Bug 660650 (CVE-2008-7270) - CVE-2008-7270 openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG downgrade-to-disabled ciphersuite attack
Summary: CVE-2008-7270 openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG downgrade-to-disabled...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2008-7270
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 659763 659764 659771 659775
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-12-07 13:47 UTC by Tomas Hoger
Modified: 2019-09-29 12:41 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-05-02 16:58:27 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2010:0977 0 normal SHIPPED_LIVE Moderate: openssl security update 2010-12-13 18:14:58 UTC
Red Hat Product Errata RHSA-2010:0978 0 normal SHIPPED_LIVE Moderate: openssl security update 2010-12-13 18:35:43 UTC
Red Hat Product Errata RHSA-2011:0896 0 normal SHIPPED_LIVE Moderate: JBoss Enterprise Web Server 1.0.2 update 2011-06-22 23:16:28 UTC

Description Tomas Hoger 2010-12-07 13:47:51 UTC
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-7270  to
the following vulnerability:

OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of a disabled cipher via vectors involving sniffing network traffic to discover a session identifier, a different vulnerability than CVE-2010-4180.

References:
http://cvs.openssl.org/chngview?cn=17489
https://bugzilla.redhat.com/show_bug.cgi?id=659462

Comment 1 Tomas Hoger 2010-12-07 13:53:17 UTC
(In reply to comment #0)
> a different vulnerability than CVE-2010-4180.

While CVE description lists these vulnerabilities as different, they are related.  The use of SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG gives an attacker possibility to changed ciphersuite in the stored session (CVE-2010-4180).  The impact of that flaw is greater in pre-0.9.8j versions, as session ciphersuite can be changed to one of those that are not enabled on the server side (CVE-2008-7270).  See bug #659462, comment #0 for the details.

Comment 2 errata-xmlrpc 2010-12-13 18:15:22 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4

Via RHSA-2010:0977 https://rhn.redhat.com/errata/RHSA-2010-0977.html

Comment 3 errata-xmlrpc 2010-12-13 18:35:53 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2010:0978 https://rhn.redhat.com/errata/RHSA-2010-0978.html

Comment 4 errata-xmlrpc 2011-06-22 23:16:56 UTC
This issue has been addressed in following products:

  JBoss Enterprise Web Server 1.0

Via RHSA-2011:0896 https://rhn.redhat.com/errata/RHSA-2011-0896.html


Note You need to log in before you can comment on or make changes to this bug.