|
|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200610-11] OpenSSL: Multiple vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
OpenSSL: Multiple vulnerabilities
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200610-11
(OpenSSL: Multiple vulnerabilities)
Tavis Ormandy and Will Drewry, both of the Google Security Team,
discovered that the SSL_get_shared_ciphers() function contains a buffer
overflow vulnerability, and that the SSLv2 client code contains a flaw
leading to a crash. Additionally Dr. Stephen N. Henson found that the
ASN.1 handler contains two Denial of Service vulnerabilities: while
parsing an invalid ASN.1 structure and while handling certain types of
public key.
Impact
A possible hacker could trigger the buffer overflow vulnerability by sending
a malicious suite of ciphers to an application using the vulnerable
function, and thus execute arbitrary code with the rights of the user
running the application. A possible hacker could also consume CPU and/or
memory by exploiting the Denial of Service vulnerabilities. Finally a
malicious server could crash a SSLv2 client through the SSLv2
vulnerability.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Solution:
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
