Bug 479655 (CVE-2009-0125)

Summary: CVE-2009-0125 libnasl: OpenSSL incorrect checks for malformed signatures
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: andreas.bierfert
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511517
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-22 08:33:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Jan Lieskovsky 2009-01-12 11:34:22 UTC
The library routines package for NASL (the scripting language designed for the Nessus security scanner) incorrectly checked the result after
calling the DSA_do_verify function, allowing a malformed signature
to be treated as a good signature rather than as an error.  This issue
affected the signature checks on DSA keys used with SSL/TLS.

Relevant part of the code (nasl/nasl_crypto2.c):
647   if (DSA_do_verify((unsigned char*)data, datalen, sig, dsa))
648      retc->x.i_val = 1;

Proposed patch:
- if (DSA_do_verify((unsigned char*)data, datalen, sig, dsa))
+ if (DSA_do_verify((unsigned char*)data, datalen, sig, dsa) == 1)


This issue is related with recent OpenSSL's CVE-2008-5077 flaw.

Comment 1 Jan Lieskovsky 2009-01-12 11:35:13 UTC
This issue affects all versions of the libnasl package, as shipped
with Fedora releases of 9, 10 and devel.

Please fix.

Comment 2 Jan Lieskovsky 2009-01-16 14:11:51 UTC
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-0125 to
the following vulnerability:

nasl/nasl_crypto2.c in the Nessus Attack Scripting Language library
(aka libnasl) 2.2.11 does not properly check the return value from the
OpenSSL DSA_do_verify function, which allows remote attackers to
bypass validation of the certificate chain via a malformed SSL/TLS
signature, a similar vulnerability to CVE-2008-5077.


Comment 3 Tomas Hoger 2009-01-22 08:33:35 UTC
Nessus upstream authors disputed this as a security issue:

So while this is a bug, it's not considered security issue upstream.

Comment 4 Fedora Update System 2009-01-24 02:37:58 UTC
libnasl-2.2.11-3.fc10, nessus-core-2.2.11-1.fc10, nessus-libraries-2.2.11-1.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 5 Fedora Update System 2009-01-24 02:41:13 UTC
libnasl-2.2.11-3.fc9, nessus-core-2.2.11-1.fc9, nessus-libraries-2.2.11-1.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.