===================================================================== CERT-Renater Note d'Information No. 2011/VULN207 _____________________________________________________________________ DATE : 09/03/2011 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : NetBSD version current, 5.0, 5.1, 4.0 running OpenSSL. ====================================================================== http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc ______________________________________________________________________ NetBSD Security Advisory 2011-002 ================================= Topic: OpenSSL TLS extension parsing race condition. Version: NetBSD-current: source prior to February 11, 2011 NetBSD 5.0.*: affected NetBSD 5.0: affected NetBSD 5.1: affected NetBSD 4.0.*: not affected NetBSD 4.0: not affected pkgsrc: openssl package prior to 0.9.8qnb1 Severity: Denial of Service and potential Information Disclosure Fixed: NetBSD-current: February 11, 2011 NetBSD-5-0 branch: February 17, 2011 NetBSD-5-1 branch: February 17, 2011 NetBSD-5 branch: February 17, 2011 pkgsrc 2010Q4: openssl-0.9.8qnb1 corrects this issue Please note that NetBSD releases prior to 4.0 are no longer supported. It is recommended that all users upgrade to a supported release. Abstract ======== Incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. Applications are only affected if they act as a server and call SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. This includes Apache httpd >= 2.3.3, if configured with "SSLUseStapling On". This vulnerability has been assigned CVE-2011-0014. Technical Details ================= Incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. An attacker may be able to cause a crash (denial of service) by triggering invalid memory accesses. The results of the parse are only available to the application using OpenSSL so do not directly cause an information leak. However, some applications may expose the contents of parsed OCSP extensions, specifically an OCSP nonce extension. An attacker could use this to read the contents of memory following the ClientHello. See http://www.openssl.org/news/secadv_20110208.txt for the vulnerability announcement from OpenSSL. Solutions and Workarounds ========================= - - Patch, recompile, and reinstall libssl. CVS branch file revision ------------- ---------------- -------- HEAD src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c 1.4 CVS branch file revision ------------- ---------------- -------- netbsd-5-1 src/crypto/dist/openssl/ssl/t1_lib.c 1.2.12.3 netbsd-5-0 src/crypto/dist/openssl/ssl/t1_lib.c 1.2.8.3 netbsd-5 src/crypto/dist/openssl/ssl/t1_lib.c 1.2.4.3 The following instructions briefly summarize how to update and recompile libssl. In these instructions, replace: BRANCH with the appropriate CVS branch (from the above table) FILES with the file names for that branch (from the above table) To update from CVS, re-build, and re-install libc and sftp: * NetBSD-current: # cd src # cvs update -d -P -A crypto/external/bsd/openssl/dist/ssl # cd lib/libcrypt # make USETOOLS=no cleandir dependall # make USETOOLS=no install # cd ../../crypto/external/bsd/openssl/lib/libcrypto # make USETOOLS=no cleandir dependall # make USETOOLS=no install # cd ../libssl # make USETOOLS=no cleandir dependall # make USETOOLS=no install * NetBSD 5.*: # cd src # cvs update -d -P -r BRANCH crypto/dist/openssl/ssl # cd lib/libcrypt # make USETOOLS=no cleandir dependall # make USETOOLS=no install # cd ../libcrypto # make USETOOLS=no cleandir dependall # make USETOOLS=no install # cd ../libssl # make USETOOLS=no cleandir dependall # make USETOOLS=no install For more information on building (oriented towards rebuilding the entire system, however) see: http://www.netbsd.org/guide/en/chap-build.html Thanks To ========= Thanks to Neel Mehta (Google) for discovering the problem and Adam Langley and Bodo Moeller (Google) for providing the fix. Revision History ================ 2011-03-08 Initial release More Information ================ Advisories may be updated as new information becomes available. The most recent version of this advisory (PGP signed) can be found at http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc Information about NetBSD and NetBSD security can be found at http://www.NetBSD.org/ and http://www.NetBSD.org/Security/ . Copyright 2011, The NetBSD Foundation, Inc. All Rights Reserved. Redistribution permitted only in full, unmodified form. $NetBSD: NetBSD-SA2011-002.txt,v 1.1 2011/03/08 01:36:24 tonnerre Exp $ ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================