跳至主內容

OpenSSL 遠端使用者阻斸服務及執行任意程式碼漏洞

最後更新 2015年06月12日 10:35 發佈日期: 2015年06月12日 1111 觀看次數

風險: 中度風險

類型: 保安軟件及應用設備 - 保安軟件及應用設備

類型: 保安軟件及應用設備

Multiple vulnerabilities were reported in OpenSSL. A remote user can cause denial of service conditions on the target system. A remote authenticated user may be able to execute arbitrary code on the target system.

  • A remote authenticated user can send specially crafted application data to a connected DTLS peer between the ChangeCipherSpec and Finished messages to trigger an invalid memory free and cause a segmentation fault or memory corruption error and potentially execute arbitrary code. Versions 0.9.8 prior to 0.9.8za, 1.0.0 prior to 1.0.0m, and 1.0.1 prior to 1.0.1h are affected.
  • A remote user can send specially crafted ECParameters to cause the target service to enter an infinite loop. Applications that process public keys, certificate requests, or certificates are affected. TLS clients and TLS servers with client authentication enabled are affected. Versions 1.0.1 and 1.0.2 are affected.
  • A remote user can create a specially crafted certificate or certificate revocation list (CRL) that, when processed by the target application, will trigger an out-of-bound memory read in X509_cmp_time() and cause a segmentation fault. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled and that use custom verification callbacks may be affected.
  • A remote user can create specially crafted ASN.1-encoded PKCS#7 data with a missing EnvelopedContent component to trigger a null pointer dereference. Applications that decrypt or parse PKCS#7 data from untrusted sources are affected. OpenSSL clients and servers are not affected. The impact was not specified.
  • A remote user can create a specially crafted signedData message that specifies an unknown hash function OID to trigger an infinite loop in the CMS code. Applications that verify signedData messages using the CMS code are affected.

影響

  • 阻斷服務
  • 遠端執行程式碼

受影響之系統或技術

  • v1.0.2
  • v1.0.1
  • v1.0.0
  • v0.9.8

解決方案

Before installation of the software, please visit the software manufacturer web-site for more details.

  • OpenSSL 1.0.2 users should upgrade to 1.0.2b
  • OpenSSL 1.0.1 users should upgrade to 1.0.1n
  • OpenSSL 1.0.0 users should upgrade to 1.0.0s
  • OpenSSL 0.9.8 users should upgrade to 0.9.8zg
Note: Support for OpenSSL versions 1.0.0 and 0.9.8 will cease at the end of the year on 2015-12-31.  No security updates for 1.0.0 and 0.9.8 will be provided after that.  Users are advised to upgrade to the latest versions of 1.0.1 or 1.0.2.

漏洞識別碼


資料來源


相關連結