Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSL Security Vulnerability

Posted by michael on from the what-me-worry dept.

SiliconEntity writes "On the heels of multiple OpenSSH vulnerabilities, the OpenSSL project is now reporting a number of security vulnerabilities of its own. OpenSSL is a standard cryptographic library used in a wide variety of security applications. The new vulnerabilities range from denial-of-service attacks to stack corruption, which imply the possibility of running malicious code. New versions of the software are released today which address the vulnerabilities."

8 of 245 comments (clear)

  1. Feeling kinda good about it by ThenAgain · · Score: 3, Informative

    At least we find out when where vulnerable BEFORE the exploits start rolling out. I'm also yet to hear of Linux bringing the net to it's knees when some kid writes an e-mail virus.

    Also, it took me less than a minute to patch my webserver. That's good design.

  2. Re:Minor Bug by Anonymous Coward · · Score: 3, Informative
    from the advisory:
    4. Due to an error in the SSL/TLS protocol handling, a server will parse a client certificate when one is not specifically requested. This by itself is not strictly speaking a vulnerability but it does mean that *all* SSL/TLS servers that use OpenSSL can be attacked using vulnerabilities 1, 2 and 3 even if they don't enable client authentication.

    so i do think that it affects most users.

  3. Re:Why is some software more secure than others? by Anonymous Coward · · Score: 3, Informative

    What the hell are you rambling on about? OpenSSL is not inherently insecure. While your points about using the KISS method are good practice for any software, in some cases complexity is inherent to the app. OpenSSL implements cryptographic protocol which is *not* simple, both because of the underlying mathematics, and because of the care which must be taken to avoid attacks which trivialize it.

    And if you think auditing "secure software" is easy, you're just setting yourself up to be owned. Auditing should be done meticulously no matter how simple the app is perceived to be.

  4. Re:Why is some software more secure than others? by SiliconEntity · · Score: 5, Informative

    How do secure software authors then avoid the kind of security holes that are difficult to find? By keeping the code simple.

    You're way off base in this case. SSL requires the use of X.509 certificates, and it was in the cert parsing code that these new vulnerabilities were found. X.509 means ASN.1 formats, which have at least two different encoding rules, BER and DER that both must be supported; implicit versus explicit tags; several different ways of encoding packet lengths, and a host of other complexities. There's no way to write this kind of code and just keep it simple as you describe. Any implementation of SSL which is going to interoperate with other systems on the net is going to face these complexities.

    I've written certificate handling code so I know how complicated it is. Also worth reading is Peter Gutmann's somewhat dated but still insightful X.509 Style Guide which describes some of the horrors an X.509 implementation has to deal with.

    In this case the failures were mostly in the error handling, and any developer knows that this tends to be the hardest part of your program to get right. Not only are there a lot more ways things can fail than go right, but they can fail in many more places in your code and it is very difficult to make sure your program can recover gracefully from everywhere something might go wrong.

    Also, I'm not sure if it's public yet, but a lot of other implementations are affected by this besides OpenSSL. See the CERT advisory when it comes out and you will find some of the biggest names in the security business got burned by this. It's absurd to suppose that your cosmic insights are somehow being overlooked by companies that base their reputations on security.

  5. RedHat RPMS by pollock · · Score: 3, Informative

    New RPMs and RedHat's security advisory for for 7.1, 7.2, 7.3 and 8.0 can be found here.

  6. Re:Why is some software more secure than others? by cras · · Score: 3, Informative
    I always wanted to have better support for error handling in C. Programmers should not be forced to handle errors by nested if's, "goto error" and wrapper functions that do nothing but check the result of another function and do cleanup.

    Exceptions would be nice, but I think in most cases the cleanup is just freeing dynamically allocated memory. Solution is to get rid of the free() calls. Garbage collector, memory pools, alloca(), data stack, etc. Data stack and memory pools have worked very well with my latest project. Error handling is almost always just a return call and there's hardly any wrapper functions just for handling errors. Too bad I haven't yet had time to test how well they'd work in other kind of software. I'd guess pretty well except maybe for general purpose libraries since they require a bit different way of writing C code.

  7. OpenSSH not vulnerable by dmiller · · Score: 4, Informative

    OpenSSH isn't remotely vulnerable to these attacks. Recent versions don't use the OpenSSL ASN.1 parsing code for signature validation (e.g. signatures coming from the network). The OpenSSL ASN.1 code is only used for parsing private keys.

    This was done a little while ago, as Markus (wisely) decided that we didn't need a whole ASN.1 parser just to verify signatures.

    Don't let that slow you down patching the issue - Apache and other SSL/TLS apps (OpenLDAP, the various imapd's, etc.) may be vulnerable.

  8. Understand the scope of the vulnerability by Anonymous Coward · · Score: 3, Informative
    For a server that is using OpenSSL

    Vulnerable to denial of service attack

    Potentially vulnerable to remote exploits (unknown currently)

    For a client (e.g. mail client) using OpenSSL

    • No vulnerability; the problems are on the server side, when processing client certificates