Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: OpenSSL Update Released - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
OpenSSL Update Released

As announced earlier this week, OpenSSL released an update today for all currently supported versions (1.0.1, 1.0.2, 1.1.0).

The update fixes 14 different vulnerabilities. Only one vulnerability is rated "High". This vulnerability, CVE-2016-6304, can lead to memory exhaustion and a denial of service if the client sends multiple large OCSP requests.

With this update, the latest versions of OpenSSL for the various branches are 1.0.1u, 1.0.2i and 1.1.0a. All three branches are currently supported.

The table below shows which vulnerabilities apply to each branch.

CVE Description Rating 1.0.1 1.0.2 1.1.0
CVE-2016-6304 OCSP Status Request extension unbounded memory growth High x x x
CVE-2016-6305 SSL_peek() hang on empty record (CVE-2016-6305) Moderate     x
CVE-2016-2183 SWEET32 Mitigation (CVE-2016-2183) Low x x  
CVE-2016-6303 OOB write in MDC2_Update() Low x x  
CVE-2016-6302 Malformed SHA512 ticket DoS Low x x  
CVE-2016-2182 OOB write in BN_bn2dec() Low x x  
CVE-2016-2180 OOB read in TS_OBJ_print_bio() (CVE-2016-2180) Low x x  
CVE-2016-2177 Pointer arithmetic undefined behaviour (CVE-2016-2177) Low x x  
CVE-2016-2178 Constant time flag not preserved in DSA signing Low x x  
CVE-2016-2179 DTLS buffered message DoS Low x x  
CVE-2016-2181 DTLS replay protection DoS Low x x  
CVE-2016-6306 Certificate message OOB reads Low x x  
CVE-2016-6307 Excessive allocation of memory in tls_get_message_header() Low     x
CVE-2016-6308 Excessive allocation of memory in dtls1_preprocess_fragment() Low     x

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

 

I will be teaching next: Defending Web Applications Security Essentials - SANS Brussels September 2019

Johannes

3605 Posts
ISC Handler
SA can be found at https://www.openssl.org/news/secadv/20160922.txt
Bugbear

7 Posts
SWEET32 disclosure at https://sweet32.info/. Affects 64-bit block ciphers; i.e. 3DES and Blowfish. Similar to BEAST for RC4 and need 32GB of data for successful attack though.


OpenSSL blog at https://www.openssl.org/blog/blog/2016/08/24/sweet32/ states that "triple-DES should now be considered as “bad” as RC4".

WinXP was the last major OS that requires 3DES as it does not support AES. (There is a patch for AES support to Windows Server 2003). Time to deprecate or remove 3DES cipher support from web servers.

Blowfish is the default for OpenVPN. Wiki entry at https://community.openvpn.net/openvpn/wiki/SWEET32.
Mike7

43 Posts

Sign Up for Free or Log In to start participating in the conversation!