OpenSSL ASN.1 Parsing Vulnerabilities
TITLE: OpenSSL ASN.1 Parsing Vulnerabilities
CLASS: Unknown
CVE: CAN-2003-0543
CAN-2003-0544
CAN-2003-054
LOCAL: No
PUBLISHED: Sep 30 2003 12:00AM
UPDATE: Sep 30 2003 12:00AM
CREDIT: Discovery is credited to NISCC and Stephen Henson.
VULNERABLE:
VMWare GSX Server 2.5.1 build 5336NOT VULNERABLE:
VMWare ESX Server 2.0 build 5257
VMWare ESX Server 1.5.2
Tarantella Enterprise 3 3.30
Tarantella Enterprise 3 3.20 0
Tarantella Enterprise 3 3.11
Tarantella Enterprise 3 3.10
Tarantella Enterprise 3 3.0 1
Tarantella Enterprise 3 3.0
Sun Solaris 9.0 _x86
Sun Solaris 9.0
Sun ONE Web Server 6.0 SP6
Sun ONE Web Server 6.0 SP5
Sun ONE Web Server 6.0 SP4
Sun ONE Web Server 6.0 SP3
Sun ONE Web Server 6.0 SP2
Sun ONE Web Server 6.0 SP1
Sun ONE Web Server 6.0
Sun ONE Web Server 4.1 SP9
Sun ONE Web Server 4.1 SP8
Sun ONE Web Server 4.1 SP7
Sun ONE Web Server 4.1 SP6
Sun ONE Web Server 4.1 SP5
Sun ONE Web Server 4.1 SP5
Sun ONE Web Server 4.1 SP4
Sun ONE Web Server 4.1 SP3
Sun ONE Web Server 4.1 SP2
Sun ONE Web Server 4.1 SP14
Sun ONE Web Server 4.1 SP13
Sun ONE Web Server 4.1 SP12
Sun ONE Web Server 4.1 SP11
Sun ONE Web Server 4.1 SP10
Sun ONE Web Server 4.1 SP1
Sun ONE Directory Server 5.1 x86
Sun ONE Directory Server 5.1 SP2
Sun ONE Directory Server 5.1 SP1
Sun ONE Directory Server 5.1
Sun ONE Application Server 7.0 UR2 Standard Edition
Sun ONE Application Server 7.0 UR2 Platform Edition
Sun ONE Application Server 7.0 UR1 Standard Edition
Sun ONE Application Server 7.0 UR1 Platform Edition
Sun ONE Application Server 7.0 Standard Edition
Sun ONE Application Server 7.0 Platform Edition
Sun Java System Web Server 6.1
Sun Grid Engine 5.3 x86
Sun Grid Engine 5.3 Sun Linux
Sun Grid Engine 5.3 64-bit SPARC
Sun Grid Engine 5.3 32-bit SPARC
Sun Cluster 3.1
Sun Cluster 3.0
Stonesoft StoneGate 2.2.1
Stonesoft StoneGate 2.2
Stonesoft StoneGate 2.1
Stonesoft StoneGate 2.0.9
Stonesoft StoneGate 2.0.8
Stonesoft StoneGate 2.0.7
Stonesoft StoneGate 2.0.6
Stonesoft StoneGate 2.0.5
Stonesoft StoneGate 2.0.4
Stonesoft StoneGate 2.0.1
Stonesoft StoneGate 1.7.2
Stonesoft StoneGate 1.7.1
Stonesoft StoneGate 1.7
Stonesoft StoneGate 1.6.3
Stonesoft StoneGate 1.6.2
Stonesoft StoneGate 1.5.18
Stonesoft StoneGate 1.5.17
Stonesoft StoneBeat WebCluster 2.5
Stonesoft StoneBeat WebCluster 2.0
Stonesoft StoneBeat SecurityCluster 2.5
Stonesoft StoneBeat SecurityCluster 2.0
Stonesoft StoneBeat High Availability 3.1
Stonesoft StoneBeat FullCluster for Raptor 2.5
Stonesoft StoneBeat FullCluster for Raptor 2.0
Stonesoft StoneBeat FullCluster for ISA Server 3.0
Stonesoft StoneBeat FullCluster for Gauntlet 2.0
Stonesoft StoneBeat FullCluster for Firewall-1 3.0
Stonesoft StoneBeat FullCluster for Firewall-1 2.0
SSLeay SSLeay 0.9.1
SSLeay SSLeay 0.9
SSLeay SSLeay 0.8.1
SSLeay SSLeay 0.6.6
SSH Communications Security SSH2 3.2.5
SSH Communications Security SSH2 3.2.4
SSH Communications Security SSH2 3.2.3
SSH Communications Security SSH2 3.2.2
SSH Communications Security SSH2 3.2.1
SSH Communications Security SSH2 3.2
SSH Communications Security SSH2 3.1.8
SSH Communications Security SSH2 3.1.7
SSH Communications Security SSH2 3.1.6
SSH Communications Security SSH2 3.1.5
SSH Communications Security SSH2 3.1.4
SSH Communications Security SSH2 3.1.3
SSH Communications Security SSH2 3.1.2
SSH Communications Security SSH2 3.1.1
SSH Communications Security SSH2 3.1
SSH Communications Security SSH Sentinel 1.4
SSH Communications Security IPSEC Express Toolkit
Snapgear Snapgear OS 1.8.4
SmoothWall GPL 1.0
SmoothWall Express 2.0 beta
SGI ProPack 2.3
SGI ProPack 2.2.1
SGI IRIX 6.5.22
SGI IRIX 6.5.21 m
SGI IRIX 6.5.21 f
SGI IRIX 6.5.21
SGI IRIX 6.5.20 m
SGI IRIX 6.5.20 f
SGI IRIX 6.5.20
SGI IRIX 6.5.19 m
SGI IRIX 6.5.19 f
SGI IRIX 6.5.19
SCO Open Server 5.0.7
SCO Open Server 5.0.6
SCO Open Server 5.0.5
Oracle Oracle9i Standard Edition 9.2
Oracle Oracle9i Standard Edition 9.0.1
Oracle Oracle9i Standard Edition 8.1.7
Oracle Oracle9i Personal Edition 9.2
Oracle Oracle9i Personal Edition 9.0.1
Oracle Oracle9i Personal Edition 8.1.7
Oracle Oracle9i Enterprise Edition 9.2 .0
Oracle Oracle9i Enterprise Edition 9.0.1
Oracle Oracle9i Enterprise Edition 8.1.7
Oracle Oracle9i Application Server 9.0.3
Oracle Oracle9i Application Server 9.0.2
Oracle Oracle9i Application Server 1.0.2 .2
Oracle Oracle9i Application Server 1.0.2 .1s
Oracle Oracle HTTP Server 9.2 .0
Oracle Oracle HTTP Server 9.0.1
Oracle Oracle HTTP Server 8.1.7
OpenSSL Project OpenSSL 0.9.7 beta3
OpenSSL Project OpenSSL 0.9.7 beta2
OpenSSL Project OpenSSL 0.9.7 beta1
OpenSSL Project OpenSSL 0.9.7 b
OpenSSL Project OpenSSL 0.9.7 a
OpenSSL Project OpenSSL 0.9.7
OpenSSL Project OpenSSL 0.9.6 j
OpenSSL Project OpenSSL 0.9.6 i
OpenSSL Project OpenSSL 0.9.6 h
OpenSSL Project OpenSSL 0.9.6 g
OpenSSL Project OpenSSL 0.9.6 e
OpenSSL Project OpenSSL 0.9.6 d
OpenSSL Project OpenSSL 0.9.6 c
OpenSSL Project OpenSSL 0.9.6 b
OpenSSL Project OpenSSL 0.9.6 a
OpenSSL Project OpenSSL 0.9.6
OpenSSL Project OpenSSL 0.9.5 a
OpenBSD OpenBSD 3.4
OpenBSD OpenBSD 3.3
OpenBSD OpenBSD 3.2
OpenBSD OpenBSD 3.1
Novell Nsure Audit 1.0.1
Novell Netware 6.5
Novell Netware 6.0
Novell Netware 5.1
Novell NetMail 3.10 e
Novell NetMail 3.10 d
Novell NetMail 3.10 c
Novell NetMail 3.10 b
Novell NetMail 3.10 a
Novell NetMail 3.10
Novell NetMail 3.1
Novell NetMail 3.0.3 b
Novell NetMail 3.0.3 a
Novell NetMail 3.0.3
Novell NetMail 3.0.1
Novell International Cryptographic Infostructure (NICI) 2.6.1
Novell iManager 2.0.2
Novell iManager 2.0
Novell iManager 1.5
Novell iChain Server 2.2 SP1
Novell iChain Server 2.2 FP1a
Novell iChain Server 2.2 FP1
Novell iChain Server 2.2
Novell GroupWise WebAccess 6.5 SP2
Novell GroupWise WebAccess 6.5 SP1
Novell GroupWise WebAccess 6.5
Novell GroupWise WebAccess 6.0 SP4
Novell GroupWise Internet Agent 6.5.1
Novell Groupwise 6.5 SP2
Novell Groupwise 6.0 SP4
Novell eDirectory 8.7.1 SU1
Novell eDirectory 8.7.1
Novell eDirectory 8.7
Novell eDirectory 8.6.2
Novell eDirectory 8.5.27
Novell eDirectory 8.5.12 a
Novell eDirectory 8.5
Novell eDirectory 8.0
Novell BorderManager 3.8
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Linux Mandrake 9.2
MandrakeSoft Linux Mandrake 9.1 ppc
MandrakeSoft Linux Mandrake 9.1
MandrakeSoft Linux Mandrake 9.0
MandrakeSoft Linux Mandrake 8.2
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Juniper Networks T-series Router T640
Juniper Networks T-series Router T320
Juniper Networks SDX-300 3.1.1
Juniper Networks SDX-300 3.1
Juniper Networks M-series Router M5
Juniper Networks M-series Router M40e
Juniper Networks M-series Router M40
Juniper Networks M-series Router M20
Juniper Networks M-series Router M160
Juniper Networks M-series Router M10
Ingate SIParator 3.2.1
Ingate SIParator 3.2
Ingate Firewall 3.2.1
Ingate Firewall 3.2
IBM HTTP Server 2.0.47
IBM HTTP Server 2.0.42 .2
IBM HTTP Server 2.0.42
IBM HTTP Server 1.3.28
IBM HTTP Server 1.3.26
IBM HTTP Server 1.3.19
IBM HTTP Server 1.3.12 .4
IBM HTTP Server 1.3.12 .3
IBM HTTP Server 1.3.12 .2
HP HP-UX AAA Server A.06.01.02
HP HP-UX 11.23
HP HP-UX 11.22
HP HP-UX 11.20
HP HP-UX 11.11
HP HP-UX 11.0
HP HP WBEM Services for HP-UX A.01.05.05
F5 ISMan
F5 FirePass
F5 BigIP 4.5
F5 BigIP 4.4
F5 BigIP 4.3
F5 BigIP 4.2
F5 BigIP 2.1
F5 BigIP 2.0
F5 3-DNS 4.5
F5 3-DNS 4.4
F5 3-DNS 4.3
F5 3-DNS 4.2
F-Secure SSH 5.3 For Windows
F-Secure SSH 5.2 For Windows
F-Secure SSH 5.1 For Windows
F-Secure SSH 3.2.3 For UNIX
F-Secure SSH 3.2 .0 For UNIX
F-Secure SSH 3.1 .0 For UNIX
F-Secure SSH 3.1 .0
F-Secure SSH 3.0.1 For UNIX
Cray Cray Open Software 3.4
Computer Associates eTrust Security Command Center 1.0
Cisco Threat Response
Cisco SN 5428 Storage Router SN5428-3.3.2-K9
Cisco SN 5428 Storage Router SN5428-3.3.1-K9
Cisco SN 5428 Storage Router SN5428-3.2.2-K9
Cisco SN 5428 Storage Router SN5428-3.2.1-K9
Cisco SN 5428 Storage Router SN5428-2.5.1-K9
Cisco SN 5428 Storage Router SN5428-2-3.3.2-K9
Cisco SN 5428 Storage Router SN5428-2-3.3.1-K9
Cisco SIP Proxy Server
Cisco Secure Policy Manager 3.0.1
Cisco PIX Firewall 520
Cisco PIX Firewall 515
Cisco Network Analysis Modules
Cisco IOS 12.2 SY
Cisco IOS 12.2 SX
Cisco IOS 12.1 (19)E
Cisco IOS 12.1 (13.4)E
Cisco IOS 12.1 (11b)E
Cisco IOS 12.1 (11)E
Cisco GSS 4480 Global Site Selector
Cisco Firewall Services Module
Cisco CSS11000 Content Services Switch
Cisco CSS Secure Content Accelerator 2.0
Cisco CSS Secure Content Accelerator 1.0
Cisco CiscoWorks Common Services 2.2
Cisco CiscoWorks 1105 Wireless LAN Solution Engine
Cisco CiscoWorks 1105 Hosting Solution Engine
Cisco Application & Content Networking Software
Check Point Software VPN-1 4.1 SP4
Check Point Software VPN-1 4.1 SP3
Check Point Software VPN-1 4.1 SP2
Check Point Software VPN-1 4.1 SP1
Check Point Software VPN-1 4.1
Check Point Software Providor-1 4.1 SP4
Check Point Software Providor-1 4.1 SP3
Check Point Software Providor-1 4.1 SP2
Check Point Software Providor-1 4.1 SP1
Check Point Software Providor-1 4.1
Check Point Software Next Generation FP3 HF2
Check Point Software Next Generation FP3 HF1
Check Point Software Next Generation FP3
Check Point Software Next Generation FP2
Check Point Software Next Generation FP1
Check Point Software Next Generation
Check Point Software Firewall-1 4.1 SP6
Check Point Software Firewall-1 4.1 SP5
Check Point Software Firewall-1 4.1 SP4
Check Point Software Firewall-1 4.1 SP3
Check Point Software Firewall-1 4.1 SP2
Check Point Software Firewall-1 4.1 SP1
Check Point Software Firewall-1 4.1
Check Point Software Firewall-1 4.0 SP8
Check Point Software Firewall-1 4.0 SP7
Check Point Software Firewall-1 4.0 SP6
Check Point Software Firewall-1 4.0 SP5
Check Point Software Firewall-1 4.0 SP4
Check Point Software Firewall-1 4.0 SP3
Check Point Software Firewall-1 4.0 SP2
Check Point Software Firewall-1 4.0 SP1
Check Point Software Firewall-1 4.0
Check Point Software Firewall-1 3.0
BorderWare Firewall Server 7.0
BlueCoat Systems Security Gateway OS 3.0
BlueCoat Systems Security Gateway OS 2.0
BlueCoat Systems CacheOS CA/SA 4.1.10
Apple Mac OS X Server 10.2.7
Apple Mac OS X Server 10.2.6
Apple Mac OS X Server 10.2.5
Apple Mac OS X Server 10.2.4
Apple Mac OS X Server 10.2.3
Apple Mac OS X Server 10.2.2
Apple Mac OS X Server 10.2.1
Apple Mac OS X Server 10.2
Apple Mac OS X 10.2.7
Apple Mac OS X 10.2.6
Apple Mac OS X 10.2.5
Apple Mac OS X 10.2.4
Apple Mac OS X 10.2.3
Apple Mac OS X 10.2.2
Apple Mac OS X 10.2.1
Apple Mac OS X 10.2
Tarantella Enterprise 3 3.40
Sun Solaris 8.0 _x86
Sun Solaris 8.0
Sun Solaris 7.0 _x86
Sun Solaris 7.0
Sun ONE Web Server 6.0 SP7
Sun ONE Web Server 4.1 SP14
Sun ONE Directory Server 5.1 SP3
Sun ONE Application Server 7.0 UR2 Upgrade Standard
Sun ONE Application Server 7.0 UR2 Upgrade Platform
Sun Java System Web Server 6.1 SP1
Sun Cluster 2.2
Sun Cluster 2.1
SSH Communications Security SSH2 3.2.9
SSH Communications Security SSH Sentinel 1.4.1
Snapgear Snapgear OS 1.8.5
OpenSSL Project OpenSSL 0.9.7 c
OpenSSL Project OpenSSL 0.9.6 k
Novell Nsure Audit 1.0.3
Novell Nsure Audit 1.0.2
Novell NetMail 3.1 f
Novell iManager 2.5
Novell eDirectory 8.7.1 SU1
Ingate SIParator 3.3.1
Ingate Firewall 3.3.1
HP HP-UX AAA Server A.06.01.02.04
HP HP WBEM Services for HP-UX A.01.05.07
Apple Mac OS X Server 10.2.8
Apple Mac OS X 10.2.8
Vai alla pagina originale su Security Focus
Discussion
Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. These issues could be exploited to cause a denial of service or to execute arbitrary code.
Exploit
The following proof-of-concept brute force exploit has been supplied by Bram Matthys (Syzop):
Solution
Solution:
It is reported that certain versions of Computer Associates eTrust Security Command Center are prone to this vulnerability. Customers are advised to contact the vendor for further information pertaining to obtaining and applying appropriate updates.
Novell has released a technical information document (TID10087450) and Security Update 5 to address this issue in Novell eDirectory. Security Update 5 superceeds Security Update 1, 2, 3 and 4. This security update (secupd5.tgz) can be obtained by searching for 'secupd*' at the following site:
http://support.novell.com/filefinder
The OpenSSL Project has released OpenSSL versions 0.9.6k and 0.9.7c to address these issues. Any applications that are dynamically linked to OpenSSL libraries should be restarted after applying fixes. Applications that are statically linked to OpenSSL libraries should be recompiled after upgrading OpenSSL.
Novell has released a technical information document (TID2968981) and Security Update 4 to address this issue in Novell eDirectory and iManager. Security Update 4 superceeds Security Update 1, 2 and 3. This security update (secupd4.tgz) can be obtained by searching for 'secupd*' at the following site:
http://support.novell.com/filefinder
IBM has released APARS to address these issues in IBM HTTP server. Customers are advised to apply an appropriate APAR as soon as possible. Please see the referenced advisory (MSS-OAR-E01-2004.0422.1), for further details regarding obtaining and applying an appropriate APAR. APARS are linked below.
Sun has released advisory 57475 with patches to address this issue in Sun Cluster. Please see referenced advisory for further details regard obtaining and applying an appropriate patch, patches are linked below.
Ingate have released upgrades to address this issue in Ingate Firewall and SIParator products. See the referenced release notice for further details (Release notice for Ingate Firewall 3.3.1 and Ingate SIParator 3.3.1).
Novell has released a revised technical information document (TID10087450) to address this issue in Novell eDirectory. If users have already applied Security Update 1, they do not need to apply Security Update 2. Novell have reported that all versions of eDirectory prior to version 8.7.3 on all platforms are affected by this vulnerability. A security update (secupd2.tgz) has been released, this file can be obtained by searching for 'secupd*' at the following site:
http://support.novell.com/filefinder
(Unix Platform) Novell have advised that eDirectory 8.0, 8.5 and 8.6.2 customers upgrade to eDirectory version 8.7.1 and then apply the Security Update 2 patch (secupd1.tgz). eDirectory 8.7.1 customers are advised to apply the Security Update 2 patch without an upgrade.
(Windows Platform) Novell have advised that eDirectory 8.0 and 8.5 customers upgrade to eDirectory version 8.7.1 and then apply the Security Update 2 patch (secupd1.tgz). eDirectory 8.6.2, and 8.7.1 customers are advised to apply the Security Update 2 patch without an upgrade.
(Netware Platform) Novell have advised that eDirectory 8.5 and 8.7.0 customers upgrade to eDirectory version 8.7.1 and then apply the Security Update 2 patch (secupd1.tgz). eDirectory 8.x (NDS 8), 8.6.2 and 8.7.1 customers are advised to apply the Security Update 2 patch.
Novell has released a revised technical information document (TID10087450) to address this issue in Novell products. Novell have reported that the Novell International Cryptograpic Infostructure (NICI) product is affected by this vulnerability. A security update has been released; this file can be obtained by searching by 'Product' for 'Novell International Cryptographic Infostructure' at the following site:
http://www.novell.com/download
See referenced technical information document for further details.
Sun has released an alert notification (57444) announcing that Sun Grid Engine software is also affected by these vulnerabilities. Patches have been released to address this issue, please see advisory for further details. Patches are linked below.
Cisco has released a security advisory containing further details about affected platforms and fixed versions. See referenced advisory for additional information on currently available and forthcoming fixes.
HP has released a revision 2 of advisory (HPSBUX0310-284). Users who are running affected versions of HP-UX B.11.00, B.11.11, B.11.20, B.11.22, and B.11.23 are advised to install the relevant updated HP Apache software product bundles from the following location:
http://software.hp.com
Red Hat has released advisories (RHSA-2003:291-01, RHSA-2003:292-01) to address these issues. Fixes may be applied with the Red Hat Update Agent. Manual fixes are also listed in the attached advisories.
OpenPKG has released advisory OpenPKG-SA-2003.044 to address these issues. Please see the attached advisory for details on obtaining and applying fixes.
Apple has addressed these issues in MacOS X 10.2.8.
Immunix has released an advisory (IMNX-2003-7+-022-01) to address these issues. Please see the attached advisory for details on obtaining and applying fixes.
Guardian Digital has released an advisory (ESA-20030930-027) for EnGarde Secure Linux. Updates included in the advisory can be obtained using the Guardian Digital WebTool. Further details are provided in the attached advisory.
SSH Communications Security SSH Sentinel is affected by these issues. An updated version has been released to remedy the issues. Stonesoft, who license SSH IPSec Toolkit from SSH Communications Security is also prone to this issue and is included in StoneGate products. SSH Communications Security Secure Shell 3.2.9 has also been released to address these issues.
SGI has released advisory 20030904-01-P with fixes to address these issues. SGI has also released an updated advisory 20030904-02-P that includes patches with a more explicit version number to help to differentiate between fixed versions.
Conectiva has released an advisory (CLA-2003:751) that addresses these issues. Please see the attached advisory for details on obtaining and applying fixes.
Cisco has released an updated security advisory with details concerning affected products and fixes. See referenced advisory for additional details.
Debian has released advisory DSA 393-1 to address these issues.
Mandrake has released an advisory (MDKSA-2003:098) to address these issues. Please see the attached advisory for details on obtaining and applying fixes.
Turbolinux has released an advisory (TLSA-2003-55) to address these issues. Please see the attached advisory for details on obtaining and applying fixes.
Gentoo has released updates for these issues. These updates can be applied with the following commands:
emerge sync
emerge openssl -p
emerge openssl
emerge clean
SuSE has released an advisory (SuSE-SA:2003:043) and fixes to address these issues. Please see the attached advisory for details on obtaining and applying fixes.
Novell has issued a response (NOVL-2003-10087450) to state that they are investigating the possibility of various SSL implementations included in Novell products being affected by these issues. The vendor will be releasing more information about affected products and will be issuing the appropriate fixes. Further information can be found in the attached advisory. TID2967175 was released to address this issue in Novell iChain. Information about obtaining and applying fixes can be found in the Technical Information Document. Additionally, Novell has released advisories TID2967208, TID2967209, and TID2967210 to address these issues in NetMail. TID2967399 and TID2967408 have been released to address these issues in GroupWise Internet Agent and GroupWise WebAccess respectively. TID10087450 has been released to address this issue in Novell eDirectory.
AppGate Network Security AB has announced that the default installation of AppGate is not prone to these issues, however, some non-default configurations may expose the issues. Users should contact the vendor for further information.
Cray Inc. ships vulnerable versions of OpenSSL in COS 3.4. Cray has released Spr 726919 to address these issues. Patches can be obtained from Cray.
F5 Networks has stated that their BIG-IP, 3-DNS, ISMan and Firepass products are vulnerable. They will be releasing patches for these issues, which will be available to customers through F5 support channels.
IBM has stated that AIX Toolbox for Linux ships with a vulnerable version of OpenSSL. Patches are pending.
Ingrian Networks have stated that they are investigating these issues and will be releasing a security advisory for affected products.
Juniper Networks ships a number of products that are vulnerable. JUNOS versions and SDX software versions built on or after October 2, 2003 are not prone to these issues. Customers can obtain upgrades via the Juniper Networks Technical Assistance Center (JTAC).
Openwall GNU/*/Linux is prone to the issues specific to OpenSSL 0.9.6 releases. The Owl-current release, as of 2003/10/01, is not prone to this issue due to an upgraded version of OpenSSL.
Stonesoft has released an advisory entitled "OpenSSL security bugs" that lists vulnerable products and contains information about pending fixes. These issues will reportedly be addressed with the releases of StoneGate engine version 2.2.2 and 2.0.11. StoneBeat clustering products are also pending vendor fix releases. SSH IPSec Toolkit ships with various StoneGate products and will also be addressed with the 2.2.2/2.0.11 release of the StoneGate engine.
Stunnel has released a statement indicating that their software may use vulnerable versions of OpenSSL, though is not directly affected by the issues. They have released updated OpenSSL DLLs which are available at the following location:
http://www.stunnel.org/download/stunnel/win32/openssl-0.9.7c/
Tawie Server Linux has released an advisory (2003-0001) to address this issue. Please see the referenced advisory for more information.
HP has released advisories and fixes for WBEM Services for HP-UX (HPSBUX0310-288) and HP-UX AAA Server (HPSBUX0310-286). HP has also released an advisory to address BIND (HPSBUX0310-290). Please see the attached advisories for specific details on obtaining and applying fixes. It should be noted that the HP-UX AAA Server bulletin was revised on October 23, 2003. This revision provides instructions on downloading new software depots to replace the previous updates, users should see the revised version of HPSBUX0310-286 for further details.
SCO has released an advisory (CSSA-2003-SCO.25) to address these issues. Further information about applying updates can be found in the attached advisory. SCO has also released CSSA-2003-SCO.29 to address these and other issues in gwxlibs components for OpenServer. Please see CSSA-2003-SCO.29 for more details on obtaining and applying fixes.
F-Secure has announced that specific versions of their software may be vulnerable. New builds have been released to address this issue. Users are advised to upgrade to the newest version as soon as possible. If this is not an option, users should upgrade to at least the following versions:
Server or Client for Unix: 3.2.3 build 14.
Server for Windows: 5.2 build 38
Client for Windows: 5.3 build 21
SmoothWall has released fixes to address this issue. Please see the referenced website for more information.
Blue Coat Systems has released an advisory to address this issue. Please see the referenced website for more information.
Sun Alert 57100 has been released by Sun Microsystems for affected Sun Linux systems. Sun has advised disabling applications that use an affected version of OpenSSL until a pending fix has been released.
A FreeBSD advisory and fixes have been released.
NetBSD has released an advisory 2003-017 to address this issue. Please see the referenced website for more information.
Debian has released a second advisory (DSA 394-1) that contains fixes to address this issue.
Red Hat has released advisory RHSA-2003:293-08 to address this issue in their Linux Enterprise software. Relevant patches are available through the Red Hat Network. See the referenced advisory for additional details.
SGI has released an advisory (20031002-01-U) pertaining to their ProPack Linux distribution. The advisory has been released in response to a number of RHSA advisories, and includes a patch (Patch 10027) containing updated RPM packages relating to 22 different BIDS.
Patch 10027 can be obtained via the following link:
http://support.sgi.com/
For information regarding how to obtain individual RPM packages included in Patch 10027, please see the attached advisory.
VMware has released fixes to address this issue. Please see the related web reference for more information. Specific information on how to apply fixes for affected ESX and GSX servers can be found at the following links:
http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1164
http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1167
OpenBSD has acknowledged this vulnerability and has issued a fix for OpenBSD 3.4. At the time of writing, the fix is not accessible.
Snapgear has released a pre-release (1.8.5) to address this issue.
Novell has released advisories 2967420, 2967421, 2967411, 2967425 and fixes to address this issue. Please see the related web references for more information.
Sun has released fixes for Sun Linux.
Oracle has released an advisory and patches to address this issue. User are advised to obtain patches from the Oracle metalink site listed in references.
Novell has released an advisory TID2967586 and fixes to address this issue. User are advised to obtain patches from the Oracle metalink site listed in references.
Tarantella has release version 3.40 to address this issue.
Sun has released a preliminary patch for Solaris 9 on the SPARC architecture as well as a patch for Solaris 9 on x86 to address this issue.
Novell has released two technical information documents (TID2968007 and TID10087450) to address these issues in Novell eDirectory.
HP has released a revision to advisory HPSBUX0310-290 (rev 1) outlining fixes for potential security issue in BIND. Please see the reference section for details.
Sun has released advisory 57475 with T-patches to address this issue in Sun Cluster.
Sun has released Sun Alert ID: 57498 to address this issue in Sun ONE server (now branded as Sun Java System servers). Please see the alert in web references for more information.
HP has issued revision 2 of advisory HPSBUX0310-290. This version includes BIND fixes for HP-UX B.11.23.
BorderWare has released patches dealing with this issue for their Firewall Server product. Please contact the vendor for more information and details on obtaining the patch.
HP has released revision 3 of advisory HPSBUX0310-290. This version includes BIND fixes for HP-UX B.11.00. Please see the referenced advisory for more information.
Sun has released an advisory (ID: 57599) to address this issue in Sun Java System Directory Server (formerly Sun ONE Directory Server). Please see the advisory in web references for more information.
Novell has released advisory TID10097379 regarding Novell Nsure Audit. Version 1.0.1 is vulnerable to this issue, and users are urged to upgrade to 1.0.2 or 1.0.3. Please see the referenced advisory for further information.
It is reported that Novell iManager 2.5 ships with version 0.9.7d of OpenSSL. Users of previous versions of iManager are urged to upgrade to this version to address these issues.
Fixes:
HP HP-UX AAA Server A.06.01.02
- HP HP-UX AAA Server A.06.01.02.04
ftp://acubed:Acubed1@hprc.external.hp.com/
OpenSSL Project OpenSSL 0.9.6 d
- OpenSSL Project OpenSSL 0.9.6k
http://www.openssl.org/source/ - Slackware openssl-0.9.6k-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/openssl-0.9.6k-i386-1.tgz - Slackware openssl-solibs-0.9.6k-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/openssl-solibs-0.9.6k-i386-1.tgz
OpenSSL Project OpenSSL 0.9.6 a
- Conectiva openssl-0.9.6a-3U70_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssl-0.9.6a-3U70_7cl.i386.rpm - Conectiva openssl-devel-0.9.6a-3U70_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssl-devel-0.9.6a-3U70_7cl.i386.rpm - Conectiva openssl-devel-static-0.9.6a-3U70_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssl-devel-static-0.9.6a-3U70_7cl.i386.rpm - Conectiva openssl-progs-0.9.6a-3U70_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssl-progs-0.9.6a-3U70_7cl.i386.rpm - OpenSSL Project OpenSSL 0.9.6k
http://www.openssl.org/source/ - S.u.S.E. openssl-0.9.6a-83.i386.rpm
Upgrade for Intel i386 Platform, SuSE-7.2.
ftp://ftp.suse.com/pub/suse/i386/update/7.2/sec1/openssl-0.9.6a-83.i386.rpm - S.u.S.E. openssl-devel-0.9.6a-83.i386.rpm
openssl-devel: Upgrade for Intel i386 Platform, SuSE-7.2.
ftp://ftp.suse.com/pub/suse/i386/update/7.2/d2/openssl-devel-0.9.6a-83.i386.rpm - S.u.S.E. openssl-doc-0.9.6a-83.i386.rpm
openssl-doc: Upgrade for Intel i386 Platform, SuSE-7.2.
ftp://ftp.suse.com/pub/suse/i386/update/7.2/doc3/openssl-doc-0.9.6a-83.i386.rpm
OpenSSL Project OpenSSL 0.9.7 beta1
- OpenSSL Project OpenSSL 0.9.7c
http://www.openssl.org/source/
OpenSSL Project OpenSSL 0.9.7 a
- Conectiva openssl-devel-0.9.7a-28910U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/openssl-devel-0.9.7a-28910U90_1cl.i386.rpm - Conectiva openssl-devel-static-0.9.7a-28910U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/openssl-devel-static-0.9.7a-28910U90_1cl.i386.rpm - Conectiva openssl-progs-0.9.7a-28910U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/openssl-progs-0.9.7a-28910U90_1cl.i386.rpm - Conectiva openssl0.9.7-0.9.7a-28910U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/openssl0.9.7-0.9.7a-28910U90_1cl.i386.rpm - OpenSSL Project OpenSSL 0.9.7c
http://www.openssl.org/source/ - Red Hat openssl-0.9.7a-20.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/openssl-0.9.7a-20.i386.rpm - Red Hat openssl-0.9.7a-20.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/openssl-0.9.7a-20.i686.rpm - Red Hat openssl-devel-0.9.7a-20.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/openssl-devel-0.9.7a-20.i386.rpm - Red Hat openssl-perl-0.9.7a-20.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/openssl-perl-0.9.7a-20.i386.rpm - Slackware openssl-0.9.7c-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/openssl-0.9.7c-i386-1.tgz - Slackware openssl-solibs-0.9.7c-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/openssl-solibs-0.9.7c-i386-1.tgz
SSH Communications Security SSH Sentinel 1.4
- SSH Communications Security SSH Sentinel 1.4.1
SSH Sentinel upgrade requires a valid license for SSH Sentinel 1.4.
http://ftp.ssh.com/priv/sentinel/9h86876tiu/SSHSentinel1.4.1.98_no_license.exe
Novell iManager 2.0
- Novell iManager 2.5
http://download.novell.com/Download?buildid=Hoj260Hi4k8~
IBM HTTP Server 2.0.42
Novell NetMail 3.0.1
- Novell netmail310f.exe
For Microsoft Windows
http://support.novell.com/servlet/filedownload/sec/pub/netmail310f.exe - Novell netmail310f.tgz
For Linux
http://support.novell.com/servlet/filedownload/sec/pub/netmail310f.tgz - Novell netmail310f.zip
For NetWare
http://support.novell.com/servlet/filedownload/sec/pub/netmail310f.zip
Novell NetMail 3.0.3 a
- Novell netmail310f.exe
For Microsoft Windows
http://support.novell.com/servlet/filedownload/sec/pub/netmail310f.exe - Novell netmail310f.tgz
For Linux
http://support.novell.com/servlet/filedownload/sec/pub/netmail310f.tgz - Novell netmail310f.zip
For NetWare
http://support.novell.com/servlet/filedownload/sec/pub/netmail310f.zip
SSH Communications Security SSH2 3.1.4
- SSH Communications Security SSH Secure Shell for Servers 3.2.9
http://www.ssh.com/support/downloads/secureshellserver/updates-and-packages-3-2.html - SSH Communications Security SSH Secure Shell for Windows Servers 3.2.9
http://www.ssh.com/support/downloads/secureshellwinserver/updates-and-packages-3-2.html - SSH Communications Security SSH Secure Shell for Workstations 3.2.9
http://www.ssh.com/support/downloads/secureshellwks/updates-and-packages-3-2.html
SSH Communications Security SSH2 3.1.6
- SSH Communications Security SSH Secure Shell for Servers 3.2.9
http://www.ssh.com/support/downloads/secureshellserver/updates-and-packages-3-2.html - SSH Communications Security SSH Secure Shell for Windows Servers 3.2.9
http://www.ssh.com/support/downloads/secureshellwinserver/updates-and-packages-3-2.html - SSH Communications Security SSH Secure Shell for Workstations 3.2.9
http://www.ssh.com/support/downloads/secureshellwks/updates-and-packages-3-2.html
Novell NetMail 3.10 e
- Novell netmail310f.exe
For Microsoft Windows
http://support.novell.com/servlet/filedownload/sec/pub/netmail310f.exe - Novell netmail310f.tgz
For Linux
http://support.novell.com/servlet/filedownload/sec/pub/netmail310f.tgz - Novell netmail310f.zip
For NetWare
http://support.novell.com/servlet/filedownload/sec/pub/netmail310f.zip
Ingate Firewall 3.2.1
- Ingate Firewall 3.3.1
http://www.ingate.com/upgrades.php
SSH Communications Security SSH2 3.2.2
- SSH Communications Security SSH Secure Shell for Servers 3.2.9
http://www.ssh.com/support/downloads/secureshellserver/updates-and-packages-3-2.html - SSH Communications Security SSH Secure Shell for Windows Servers 3.2.9
http://www.ssh.com/support/downloads/secureshellwinserver/updates-and-packages-3-2.html - SSH Communications Security SSH Secure Shell for Workstations 3.2.9
http://www.ssh.com/support/downloads/secureshellwks/updates-and-packages-3-2.html
Sun ONE Directory Server 5.1
Sun Grid Engine 5.3 x86
- Sun 116658-01
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=116658&rev=01 - Sun 116659-01
NON-Solaris Package format
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=116659&rev=01
SGI IRIX 6.5.20 f
SGI IRIX 6.5.20 m
SGI IRIX 6.5.21 m
MandrakeSoft Linux Mandrake 9.1
- Mandrake libopenssl0-0.9.6i-1.2.91mdk.i586.rpm
Mandrake Linux 9.1FTP Folder: 9.1/RPMS/
http://www.mandrakesecure.net/en/ftp.php - Mandrake libopenssl0.9.7-0.9.7a-1.2.91mdk.i586.rpm
Mandrake Linux 9.1FTP Folder: 9.1/RPMS/
http://www.mandrakesecure.net/en/ftp.php - Mandrake libopenssl0.9.7-devel-0.9.7a-1.2.91mdk.i586.rpm
Mandrake Linux 9.1FTP Folder: 9.1/RPMS/
http://www.mandrakesecure.net/en/ftp.php - Mandrake libopenssl0.9.7-static-devel-0.9.7a-1.2.91mdk.i586.rpm
Mandrake Linux 9.1FTP Folder: 9.1/RPMS/
http://www.mandrakesecure.net/en/ftp.php - Mandrake openssl-0.9.7a-1.2.91mdk.i586.rpm
Mandrake Linux 9.1FTP Folder: 9.1/RPMS/
http://www.mandrakesecure.net/en/ftp.php
References
References:
- A vulnerability has been discovered in F-Secure SSH in the way it handles digita (F-Secure)
- A vulnerability in F-Secure SSH's way to handles digital certificates (F-Secure)
- Alert ID: 57599 (Sun)
- Apple Security Updates (Apple)
- Apple Software Downloads (Apple)
- Cisco Security Advisory: SSL Implementation Vulnerabilities (Cisco)
- eDirectory TID10087450 (Novell) (Novell)
- eDirectory TID2967586 (Novell)
- eDirectory TID2968007 (Novell) (Novell)
- ESX OpenSSL updates (VMware)
- Field Test File for GW6 SP4 NLM & Win Agents - TID2967420 (Novell)
- Field Test File GW 6.5 SP2 NLM/Win Agents - TID2967421 (Novell)
- Firewall Server Home Page (BorderWare)
- FTF: GroupWise 6 Internet Agent SP4 rev G - TID2967425 (Novell)
- FTF: GroupWise 6 SP4 WebAccess Revision F - TID2967411 (Novell)
- FTF: GroupWise 6.5 SP2 WebAccess Revision B - TID2967408 (Novell)
- FTF:GroupWise 6.5.1 Internet Agent Rev E - TID2967399 (Novell)
- GSX OpenSSL updates (VMware)
- iChain 2.2 Support Pack 2 beta - TID2967175 (Novell)
- MSS-OAR-E01-2004.0422.1 (IBM)
- NetMail 3.1f Update for Linux - TID2967210 (Novell)
- NetMail 3.1f Update for NetWare - TID2967209 (Novell)
- NetMail 3.1f Update for Windows - TID2967208 (Novell)
- NISCC Vulnerability Advisory 006489/OpenSSL (NISCC)
- NISCC vulnerability advisory on SSL (secure sockets layer) and TLS (transport (Novell)
- Novell iManager 2.0.2 ASN.1 Parsing vulnerability in Apache module (CIRT)
- Novell Nsure Audit 1.0.1 (Win32 version) - CIRT-31 (CIRT)
- OpenSSL Security Advisory [30 September 2003] (OpenBSD)
- OpenSSL security bugs (Stonesoft)
- Oracle Support Metalink (Oracle)
- Patches Now Available For SmoothWall GPL 1.0, 2.0b6 "voyager" (SmoothWall)
- Regarding NISCC vulnerability advisory on SSL and TLS - TID10087450 (Novell)
- Release notice for Ingate Firewall 3.3.1 and Ingate SIParator 3.3.1 (InGate)
- RHSA-2003-293 (Red Hat)
- Security Advisory: OpenSSL Vulnerability (Blue Coat Systems)
- Security Alerts (Novell)
- Security Update 4 - TID2968981 (Novell)
- SSH IPSec Toolkit Security Bugs (Stonesoft)
- SSH Secure Shell Security Vulnerability in BER Decoding (SSH Communications Security)
- SSH Sentinel Security Vulnerability in BER Decoding (SSH Communications Security)
- SSL Update for CERT CA200326 and older SSL issues (Oracle)
- Sun Alert ID: 57100 (Sun Microsystems)
- Sun Alert ID: 57444 (Sun)
- Sun Alert ID: 57472 (Sun)
- Sun Alert ID: 57475 (Sun)
- Sun Alert ID: 57498 (Sun)
- Sun Linux Support - Sun Linux Patches (Sun)
- Tarantella Security Bulletin #08 (Tarantella)
- TID10097379 - Security Vulnerability against webadmin.exe (Novell)
- Vendor Home Page (BorderWare)
- Vulnerabilities in ASN.1 parsing (OpenSSL)
- Vulnerability Note VU#255484 (CERT/CC)
- Vulnerability Note VU#380864 (CERT/CC)
- Vulnerability Note VU#686224 (CERT/CC)
- Vulnerability Note VU#732952 (CERT/CC)
- Vulnerability Note VU#935264 (CERT/CC)
- VMware GSX Server and ESX Server OpenSSL vulnerability patches (VMware