
- ------------------------------------------------------------------------
Debian Security Advisory DSA-136-2                   security@debian.org 
Debian -- Security Information                             Michael Stone
September 15, 2002                     Debian -- Debian security FAQ 
- ------------------------------------------------------------------------

Package        : openssl094, openssl095, openssl
Problem type   : multiple remote exploits
Debian-specific: no
CVE            : CAN-2002-0655 CAN-2002-0656 CAN-2002-0657 CAN-2002-0659

Note: this advisory is an update to DSA-136-1, issued 30 Jul 2002. It
includes ASN1 updates in the woody packages, plus the potato packages
which were not initially available.

The OpenSSL development team has announced that a security audit by A.L.
Digital Ltd and The Bunker, under the DARPA CHATS program, has revealed
remotely exploitable buffer overflow conditions in the OpenSSL code.
Additionaly, the ASN1 parser in OpenSSL has a potential DoS attack
independently discovered by Adi Stav and James Yonan.

CAN-2002-0655 references overflows in buffers used to hold ASCII
representations of integers on 64 bit platforms. CAN-2002-0656
references buffer overflows in the SSL2 server implementation (by
sending an invalid key to the server) and the SSL3 client implementation
(by sending a large session id to the client). The SSL2 issue was also
noticed by Neohapsis, who have privately demonstrated exploit code for
this issue. CAN-2002-0659 references the ASN1 parser DoS issue.

These vulnerabilities have been addressed for Debian 3.0 (woody) in
openssl094_0.9.4-6.woody.1, openssl095_0.9.5a-6.woody.1 and
openssl_0.9.6c-2.woody.1.

These vulnerabilities are also present in Debian 2.2 (potato). Fixed
packages are available in openssl094_0.9.4-6.potato.0 and
openssl_0.9.6c-0.potato.4. 

Only i386 packages for openssl094 and openssl095 are available at this
time; other architectures will be made available as soon as possible.
A worm is actively exploiting this issue on internet-attached hosts;
we recommend you upgrade your OpenSSL as soon as possible. Note that you
must restart any daemons using SSL. (E.g., ssh or ssl-enabled apache.)
If you are uncertain which programs are using SSL you may choose to
reboot to ensure that all running daemons are using the new libraries.

- ------------------------------------------------------------------------

Obtaining updates:

  By hand:
    wget URL
        will fetch the file for you.
    dpkg -i FILENAME.deb
        will install the fetched file.

  With apt:
    deb  Debian -- Security Information  stable/updates main
        added to /etc/apt/sources.list will provide security updates

Additional information can be found on the Debian security webpages
at  Debian -- Security Information 

- ------------------------------------------------------------------------

Debian 2.2 (potato)
- ----------------------

  Oldstable was released for alpha, arm, i386, m68k, powerpc and sparc.

  Source archives:

      
      Size/MD5 checksum:  2153980 c8261d93317635d56df55650c6aeb3dc
      
      Size/MD5 checksum:  1570392 72544daea16d6c99d656b95f77b01b2d
      
      Size/MD5 checksum:      741 9c7e0cf669a32763f4bf9669156a2235
      
      Size/MD5 checksum:      702 463aa33d08d188542208e82734269eab
      
      Size/MD5 checksum:    44354 d06b01d6f91e901d3e2686df4b9b6bc6
      
      Size/MD5 checksum:    42566 ea23bd132febccb20178a33080a75b2e

  alpha architecture (DEC Alpha)

      
      Size/MD5 checksum:   746626 c7e28cd9327bf7c57de8460873acc7ca
      
      Size/MD5 checksum:   591014 6e50b6aab7330ab8bf05835476e355cf
      
      Size/MD5 checksum:  1550550 519f58912d6fe231127dc3269235494b

  arm architecture (ARM)

      
      Size/MD5 checksum:   469664 291969d97b32582ad427f2464a5f9f50
      
      Size/MD5 checksum:  1349424 61b9f52a86711594c7f9e7135e2ad447
      
      Size/MD5 checksum:   729988 e7751f662ef2a13bc304025995fd1bfa

  i386 architecture (Intel ia32)

      
      Size/MD5 checksum:  1288134 430658383c6c37cfafbddd16a492f407
      
      Size/MD5 checksum:   463668 37e1e010c4eab318a48b8f1de3c73910
      
      Size/MD5 checksum:   724530 82241d5d38dc62b0e4d53f41303e8829
      
      Size/MD5 checksum:  1272012 0e9c6f0a2fde3e72eb4b3c88e57ad9fa

  m68k architecture (Motorola Mc680x0)

      
      Size/MD5 checksum:   721394 176c598a45a1ba9bbc459bd8d2b014d2
      
      Size/MD5 checksum:  1263214 cf1a25df58c5b14101fc56896ed9d51c
      
      Size/MD5 checksum:   451000 627bd347ab6ca780e6dea2b34f2e3e3d

  powerpc architecture (PowerPC)

      
      Size/MD5 checksum:   726946 26d2b2b6314750c7f78efd7617ad4f91
      
      Size/MD5 checksum:  1385054 1d02c03f2edc5de1fbcd7e1563227723
      
      Size/MD5 checksum:   503900 cebc7e59bb5e812491b4542e803d4642

  sparc architecture (Sun SPARC/UltraSPARC)

      
      Size/MD5 checksum:  1342800 18dcc49e3ab9b43c54ff4bf07a73057b
      
      Size/MD5 checksum:   483834 3811f4b7b3fd20c9cd8f3896106aeede
      
      Size/MD5 checksum:   738500 b9eeca8cca46d187f0bb8791af95ad7b

Debian 3.0 (woody)
- -------------------

  woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.

  Source archives:

      
      Size/MD5 checksum:      731 6ee81367f6726dd6e793e0a28f2dab2f
      
      Size/MD5 checksum:  2153980 c8261d93317635d56df55650c6aeb3dc
      
      Size/MD5 checksum:  1892089 99d22f1d4d23ff8b927f94a9df3997b4
      
      Size/MD5 checksum:  1570392 72544daea16d6c99d656b95f77b01b2d
      
      Size/MD5 checksum:      738 8db01015b7c3c6b1fab8a509a8d32362
      
      Size/MD5 checksum:    38440 812dd2074b1eb8f2764621d12db77140
      
      Size/MD5 checksum:      739 753ca9446c2f3bc658df80a8668d69a5
      
      Size/MD5 checksum:    44476 fad8a823c2455b4089bf9fdececf1c19
      
      Size/MD5 checksum:    42477 92e89d405fb0291efa45d3f260fbd1b4

  alpha architecture (DEC Alpha)

      
      Size/MD5 checksum:   735734 e8ddba4a00d37834de2301a36daf8893
      
      Size/MD5 checksum:   570688 104d1b40056d53f6b3164cff39a637c5
      
      Size/MD5 checksum:  1550806 e137ab248541f6fdfa311744925197b7

  hppa architecture (HP PA RISC)

      
      Size/MD5 checksum:   564336 c33d5269f29184ddd5f5f37435db3b20
      
      Size/MD5 checksum:  1434386 22c4cb54eb0345d5232e00315b1d707b
      
      Size/MD5 checksum:   741436 51ae4ce9e126f4f1e16388a9e03bd929

  i386 architecture (Intel ia32)

      
      Size/MD5 checksum:  1290394 2ef22ed5e2f75a5afd57bc7f5579b668
      
      Size/MD5 checksum:   400108 495f381e41694087d0e02536044b4d1e
      
      Size/MD5 checksum:   461228 4c36f0b42fb7b0fc3a576477f4812378
      
      Size/MD5 checksum:   357956 6cc8232971ff8c4e027cbd3b5552af8d
      
      Size/MD5 checksum:   722756 4f962685c00e0f360008909c34253f32

  ia64 architecture (Intel ia64)

      
      Size/MD5 checksum:   763312 f68f750b3211243654eec890b01c8e7a
      
      Size/MD5 checksum:  1615968 e0a890a89e6d44d8a3be8594ea507202
      
      Size/MD5 checksum:   710314 47bf40e6683690237b9b307232f9b0dd

  m68k architecture (Motorola Mc680x0)

      
      Size/MD5 checksum:   719876 7b86c3e93997f78a058c8d51148e5542
      
      Size/MD5 checksum:  1266008 db905314e8947748d60454b7b7fdc565
      
      Size/MD5 checksum:   450170 4dec6cc106d48a1011ba7bec1b2ec61a

  mips architecture (MIPS (Big Endian))

      
      Size/MD5 checksum:   717336 9aa8a5ff7c3cb422f40f8797e0b97b7f
      
      Size/MD5 checksum:   483018 61b96d689c3794af43a881c1d064fd8f
      
      Size/MD5 checksum:  1415606 321c34c11f7b52d630548a81a84c1f1f

  mipsel architecture (MIPS (Little Endian))

      
      Size/MD5 checksum:   476042 abcbbf8c13cde643076407d539cd483e
      
      Size/MD5 checksum:   716572 8925b769c4ef248a6aa5dc71173115fd
      
      Size/MD5 checksum:  1409496 230cf7fd06f5fe8afaef1bd291777cc6

  powerpc architecture (PowerPC)

      
      Size/MD5 checksum:   726188 8835e23596eee551da6f1b0c9036e339
      
      Size/MD5 checksum:  1386308 16b4a447219eb1c284fb8e4f2eef757b
      
      Size/MD5 checksum:   501886 e343898ad82ab2e88f35903274525152

  sparc architecture (Sun SPARC/UltraSPARC)

      
      Size/MD5 checksum:   484190 242d5e36cbf18033d04a26cfd3cdc861
      
      Size/MD5 checksum:  1343610 a578dbc5193884a284e9bf930607036f
      
      Size/MD5 checksum:   736668 1bcdd2bbce3bff5115c4f3b9774aea30

- ------------------------------------------------------------------------
For apt-get: deb  Debian -- Security Information  stable/updates main
For dpkg-ftp:    dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and  http://packages.debian.org/

Debian: Multipule OpenSSL Vulnerabilities (update)

September 19, 2002

This advisory is an update to DSA-136-1, issued 30 Jul 2002

Summary

Note: this advisory is an update to DSA-136-1, issued 30 Jul 2002. It
includes ASN1 updates in the woody packages, plus the potato packages
which were not initially available.

The OpenSSL development team has announced that a security audit by A.L.
Digital Ltd and The Bunker, under the DARPA CHATS program, has revealed
remotely exploitable buffer overflow conditions in the OpenSSL code.
Additionaly, the ASN1 parser in OpenSSL has a potential DoS attack
independently discovered by Adi Stav and James Yonan.

CAN-2002-0655 references overflows in buffers used to hold ASCII
representations of integers on 64 bit platforms. CAN-2002-0656
references buffer overflows in the SSL2 server implementation (by
sending an invalid key to the server) and the SSL3 client implementation
(by sending a large session id to the client). The SSL2 issue was also
noticed by Neohapsis, who have privately demonstrated exploit code for
this issue. CAN-2002-0659 references the ASN1 parser DoS issue.

These vulnerabilities have been addressed for Debian 3.0 (woody) in
openssl094_0.9.4-6.woody.1, openssl095_0.9.5a-6.woody.1 and
openssl_0.9.6c-2.woody.1.

These vulnerabilities are also present in Debian 2.2 (potato). Fixed
packages are available in openssl094_0.9.4-6.potato.0 and
openssl_0.9.6c-0.potato.4.

Only i386 packages for openssl094 and openssl095 are available at this
time; other architectures will be made available as soon as possible.
A worm is actively exploiting this issue on internet-attached hosts;
we recommend you upgrade your OpenSSL as soon as possible. Note that you
must restart any daemons using SSL. (E.g., ssh or ssl-enabled apache.)
If you are uncertain which programs are using SSL you may choose to
reboot to ensure that all running daemons are using the new libraries.

Obtaining updates:

By hand:
wget URL
will fetch the file for you.
dpkg -i FILENAME.deb
will install the fetched file.

With apt:
deb Debian -- Security Information stable/updates main
added to /etc/apt/sources.list will provide security updates

Additional information can be found on the Debian security webpages
at Debian -- Security Information

Debian 2.2 (potato)
- ----------------------

Oldstable was released for alpha, arm, i386, m68k, powerpc and sparc.

Source archives:

Size/MD5 checksum: 2153980 c8261d93317635d56df55650c6aeb3dc

Size/MD5 checksum: 1570392 72544daea16d6c99d656b95f77b01b2d

Size/MD5 checksum: 741 9c7e0cf669a32763f4bf9669156a2235

Size/MD5 checksum: 702 463aa33d08d188542208e82734269eab

Size/MD5 checksum: 44354 d06b01d6f91e901d3e2686df4b9b6bc6

Size/MD5 checksum: 42566 ea23bd132febccb20178a33080a75b2e

alpha architecture (DEC Alpha)

Size/MD5 checksum: 746626 c7e28cd9327bf7c57de8460873acc7ca

Size/MD5 checksum: 591014 6e50b6aab7330ab8bf05835476e355cf

Size/MD5 checksum: 1550550 519f58912d6fe231127dc3269235494b

arm architecture (ARM)

Size/MD5 checksum: 469664 291969d97b32582ad427f2464a5f9f50

Size/MD5 checksum: 1349424 61b9f52a86711594c7f9e7135e2ad447

Size/MD5 checksum: 729988 e7751f662ef2a13bc304025995fd1bfa

i386 architecture (Intel ia32)

Size/MD5 checksum: 1288134 430658383c6c37cfafbddd16a492f407

Size/MD5 checksum: 463668 37e1e010c4eab318a48b8f1de3c73910

Size/MD5 checksum: 724530 82241d5d38dc62b0e4d53f41303e8829

Size/MD5 checksum: 1272012 0e9c6f0a2fde3e72eb4b3c88e57ad9fa

m68k architecture (Motorola Mc680x0)

Size/MD5 checksum: 721394 176c598a45a1ba9bbc459bd8d2b014d2

Size/MD5 checksum: 1263214 cf1a25df58c5b14101fc56896ed9d51c

Size/MD5 checksum: 451000 627bd347ab6ca780e6dea2b34f2e3e3d

powerpc architecture (PowerPC)

Size/MD5 checksum: 726946 26d2b2b6314750c7f78efd7617ad4f91

Size/MD5 checksum: 1385054 1d02c03f2edc5de1fbcd7e1563227723

Size/MD5 checksum: 503900 cebc7e59bb5e812491b4542e803d4642

sparc architecture (Sun SPARC/UltraSPARC)

Size/MD5 checksum: 1342800 18dcc49e3ab9b43c54ff4bf07a73057b

Size/MD5 checksum: 483834 3811f4b7b3fd20c9cd8f3896106aeede

Size/MD5 checksum: 738500 b9eeca8cca46d187f0bb8791af95ad7b

Debian 3.0 (woody)
- -------------------

woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.

Source archives:

Size/MD5 checksum: 731 6ee81367f6726dd6e793e0a28f2dab2f

Size/MD5 checksum: 2153980 c8261d93317635d56df55650c6aeb3dc

Size/MD5 checksum: 1892089 99d22f1d4d23ff8b927f94a9df3997b4

Size/MD5 checksum: 1570392 72544daea16d6c99d656b95f77b01b2d

Size/MD5 checksum: 738 8db01015b7c3c6b1fab8a509a8d32362

Size/MD5 checksum: 38440 812dd2074b1eb8f2764621d12db77140

Size/MD5 checksum: 739 753ca9446c2f3bc658df80a8668d69a5

Size/MD5 checksum: 44476 fad8a823c2455b4089bf9fdececf1c19

Size/MD5 checksum: 42477 92e89d405fb0291efa45d3f260fbd1b4

alpha architecture (DEC Alpha)

Size/MD5 checksum: 735734 e8ddba4a00d37834de2301a36daf8893

Size/MD5 checksum: 570688 104d1b40056d53f6b3164cff39a637c5

Size/MD5 checksum: 1550806 e137ab248541f6fdfa311744925197b7

hppa architecture (HP PA RISC)

Size/MD5 checksum: 564336 c33d5269f29184ddd5f5f37435db3b20

Size/MD5 checksum: 1434386 22c4cb54eb0345d5232e00315b1d707b

Size/MD5 checksum: 741436 51ae4ce9e126f4f1e16388a9e03bd929

i386 architecture (Intel ia32)

Size/MD5 checksum: 1290394 2ef22ed5e2f75a5afd57bc7f5579b668

Size/MD5 checksum: 400108 495f381e41694087d0e02536044b4d1e

Size/MD5 checksum: 461228 4c36f0b42fb7b0fc3a576477f4812378

Size/MD5 checksum: 357956 6cc8232971ff8c4e027cbd3b5552af8d

Size/MD5 checksum: 722756 4f962685c00e0f360008909c34253f32

ia64 architecture (Intel ia64)

Size/MD5 checksum: 763312 f68f750b3211243654eec890b01c8e7a

Size/MD5 checksum: 1615968 e0a890a89e6d44d8a3be8594ea507202

Size/MD5 checksum: 710314 47bf40e6683690237b9b307232f9b0dd

m68k architecture (Motorola Mc680x0)

Size/MD5 checksum: 719876 7b86c3e93997f78a058c8d51148e5542

Size/MD5 checksum: 1266008 db905314e8947748d60454b7b7fdc565

Size/MD5 checksum: 450170 4dec6cc106d48a1011ba7bec1b2ec61a

mips architecture (MIPS (Big Endian))

Size/MD5 checksum: 717336 9aa8a5ff7c3cb422f40f8797e0b97b7f

Size/MD5 checksum: 483018 61b96d689c3794af43a881c1d064fd8f

Size/MD5 checksum: 1415606 321c34c11f7b52d630548a81a84c1f1f

mipsel architecture (MIPS (Little Endian))

Size/MD5 checksum: 476042 abcbbf8c13cde643076407d539cd483e

Size/MD5 checksum: 716572 8925b769c4ef248a6aa5dc71173115fd

Size/MD5 checksum: 1409496 230cf7fd06f5fe8afaef1bd291777cc6

powerpc architecture (PowerPC)

Size/MD5 checksum: 726188 8835e23596eee551da6f1b0c9036e339

Size/MD5 checksum: 1386308 16b4a447219eb1c284fb8e4f2eef757b

Size/MD5 checksum: 501886 e343898ad82ab2e88f35903274525152

sparc architecture (Sun SPARC/UltraSPARC)

Size/MD5 checksum: 484190 242d5e36cbf18033d04a26cfd3cdc861

Size/MD5 checksum: 1343610 a578dbc5193884a284e9bf930607036f

Size/MD5 checksum: 736668 1bcdd2bbce3bff5115c4f3b9774aea30

For apt-get: deb Debian -- Security Information stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/