending a specially crafted ServerKeyExchange message triggering a race condition resulting in a double free error condition. Successful exploitation of this vulnerability could lead to denial of service conditions.

5. Denial of Service Vulnerability ( CVE-2015-1794   )

This vulnerability exists in the ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL. A remote attacker could exploit this vulnerability by sending a malicious zero p value in a ServerKeyExchange message resulting in a segmentation fault. Successful exploitation of this vulnerability could lead to denial of service conditions.

Solution

Apply appropriate patches as mentioned in the following link
http://openssl.org/news/secadv/20151203.txt

Vendor Information

OpenSSL
http://openssl.org/news/secadv/20151203.txt

References

OpenSSL
http://openssl.org/news/secadv/20151203.txt

Security Tracker
http://www.securitytracker.com/id/1034294

Cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl

CVE Name
CVE-2015-3193
CVE-2015-3194
CVE-2015-3195
CVE-2015-3196
CVE-2015-1794

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Email: info@cert-in.org.in
Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India