Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2008-0891 to a friend New vulnerability? New tool? Tell us	CVE-2008-0891 Multiple OpenSSL TLS Vulnerabilities     Credit: The information has been provided by CERT-FI. The original article can be found at: http://cert.fi/haavoittuvuudet/2008/advisory-openssl.html Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2008-0891 Details Check for CVE-2008-0891 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * OpenSSL version 0.9.8f  * OpenSSL version 0.9.8g Immune Systems:  * OpenSSL version 0.9.8h The first problem occurs when OpenSSL is run with command line openssl s_server -key path_to_key \ -cert path_to_certificate \ -www `openssl ciphers 'ALL:COMPLEMENTOFALL'` receives Client Hello packet containing server name extension data having one server host name set where the length of the name is 1 and the data is single zero byte. It seems that the program detects the erroneous host name (in ssl/t1_lib.c, line 325) and then proceeds to end the handshake. When ending the handshake then program ends up trying to free already freed pointer. The stack backtrace when running the program on debugger shows following: Program received signal SIGSEGV, Segmentation fault. 0x0000003a5806cbb7 in malloc_consolidate () from /lib64/libc.so.6 (gdb) bt #0 0x0000003a5806cbb7 in malloc_consolidate () from /lib64/libc.so.6 #1 0x0000003a5806e7a7 in _int_free () from /lib64/libc.so.6 #2 0x0000003a5807214c in free () from /lib64/libc.so.6 #3 0x0000000000484c85 in CRYPTO_free (str=0x837030) at mem.c:378 #4 0x000000000045d3a7 in ssl3_free (s=0x8281e0) at s3_lib.c:1685 #5 0x00000000004663d7 in tls1_free (s=0x8281e0) at t1_lib.c:108 #6 0x0000000000473bf2 in SSL_free (s=0x8281e0) at ssl_lib.c:508 #7 0x0000000000482bef in ssl_free (a=0x8291f0) at bio_ssl.c:131 #8 0x00000000004c60f9 in BIO_free (a=0x8291f0) at bio_lib.c:136 #9 0x00000000004c6d21 in BIO_free_all (bio=0x828f40) at bio_lib.c:516 #10 0x000000000042b08d in www_body (hostname=0x822300 "localhost.localdomain", s=7, context=0x0) at s_server.c:2231 #11 0x000000000043d329 in do_server (port=4433, type=1, ret=0x7dd708, cb=0x42a266 , context=0x0) at s_socket.c:310 #12 0x00000000004290cd in s_server_main (argc=0, argv=0x7fff26b87000) at s_server.c:1335 #13 0x0000000000402cee in do_cmd (prog=0x813f70, argc=12, argv=0x7fff26b86fa0) at openssl.c:382 #14 0x0000000000402a1e in main (Argc=12, Argv=0x7fff26b86fa0) at openssl.c:301 (gdb) The second problem occurs when openssl is run with following command line: openssl s_client -connect localhost:4433 -cipher \ `openssl ciphers 'ALL:COMPLEMENTOFALL'` -debug -msg The openssl sends 'Client Hello' message to server which responds with 'Server Hello' message (having selected TLS_DH_ANON_WITH_RC4_128_MD5 cipher suite), followed by Server Hello Done (omitting Server Key Exchange message). The program dies with segmentation fault on ssl3_get_key_exchange() function, caused by the s->session->sess_cert being NULL. The stack backtrace from the core file shows following: Program terminated with signal 11, Segmentation fault. #0 0x000000000045be7b in ssl3_send_client_key_exchange (s=0x80dd90) at s3_clnt.c:1970 1970 if (s->session->sess_cert->peer_dh_tmp != NULL) (gdb) bt #0 0x000000000045be7b in ssl3_send_client_key_exchange (s=0x80dd90) at s3_clnt.c:1970 #1 0x000000000045882d in ssl3_connect (s=0x80dd90) at s3_clnt.c:341 #2 0x00000000004746c3 in SSL_connect (s=0x80dd90) at ssl_lib.c:859 #3 0x0000000000465e14 in ssl23_get_server_hello (s=0x80dd90) at s23_clnt.c:593 #4 0x0000000000464ecf in ssl23_connect (s=0x80dd90) at s23_clnt.c:169 #5 0x0000000000466126 in ssl23_write (s=0x80dd90, buf=0x818100, len=0) at s23_lib.c:184 #6 0x0000000000474891 in SSL_write (s=0x80dd90, buf=0x818100, num=0) at ssl_lib.c:912 #7 0x000000000042e251 in s_client_main (argc=0, argv=0x7fff05afd018) at s_client.c:1065 #8 0x0000000000402cee in do_cmd (prog=0x813f70, argc=7, argv=0x7fff05afcfe0) at openssl.c:382 #9 0x0000000000402a1e in main (Argc=7, Argv=0x7fff05afcfe0) at openssl.c:301 The error occurs since ssl3_get_key_exchange() allows omitting the Server Key Exchange message (which is correct, of course) but the s->session->sess_cert is left to NULL and it is not checked at ssl3_get_server_done(). Instead, the client state machine proceeds to ssl3_send_client_key_exchange() where it does not check the validity of s->session->sess_cert but just tries to dereference it (s3_clntl.c:1970). Solution: Patch the affected software with the patches supplied by the vendor or update to version 0.9.8h. Vendor Statements: OpenSSL The issue is covered in the advisory secadv_20080528. CVE Information: CVE-2008-0891 Cisco We have tested our product sets that use OpenSSL and have concluded that our products are "Not vulnerable".  Comments on CVE-2008-0891:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®