Multiple OpenSSL Vulnerabilities

Release date:
Updated on:

Affected Systems:
OpenSSL Project OpenSSL 1.x
OpenSSL Project OpenSSL 0.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 51281
Cve id: CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619

OpenSSL is an open-source SSL implementation that implements high-strength encryption for network communication. It is widely used in various network applications.

OpenSSL has multiple vulnerabilities in implementation, which can be exploited by malicious users to leak sensitive information, resulting in denial of service and control applications that use affected libraries.

1) the CBC mode encryption of DTLS results in a time difference in the decryption process, and the plaintext can be restored through the extension of the Vaudenay padding Oracle attack.

2) If X509_V_FLAG_POLICY_CHECK is used, there is a double release error in the Policy Check.

3) in the SSL 3.0 record, the group password extension is cleared due to library errors, which can encrypt 15 bytes of uninitialized memory and send it to the SSL peer.

4) an error occurs when processing the malformed RFC 3779 data in the certificate, which can be exploited to cause an asserted error.

5) Errors During handshaking and re-processing SGC can be exploited to cause DOS.

6) when processing invalid GOST parameters, errors in the gost engine can be exploited by the TLS client to cause server crash by sending the GOST parameter.

<* Source: Adam Langley
Nadhem Alfardan
Kenny Paterson
Ben Laurie
Andrey Kulikov
Andrew Chi

Link: http://secunia.com/advisories/47426/
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

OpenSSL Project
---------------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.openssl.org/