Threat Level: green Handler on Duty: Rick Wanner

SANS ISC: Critical OpenSSL Patch Available. Patch Now! - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Critical OpenSSL Patch Available. Patch Now!

The OpenSSL team released a critical security update today. The update patches 6 flaws. 1 of the flaws (CVE-2014-0195) may lead to arbitrary code execution. [1]

All versions of OpenSSL are vulnerable to CVE-2014-0195, but this vulnerability only affects DTLS clients or servers (look for SSL VPNs... not so much HTTPS).

I also rated CVE-2014-0224 critical, since it does allow for MiTM attacks, one of the reasons you use SSL. But in order to exploit this issue, both client and server have to be vulnerable, and only openssl 1.0.1 is vulnerable on servers (which is why I stuck with "important" for servers). The discoverer of this vulnerability released details here: http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html .

CVE-2010-5298 does allow third parties to inject data into existing SSL connections. This could be a big deal, but according to the OpenSSL advisory, the SSL_MODE_RELEASE_BUFFERS feature is usually not enabled. 

Make sure you update to one of these OpenSSL versions:

OpenSSL 0.9.8za   (openssl ran out of letters, so instead of calling this one 'z' they call it 'za' to allow for future releases. However, this *may* be the last 0.9.8 release).
OpenSSL 1.0.0m
OpenSSL 1.0.1h

CVE Name Impact Vulnerable Versions Client Server
CVE-2014-0224 SSL/TLS MITM Vulnerability MiTM Server: 1.0.1, Client: 0.9.8,1.0.0,1.0.1 (both have to be vulnerable) Critical Important
CVE-2014-0221 DTLS recursion flaw DoS 0.9.8,1.0.0,1.0.1 Important Not Affected
CVE-2014-0195 DTLS invalid fragment vulnerability Code Exec. 0.9.8,1.0.0,1.0.1 Critical Critical
CVE-2014-0198 SSL_MODE_RELEASE_BUFFERS NULL pointer dereference DoS 1.0.0,1.0.1
(neither affected in default config)
Important Important
CVE-2010-5298 SSL_MODE_RELEASE_BUFFERS session injection DoS or Data Injection 1.0.0, 1.0.1
(in multithreaded applications, not in default config)
Important Important
CVE-2014-3470 Anonymous ECDH Denial of Service DoS 0.9.8, 1.0.0, 1.0.1 Important Not Affected

Vendor Information:

Redhat https://rhn.redhat.com/errata/RHSA-2014-0625.html
https://rhn.redhat.com/errata/RHSA-2014-0626.html
Ubuntu http://www.ubuntu.com/usn/usn-2232-1/
FreeBSD http://www.freebsd.org/security/advisories/FreeBSD-SA-14:14.openssl.asc

[1] https://www.openssl.org/news/secadv_20140605.txt

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Johannes

3062 Posts
ISC Handler
DTLS is also used in certain voice systems, though I don't know which, if any, use OpenSSL. These devices would tend to remain unpatched in many environments.

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/uc_system/design/guides/videodg/vidguide/security.html#wp1060870

WebRTC appears to use it as well.
Tom

3 Posts Posts
Based on the Heartbleed notice, most of Cisco's Telepresence equipment uses OpenSSL. Impact will depend on configuration of course.


- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed

Cisco Jabber also uses OpenSSL, and may use DTLS for voice and video.
Tom

3 Posts Posts
Just a note... As of this moment (1319 EST)...
Doing a search on CVE-2014-0195 on the NIST NVD will result in "Unable to find vuln CVE-2014-0195" or 0 entries found.

The MITRE reference to CVE-2014-0195 states the CVE entry is "Reserved".

Maybe there is ongoing impact assessment??
Will need to check on it later.
AlSitte

26 Posts Posts
Note to ISC Handler: I sent this message regarding the June 5th OpenSSL diary post earlier today, but it didn't show up in the post. Resending just in case.

For CVE-2014-0195 (as of 1500 EST today):
If you go to the MITRE site, the entry is listed as "Reserved" with no useful data about the vulnerability.
If you go to the NIST NVD, a search will result in 0 records. A direct GET statement will result in "Unable to find vuln CVE-2014-0195"

Maybe the CVE impact is still under assessment??
Will need to check on this.
AlSitte

26 Posts Posts
yes, it can take a day or so for the CVE entries to be active.
Johannes

3062 Posts Posts
ISC Handler
I missed the webcast. How long does it usually take before the webcast shows up in archive section?
JDK

1 Posts Posts
should show up soon (couple hours after it finished) . I will likely record a video later today (evening) with some updated info.
Johannes

3062 Posts Posts
ISC Handler
Can you clarify how you came to understand that TCP was also affected and not just UDP? We have been looking for other sources to confirm, but can't find any other write-ups with the specifics. Thanks.
Anonymous

Posts
There are two write-ups with details about CVE-2014-0224:

The original by the Japanese discoverer of the vulnerability
ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/…

A secondary writeup by Adam Langley
imperialviolet.org/2014/06/05/…

Neither is a terrible easy read, and both heavily reference prior DTLS bugs. But neither writeup excludes TLS.
Johannes

3062 Posts Posts
ISC Handler
VMware has patch for ESXi 5.5 - http://kb.vmware.com/kb/2077359
MD

11 Posts Posts
Has it been determined if the 0.9.7 or 0.9.6 branches of OpenSSL are likewise affected by these reported vulnerabilities?
Anonymous

Posts

Sign Up for Free or Log In to start participating in the conversation!