CERT-MU Vulnerability Note
VN-2012-117
OpenSSL Transport Layer Security Packet Parsing Integer Underflow Denial of Service Vulnerability
Original Issue Date:
May 02, 2012
Severity Rating: Medium
Systems Affected:
Description
A vulnerability has been identified in OpenSSL and this can be exploited by remote attackers to cause a Denial of Service condition of the application using the library. The vulnerability exists because OpenSSL did not properly handle TLS record length values from the received TLS packets. After subtracting the number of padding bytes from the record length value, it did not check the resulting record length before subtracting the size of explicit IV (initialization vector for CBC encryption modes). This could lead to an integer underflow of the record length value, leading to a buffer over-read and out-of-bounds access. This vulnerability can be exploited by remote attackers to crash an application using OpenSSL by sending a specially TLS packet.
Solution
Users are advised to apply to version 1.0.1c, 1.0.0j, or 0.9.8x.
More information is available on:
https://bugzilla.redhat.com/show_bug.cgi?id=820686
Vendor Information
OpenSSL
www.openssl.com
CVE Information
CVE-2012-2333
Contact Information
Email:
Hotline:
800 2378
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis |
