OpenSSL CMS and PKCS #7 contain a weakness that may allow a remote attacker to send a saturation of ciphertext to be decrypted, then uses the results of the decryption to select subsequent ciphertexts in a Million Message Attack (MMA). This may allow the attacker to decrypt certain operations.

Upgrade to version 1.0.0h or 0.9.8u or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• Security Tracker: 1026788
• CVE ID: 2012-0884 (see also: NVD)
• Secunia Advisory ID: 46958 48580 48895 48916 49077 49229 49293 49402 49670 50097 50614 50678 50736 51674 52019 52292 52543 52694 52869 52892
• Bugtraq ID: 52428
• CERT VU: 737740
• Related OSVDB ID: 80040
• Vendor Specific News/Changelog Entry: http://aix.software.ibm.com/aix/efixes/security/openssl_advisory4.asc
  http://blog.pfsense.org/?p=676
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03315912
  http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03383940
  http://lists.debian.org/debian-security-announce/2012/msg00090.html
  http://lists.opensuse.org/opensuse-updates/2012-04/msg00054.html
  http://lists.opensuse.org/opensuse-updates/2013-02/msg00069.html
  http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc
  http://www.ibm.com/support/docview.wss?uid=nas12088ececb530423186257b410072035e
  http://www.ibm.com/support/docview.wss?uid=swg21627934
  http://www.ibm.com/support/docview.wss?uid=swg21633107
  http://www.ubuntu.com/usn/usn-1451-1
  http://www.us.debian.org/security/2012/dsa-2454
  https://www.ibm.com/support/docview.wss?uid=swg21619837
• Vendor Specific Solution URL: http://cvs.openssl.org/chngview?cn=22252
• Vendor Specific Advisory URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03383940
  http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_sterling_connect_enterprise_for_unix_is_affected_by_multiple_vulnerabilities_in_openssl12
  http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-09-712&viewMode=view
  http://www.openssl.org/news/secadv_20120312.txt
  https://downloads.avaya.com/css/P8/documents/100162507
  https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03333987&ac.admitted=1337324854606.876444892.492883150
  https://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_infosphere_balanced_warehouse_c3000_c4000_and_d5100_and_ibm_smart_analytics_system_1050_2050_5600_and_5710_are_affected_by_vulnerabilities_in_openssl16
• Packet Storm: http://packetstormsecurity.org/files/113582/HP-Security-Bulletin-HPSBMU02776-SSRT100852.html
• Mail List Post: http://seclists.org/bugtraq/2012/May/13
  http://seclists.org/bugtraq/2012/May/98
• RedHat RHSA: RHSA-2012:0426 RHSA-2012:1306 RHSA-2012:1307 RHSA-2012:1308

• Ivan Nestlerode