1 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
2 |
Gentoo Linux Security Advisory GLSA 200612-11 |
3 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
4 |
http://security.gentoo.org/ |
5 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
6 |
|
7 |
Severity: High |
8 |
Title: AMD64 x86 emulation base libraries: OpenSSL multiple |
9 |
vulnerabilities |
10 |
Date: December 11, 2006 |
11 |
Bugs: #152640 |
12 |
ID: 200612-11 |
13 |
|
14 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
15 |
|
16 |
Synopsis |
17 |
======== |
18 |
|
19 |
OpenSSL contains multiple vulnerabilities including the possible |
20 |
execution of remote arbitrary code. |
21 |
|
22 |
Background |
23 |
========== |
24 |
|
25 |
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport |
26 |
Layer Security protocols and a general-purpose cryptography library. |
27 |
The x86 emulation base libraries for AMD64 contain a vulnerable version |
28 |
of OpenSSL. |
29 |
|
30 |
Affected packages |
31 |
================= |
32 |
|
33 |
------------------------------------------------------------------- |
34 |
Package / Vulnerable / Unaffected |
35 |
------------------------------------------------------------------- |
36 |
1 emul-linux-x86-baselibs < 2.5.5 >= 2.5.5 |
37 |
------------------------------------------------------------------- |
38 |
# Package 1 only applies to AMD64 users. |
39 |
|
40 |
Description |
41 |
=========== |
42 |
|
43 |
Tavis Ormandy and Will Drewry, both of the Google Security Team, |
44 |
discovered that the SSL_get_shared_ciphers() function contains a buffer |
45 |
overflow vulnerability, and that the SSLv2 client code contains a flaw |
46 |
leading to a crash. Additionally, Dr. Stephen N. Henson found that the |
47 |
ASN.1 handler contains two Denial of Service vulnerabilities: while |
48 |
parsing an invalid ASN.1 structure and while handling certain types of |
49 |
public key. |
50 |
|
51 |
Impact |
52 |
====== |
53 |
|
54 |
An attacker could trigger the buffer overflow by sending a malicious |
55 |
suite of ciphers to an application using the vulnerable function, and |
56 |
thus execute arbitrary code with the rights of the user running the |
57 |
application. An attacker could also consume CPU and/or memory by |
58 |
exploiting the Denial of Service vulnerabilities. Finally, a malicious |
59 |
server could crash a SSLv2 client through the SSLv2 vulnerability. |
60 |
|
61 |
Workaround |
62 |
========== |
63 |
|
64 |
There is no known workaround at this time. |
65 |
|
66 |
Resolution |
67 |
========== |
68 |
|
69 |
All AMD64 x86 emulation base libraries users should upgrade to the |
70 |
latest version: |
71 |
|
72 |
# emerge --sync |
73 |
# emerge --ask --oneshot --verbose ">=app-emulation/emul-linux-x86-baselibs-2.5.5" |
74 |
|
75 |
References |
76 |
========== |
77 |
|
78 |
[ 1 ] CVE-2006-2937 |
79 |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 |
80 |
[ 2 ] CVE-2006-2940 |
81 |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 |
82 |
[ 3 ] CVE-2006-3738 |
83 |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 |
84 |
[ 4 ] CVE-2006-4343 |
85 |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 |
86 |
|
87 |
Availability |
88 |
============ |
89 |
|
90 |
This GLSA and any updates to it are available for viewing at |
91 |
the Gentoo Security Website: |
92 |
|
93 |
http://security.gentoo.org/glsa/glsa-200612-11.xml |
94 |
|
95 |
Concerns? |
96 |
========= |
97 |
|
98 |
Security is a primary focus of Gentoo Linux and ensuring the |
99 |
confidentiality and security of our users machines is of utmost |
100 |
importance to us. Any security concerns should be addressed to |
101 |
security@g.o or alternatively, you may file a bug at |
102 |
http://bugs.gentoo.org. |
103 |
|
104 |
License |
105 |
======= |
106 |
|
107 |
Copyright 2006 Gentoo Foundation, Inc; referenced text |
108 |
belongs to its owner(s). |
109 |
|
110 |
The contents of this document are licensed under the |
111 |
Creative Commons - Attribution / Share Alike license. |
112 |
|
113 |
http://creativecommons.org/licenses/by-sa/2.5 |