- -------------------------------------------------------------------------
Debian Security Advisory DSA-3125-1 security@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
January 11, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openssl
CVE ID : CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572
CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206
Multiple vulnerabilities have been discovered in OpenSSL, a Secure
Sockets Layer toolkit. The Common Vulnerabilities and Exposures project
identifies the following issues:
CVE-2014-3569
Frank Schmirler reported that the ssl23_get_client_hello function in
OpenSSL does not properly handle attempts to use unsupported
protocols. When OpenSSL is built with the no-ssl3 option and a SSL
v3 ClientHello is received, the ssl method would be set to NULL which
could later result in a NULL pointer dereference and daemon crash.
CVE-2014-3570
Pieter Wuille of Blockstream reported that the bignum squaring
(BN_sqr) may produce incorrect results on some platforms, which
might make it easier for remote attackers to defeat cryptographic
protection mechanisms.
CVE-2014-3571
Markus Stenberg of Cisco Systems, Inc. reported that a carefully
crafted DTLS message can cause a segmentation fault in OpenSSL due
to a NULL pointer dereference. A remote attacker could use this flaw
to mount a denial of service attack.
CVE-2014-3572
Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an
OpenSSL client would accept a handshake using an ephemeral ECDH
ciphersuite if the server key exchange message is omitted. This
allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks
and trigger a loss of forward secrecy.
CVE-2014-8275
Antti Karjalainen and Tuomo Untinen of the Codenomicon CROSS project
and Konrad Kraszewski of Google reported various certificate
fingerprint issues, which allow remote attackers to defeat a
fingerprint-based certificate-blacklist protection mechanism.
CVE-2015-0204
Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that
an OpenSSL client will accept the use of an ephemeral RSA key in a
non-export RSA key exchange ciphersuite, violating the TLS
standard. This allows remote SSL servers to downgrade the security
of the session.
CVE-2015-0205
Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an
OpenSSL server will accept a DH certificate for client
authentication without the certificate verify message. This flaw
effectively allows a client to authenticate without the use of a
private key via crafted TLS handshake protocol traffic to a server
that recognizes a certification authority with DH support.
CVE-2015-0206
Chris Mueller discovered a memory leak in the dtls1_buffer_record
function. A remote attacker could exploit this flaw to mount a
denial of service through memory exhaustion by repeatedly sending
specially crafted DTLS records.
For the stable distribution (wheezy), these problems have been fixed in
version 1.0.1e-2+deb7u14.
For the upcoming stable distribution (jessie), these problems will be
fixed soon.
For the unstable distribution (sid), these problems have been fixed in
version 1.0.1k-1.
We recommend that you upgrade your openssl packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
Debian: DSA-3125-1: openssl security update
January 11, 2015
Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit
Summary
CVE-2014-3569
Frank Schmirler reported that the ssl23_get_client_hello function in
OpenSSL does not properly handle attempts to use unsupported
protocols. When OpenSSL is built with the no-ssl3 option and a SSL
v3 ClientHello is received, the ssl method would be set to NULL which
could later result in a NULL pointer dereference and daemon crash.
CVE-2014-3570
Pieter Wuille of Blockstream reported that the bignum squaring
(BN_sqr) may produce incorrect results on some platforms, which
might make it easier for remote attackers to defeat cryptographic
protection mechanisms.
CVE-2014-3571
Markus Stenberg of Cisco Systems, Inc. reported that a carefully
crafted DTLS message can cause a segmentation fault in OpenSSL due
to a NULL pointer dereference. A remote attacker could use this flaw
to mount a denial of service attack.
CVE-2014-3572
Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an
OpenSSL client would accept a handshake using an ephemeral ECDH
ciphersuite if the server key exchange message is omitted. This
allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks
and trigger a loss of forward secrecy.
CVE-2014-8275
Antti Karjalainen and Tuomo Untinen of the Codenomicon CROSS project
and Konrad Kraszewski of Google reported various certificate
fingerprint issues, which allow remote attackers to defeat a
fingerprint-based certificate-blacklist protection mechanism.
CVE-2015-0204
Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that
an OpenSSL client will accept the use of an ephemeral RSA key in a
non-export RSA key exchange ciphersuite, violating the TLS
standard. This allows remote SSL servers to downgrade the security
of the session.
CVE-2015-0205
Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an
OpenSSL server will accept a DH certificate for client
authentication without the certificate verify message. This flaw
effectively allows a client to authenticate without the use of a
private key via crafted TLS handshake protocol traffic to a server
that recognizes a certification authority with DH support.
CVE-2015-0206
Chris Mueller discovered a memory leak in the dtls1_buffer_record
function. A remote attacker could exploit this flaw to mount a
denial of service through memory exhaustion by repeatedly sending
specially crafted DTLS records.
For the stable distribution (wheezy), these problems have been fixed in
version 1.0.1e-2+deb7u14.
For the upcoming stable distribution (jessie), these problems will be
fixed soon.
For the unstable distribution (sid), these problems have been fixed in
version 1.0.1k-1.
We recommend that you upgrade your openssl packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
Severity
Multiple vulnerabilities have been discovered in OpenSSL, a Secure
Sockets Layer toolkit. The Common Vulnerabilities and Exposures project
identifies the following issues:
News
HOWTOs
Features
About Us
Powered By
