Info

Disclosure

Sep 28, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in OpenSSL. OpenSSL contains an unspecified issue in the SSL_get_shared_ciphers function. With a specially crafted request, an attacker can cause an unspecified impact.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Impact Unknown
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Upgrade to version 0.9.7l, 0.9.8d or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

The OpenSSL Project	OpenSSL	0.9.7
		0.9.8

CyberGuard Corporation

SnapGear

3.1.4u1

References

CVE ID: 2006-3738 (see also: NVD) 2007-5135 (see also: NVD)
Secunia Advisory ID: 22094 22116 22130 22165 22166 22172 22186 22193 22207 22212 22216 22220 22232 22240 22259 22260 22284 22298 22330 22385 22460 22487 22500 22544 22626 22633 22654 22758 22772 22791 22799 23038 23155 23280 23309 23340 23351 23680 23785 23915 24930 24950 25889 26329 27012 27021 27031 27051 27078 27097 27186 27205 27217 27229 27330 27394 27706 27851 27870 28368 29242 30124 30161 31308 31326 31467 31489 31492
SCIP VulDB ID: 2576
Related OSVDB ID: 29260 29261 29263
Other Advisory URL: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00967144&jumpid=reg_R1002_USEN
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
http://lists.rpath.com/pipermail/security-announce/2007-October/000259.html
http://security.freebsd.org/advisories/FreeBSD-SA-07:08.openssl.asc
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103130-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200858-1
http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0241
http://www.debian.org/security/2007/dsa-1379
http://www.gentoo.org/security/en/glsa/glsa-200610-11.xml
http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml
http://www.gentoo.org/security/en/glsa/glsa-200710-06.xml
http://www.gentoo.org/security/en/glsa/glsa-200711-23.xml
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://www.ipcop.org/modules.php?op=modload&name=News&file=article&sid=31&mode=thread&order=0&thold=0
http://www.mandriva.com/security/advisories?name=MDKSA-2007:193
http://www.novell.com/linux/security/advisories/2007_20_sr.html
http://www.openbsd.org/errata40.html
http://www.ubuntu.com/usn/usn-522-1
http://www.us.debian.org/security/2006/dsa-1185
http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf
https://issues.rpath.com/browse/RPL-613
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00218.html
Vendor Specific Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc http://docs.info.apple.com/article.html?artnum=304829
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
http://kolab.org/security/kolab-vendor-notice-11.txt
http://lists.suse.com/archive/suse-security-announce/2006-Oct/0001.html
http://lists.suse.com/archive/suse-security-announce/2006-Sep/0013.html
http://lists.vmware.com/pipermail/security-announce/2008/000002.html
http://openbsd.org/errata.html#openssl2
http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1
http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:172-1
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
http://www.openssl.org/news/secadv_20060928.txt
http://www.trustix.org/errata/2006/0054/
http://www.ubuntu.com/usn/usn-353-1
http://www.us.debian.org/security/2006/dsa-1195
http://www.vmware.com/security/advisories/VMSA-2008-0013.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=498093&RenditionID=&poid=8881
https://issues.rpath.com/browse/RPL-613
Keyword: HPSBMA02250,SSRT061275,HPSBUX02292,SSRT071499 HPSBTU02207,SSRT061239,c00967144
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0295.html
http://archives.neohapsis.com/archives/bugtraq/2007-06/0347.html
http://archives.neohapsis.com/archives/bugtraq/2007-08/0069.html
http://archives.neohapsis.com/archives/bugtraq/2007-11/0413.html
News Article: http://news.com.com/Apple+Mac+OS+X+patch+plugs+31+vulnerabilities/2100-1002_3-6139117.html
Vendor Specific News/Changelog Entry: http://openvpn.net/changelog.html
http://sourceforge.net/forum/forum.php?forum_id=617485
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
http://www.cyberguard.info/snapgear/releases.html
http://www.serv-u.com/releasenotes/
RedHat RHSA: RHSA-2006:0695 RHSA-2007:0813 RHSA-2007:0964

Credit

Will Drewry - wadgoogle.com - Google Security Team
Tavis Ormandy - Gentoo Linux Auditing Team

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

The OpenSSL Project

OpenSSL

CyberGuard Corporation

SnapGear

References

Credit