Bug 206940 - CVE-2006-3738 OpenSSL issues (CVE-2006-4343)
CVE-2006-3738 OpenSSL issues (CVE-2006-4343)
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: openssl (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Brian Brock
reported=20060828,public=20060928,sou...
: Security
Depends On:
Blocks: 209116 CVE-2006-3738
  Show dependency treegraph
 
Reported: 2006-09-18 06:51 EDT by Mark J. Cox (Product Security)
Modified: 2008-01-29 05:57 EST (History)
1 user (show)

See Also:
Fixed In Version: RHSA-2006-0695
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-09-28 20:05:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Proposed patch CVE-2006-4343 (784 bytes, patch)
2006-09-18 06:51 EDT, Mark J. Cox (Product Security)
no flags Details | Diff
Proposed patch CVE-2006-3738 (1.18 KB, patch)
2006-09-18 06:53 EDT, Mark J. Cox (Product Security)
no flags Details | Diff

  None (edit)
Description Mark J. Cox (Product Security) 2006-09-18 06:51:31 EDT
Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer 
overflow in SSL_get_shared_ciphers utility function, used by some 
applications such as exim and mysql.  An attacker could send a list of 
ciphers that would overrun a buffer CVE-2006-3738

Tavis Ormandy and Will Drewry of the Google Security Team discovered a 
possible DoS in the sslv2 client code.  Where a client application uses 
OpenSSL to make a SSLv2 connection to a malicious server that server 
could cause the client to crash.  CVE-2006-4343

EMBARGO until 20060928
Comment 1 Mark J. Cox (Product Security) 2006-09-18 06:51:32 EDT
Created attachment 136527 [details]
Proposed patch CVE-2006-4343
Comment 2 Mark J. Cox (Product Security) 2006-09-18 06:53:44 EDT
Created attachment 136528 [details]
Proposed patch CVE-2006-3738
Comment 5 Mark J. Cox (Product Security) 2006-09-28 09:26:44 EDT
removing embargo, public at http://www.openssl.org/news/secadv_20060928.txt
Comment 6 Red Hat Bugzilla 2006-09-28 20:05:31 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0695.html

Note You need to log in before you can comment on or make changes to this bug.