Bug 117770 - CAN-2004-0079/0081/0112 Flaws in OpenSSL
CAN-2004-0079/0081/0112 Flaws in OpenSSL
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: openssl (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Brian Brock
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-03-08 07:45 EST by Mark J. Cox (Product Security)
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-03-17 08:53:02 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mark J. Cox (Product Security) 2004-03-08 07:45:10 EST
Testing performed by the OpenSSL group using the Codenomicon
TLS Test Tool uncovered a null-pointer assignment in the
do_change_cipher_spec() function in OpenSSL 0.9.6c-0.9.6k and
0.9.7a-0.9.7c.  A remote attacker could perform a carefully
crafted SSL/TLS handshake against a server that used the
OpenSSL library in such a way as to cause OpenSSL to crash.
Depending on the application this could lead to a denial of
service.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0079 to this
issue.

        CAN-2004-0079 Affects: 3AS 3ES 3WS

Stephen Henson discovered a flaw in SSL/TLS handshaking code
when using Kerberos ciphersuites in OpenSSL 0.9.7a-0.9.7c.  A
remote attacker could perform a carefully crafted SSL/TLS
handshake against a server configured to use Kerberos
ciphersuites in such a way as to cause OpenSSL to crash.  Most
applications have no ability to use Kerberos ciphersuites and
will therefore be unaffected by this issue.  The Common
Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0112 to this issue.

        CAN-2004-0112 Affects: 3AS 3ES 3WS

Testing performed by the OpenSSL group using the Codenomicon
TLS Test Tool uncovered a bug in older versions of OpenSSL
0.9.6 prior to 0.9.6d that can lead to a Denial of Service
attack (infinite loop).  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0081 to this issue.

        CAN-2004-0081 Affects: 2.1AS 2.1AW 2.1ES 2.1WS (+095a)
        CAN-2004-0081 Affects: 3AS 3ES 3WS (096b packages)

Notified by NISCC
Embargoed until March 17th 1400UTC
Comment 1 Mark J. Cox (Product Security) 2004-03-17 08:53:02 EST
An errata has been issued which should help the problem described in this bug report. 
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen 
this bug report if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-120.html
Comment 2 Mark J. Cox (Product Security) 2004-03-17 08:54:47 EST
removing embargo

Note You need to log in before you can comment on or make changes to this bug.