Info

Disclosure

Feb 19, 2003

Discovery

May 02, 2002

Dates

Exploit

Feb 20, 2003

Solution

Unknown

Description

OpenSSL versions 0.9.6h and prior and 0.9.7 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a repeated block of plaintext in multiple OpenSSL/TLS sessions occur. A crafted block of ciphertext can be repeatedly injected into each session, which will kill that session but may ultimately lead to the disclosure of the repeated plaintext block, resulting in a loss of confidentiality.

Classification

Location: Local Access Required, Remote / Network Access
Attack Type: Cryptographic
Impact: Loss of Confidentiality
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified

Solution

Upgrade to version 0.9.6i or 0.9.7a or higher, as they has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): apply the vendor-supplied patch for versions 0.9.6e and later. Versions older than 0.9.6e must upgrade.

Products

OpenSSL Project	OpenSSL	0.9.1x
		0.9.2x
		0.9.3x
		0.9.4x
		0.9.5x
		0.9.6
		0.9.6a
		0.9.6b
		0.9.6c
		0.9.6d
		0.9.6e
		0.9.6f
		0.9.6g
		0.9.6h
		0.9.7

References

ISS X-Force ID: 11369
CVE ID: 2003-0078 (see also: NVD)
Bugtraq ID: 6884
Secunia Advisory ID: 8101
Keyword: Canvel Hiltgen Omen Vuagnoux
Vendor Specific Advisory URL: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:02.openssl.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-001.txt.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO58123&os=NT&returninput=0
http://www.debian.org/security/2003/dsa-253
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:020
http://www.openssl.org/news/secadv_20030219.txt
http://www.suse.de/de/security/2003_011_openssl.html
http://www.vmware.com/support/kb/enduser/std_adp.php?p_sid=dsxk*BWh&p_lva=&p_faqid=934
Generic Informational URL: http://lasecwww.epfl.ch/memo_ssl.shtml
http://lasecwww.epfl.ch/php_code/publications/search.php?ref=Vau02a
Generic Exploit URL: http://omen.vuagnoux.com/
Vendor Specific News/Changelog Entry: http://www116.nortel.com/docs/bvdoc/alteon/ssl/iSD-SSL_3.1.6.14_README.pdf

Credit

Serge Vaudenay - serge.vaudenayepfl.ch - EPFL

Direct URL: http://osvdb.org/3945

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

OpenSSL Project

OpenSSL

References

Credit