Multiple OpenSSL vulnerabilities

2012-03-2113:02:49

CentOS Project

aix.software.ibm.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.185 Low

EPSS

Percentile

96.2%

JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

IBM SECURITY ADVISORY

First Issued: Wed Mar 21 13:02:49 CDT 2012
|Updated: Thu Mar 22 09:06:21 CDT 2012
|Added VIOS release reference
|Updated: Tue Jun 5 11:06:56 CDT 2012
|Corrected FIPS version

The most recent version of this document is available here:

http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc
or
ftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc

                       VULNERABILITY SUMMARY

VULNERABILITY: Multiple OpenSSL vulnerabilities

PLATFORMS: AIX 5.3, 6.1, 7.1, and earlier releases
| VIOS 2.X and 1.5.2

SOLUTION: Apply the fix as described below.

THREAT: See below

CVE Numbers: CVE-2011-4108
CVE-2011-4109
CVE-2011-4576
CVE-2011-4619
CVE-2012-0050

                       DETAILED INFORMATION

I. DESCRIPTION (from cve.mitre.org)

The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 
1.0.0f performs a MAC check only if certain padding is valid, which 
makes it easier for remote attackers to recover plaintext via a 
padding oracle attack. 

Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when 
X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have 
an unspecified impact by triggering failure of a policy check. 

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 
1.0.0f does not properly initialize data structures for block cipher 
padding, which might allow remote attackers to obtain sensitive 
information by decrypting the padding data sent by an SSL peer. 

The Server Gated Cryptography (SGC) implementation in OpenSSL before 
0.9.8s and 1.x before 1.0.0f does not properly handle handshake 
restarts, which allows remote attackers to cause a denial of service 
via unspecified vectors. 

OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, 
which allows remote attackers to cause a denial of service via 
unspecified vectors. NOTE: this vulnerability exists because of an 
incorrect fix for CVE-2011-4108. 

Please see the following for more information:

https://vulners.com/cve/CVE-2011-4108
https://vulners.com/cve/CVE-2011-4109
https://vulners.com/cve/CVE-2011-4576
https://vulners.com/cve/CVE-2011-4619
https://vulners.com/cve/CVE-2012-0050

II. PLATFORM VULNERABILITY ASSESSMENT

To determine if your system is vulnerable, execute the following
command:

lslpp -L openssl.base

On VIO Server:

oem_setup_env
lslpp -L openssl.base

The following fileset levels are vulnerable:

AIX 7.1, 6.1, 5.3: all versions less than or equal 0.9.8.1800

| AIX 7.1, 6.1, 5.3: FIPS capable versions less than or equal 12.9.8.1800
AIX 5.2: all versions less than or equal 0.9.8.808
| VIOS 2.X, 1.5.2: all versions less than or equal 0.9.8.1800

IMPORTANT: If AIX OpenSSH is in use, it must be updated to version
OpenSSH 5.0 or later, depending on the OpenSSL version according to
following compatibility matrix:

AIX              OpenSSL                    OpenSSH
------------------------------------------------------------------
5.2              OpenSSL 0.9.8.80x          OpenSSH 5.0
5.3,6.1,7.1      OpenSSL 0.9.8.18xx         OpenSSH 5.8.0.61xx
5.3,6.1,7.1      OpenSSL-fips 12.9.8.18xx   OpenSSH 5.8.0.61xx

VIOS OpenSSL OpenSSH
2.X,1.5.2 OpenSSL 0.9.8.18x OpenSSH 5.8.0.61xx

AIX OpenSSH can be downloaded from:

OpenSSH 5.0:
http://sourceforge.net/projects/openssh-aix
OpenSSH 5.8.0.61xx
https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp

III. FIXES

A fix is available, and it can be downloaded from:

https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp

To extract the fixes from the tar file:

zcat openssl.0.9.8.1801.tar.Z | tar xvf -
or
zcat openssl-fips.12.9.8.1801.tar.Z | tar xvf -
or
zcat openssl.0.9.8.809.tar.Z | tar xvf -

IMPORTANT: If possible, it is recommended that a mksysb backup
of the system be created.  Verify it is both bootable and
readable before proceeding.

To preview the fix installation:

installp -apYd . openssl

To install the fix package:

installp -aXYd . openssl

IV. WORKAROUNDS

There are no workarounds.

V. CONTACT INFORMATION

If you would like to receive AIX Security Advisories via email,
please visit:

    http://www.ibm.com/systems/support

and click on the "My notifications" link.

To view previously issued advisories, please visit:

    http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd

Comments regarding the content of this announcement can be
directed to:

    [email protected]

To obtain the PGP public key that can be used to communicate
securely with the AIX Security Team you can either:

    A. Send an email with "get key" in the subject line to:

        [email protected]

    B. Download the key from our web page:

http://www.ibm.com/systems/resources/systems_p_os_aix_security_pgpkey.txt

    C. Download the key from a PGP Public Key Server. The key ID is:

    0x28BFAA12

Please contact your local IBM AIX support center for any
assistance.

eServer is a trademark of International Business Machines
Corporation.  IBM, AIX and pSeries are registered trademarks of
International Business Machines Corporation.  All other trademarks
are property of their respective holders.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (AIX)

iD8DBQFPzjky4fmd+Ci/qhIRAkaeAJ0blLzpoOJFKL6imKaREA/ZgB8hZQCgmjsm
EVo11PKqS3djvRCmgvJPiaY=
=zvSX
-----END PGP SIGNATURE-----