Description of problem: The following weakness: [1] http://osvdb.org/show/osvdb/71845 has been reported against openssl versions < v1.0.0, when compiled in FIPS mode. As noted in 'Technical section' of [1]: "By itself, this bug is not sufficient to set up a Man-in-The-Middle (MiTM) attack, as it would require SSL implementation flaws to affect one of the clients connecting to the remote host. This bug is only present when OpenSSL is compiled in "FIPS" mode." As noted above, this issue is not a security flaw, but may be reported by some security scanners as false positive. Removing the DH_check_pub_key() call from DH_compute_key() function would solve the false indication problem and would not break the FIPS compatibility (DH algorithm is supported by not approved, so it is not a part of algorithm validation process). Version-Release number of selected component (if applicable): openssl-0.9.8e-12.el5_5.7 How reproducible: Always Steps to Reproduce: 1. Download the Nessus security scanner and let it scan above openssl version against openssl FIPS DH weakness issue. Actual results: openssl is recognized as being vulnerable to this weakness. Expected results: openssl not being recognized as vulnerable to this weakness. Additional info: http://attrition.org/pipermail/vim/2011-April/002511.html http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf https://discussions.nessus.org/message/10302#10302
(In reply to comment #0) > Removing the DH_check_pub_key() call from DH_compute_key() function > would solve the false indication problem and would not break the > FIPS compatibility (DH algorithm is supported by not approved, so > it is not a part of algorithm validation process). s/Removing/Adding back/ here.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-1010.html