Gentoo Archives: gentoo-announce

From: Raphael Marichez <falco@g.o>
To: gentoo-announce@g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200612-09 ] MadWifi: Kernel driver buffer overflow
Date: Mon, 11 Dec 2006 23:51:57
Message-Id: 20061211233254.GC7955@falco.falcal.net
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200612-11
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: High
8 Title: AMD64 x86 emulation base libraries: OpenSSL multiple
9 vulnerabilities
10 Date: December 11, 2006
11 Bugs: #152640
12 ID: 200612-11
13
14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
15
16 Synopsis
17 ========
18
19 OpenSSL contains multiple vulnerabilities including the possible
20 execution of remote arbitrary code.
21
22 Background
23 ==========
24
25 OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport
26 Layer Security protocols and a general-purpose cryptography library.
27 The x86 emulation base libraries for AMD64 contain a vulnerable version
28 of OpenSSL.
29
30 Affected packages
31 =================
32
33 -------------------------------------------------------------------
34 Package / Vulnerable / Unaffected
35 -------------------------------------------------------------------
36 1 emul-linux-x86-baselibs < 2.5.5 >= 2.5.5
37 -------------------------------------------------------------------
38 # Package 1 only applies to AMD64 users.
39
40 Description
41 ===========
42
43 Tavis Ormandy and Will Drewry, both of the Google Security Team,
44 discovered that the SSL_get_shared_ciphers() function contains a buffer
45 overflow vulnerability, and that the SSLv2 client code contains a flaw
46 leading to a crash. Additionally, Dr. Stephen N. Henson found that the
47 ASN.1 handler contains two Denial of Service vulnerabilities: while
48 parsing an invalid ASN.1 structure and while handling certain types of
49 public key.
50
51 Impact
52 ======
53
54 An attacker could trigger the buffer overflow by sending a malicious
55 suite of ciphers to an application using the vulnerable function, and
56 thus execute arbitrary code with the rights of the user running the
57 application. An attacker could also consume CPU and/or memory by
58 exploiting the Denial of Service vulnerabilities. Finally, a malicious
59 server could crash a SSLv2 client through the SSLv2 vulnerability.
60
61 Workaround
62 ==========
63
64 There is no known workaround at this time.
65
66 Resolution
67 ==========
68
69 All AMD64 x86 emulation base libraries users should upgrade to the
70 latest version:
71
72 # emerge --sync
73 # emerge --ask --oneshot --verbose ">=app-emulation/emul-linux-x86-baselibs-2.5.5"
74
75 References
76 ==========
77
78 [ 1 ] CVE-2006-2937
79 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
80 [ 2 ] CVE-2006-2940
81 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
82 [ 3 ] CVE-2006-3738
83 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738
84 [ 4 ] CVE-2006-4343
85 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
86
87 Availability
88 ============
89
90 This GLSA and any updates to it are available for viewing at
91 the Gentoo Security Website:
92
93 http://security.gentoo.org/glsa/glsa-200612-11.xml
94
95 Concerns?
96 =========
97
98 Security is a primary focus of Gentoo Linux and ensuring the
99 confidentiality and security of our users machines is of utmost
100 importance to us. Any security concerns should be addressed to
101 security@g.o or alternatively, you may file a bug at
102 http://bugs.gentoo.org.
103
104 License
105 =======
106
107 Copyright 2006 Gentoo Foundation, Inc; referenced text
108 belongs to its owner(s).
109
110 The contents of this document are licensed under the
111 Creative Commons - Attribution / Share Alike license.
112
113 http://creativecommons.org/licenses/by-sa/2.5