Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2003-0078
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 01:43
Severity ?
EPSS score ?
Summary
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T01:43:35.347Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20030501-01-I", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { name: "3945", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/3945", }, { name: "ssl-cbc-information-leak(11369)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "http://www.iss.net/security_center/static/11369.php", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20030219.txt", }, { name: "2003-0005", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.org/errata/2003/0005", }, { name: "DSA-253", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2003/dsa-253", }, { name: "RHSA-2003:205", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-205.html", }, { name: "ESA-20030220-005", tags: [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-2874.html", }, { name: "N-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://www.ciac.org/ciac/bulletins/n-051.shtml", }, { name: "20030219 OpenSSL 0.9.7a and 0.9.6i released", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104567627211904&w=2", }, { name: "RHSA-2003:104", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-104.html", }, { name: "6884", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/6884", }, { name: "NetBSD-SA2003-001", tags: [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-001.txt.asc", }, { name: "MDKSA-2003:020", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:020", }, { name: "CLSA-2003:570", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570", }, { name: "20030219 [OpenPKG-SA-2003.013] OpenPKG Security Advisory (openssl)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104568426824439&w=2", }, { name: "GLSA-200302-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104577183206905&w=2", }, { name: "RHSA-2003:082", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-082.html", }, { name: "RHSA-2003:063", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-063.html", }, { name: "RHSA-2003:062", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-062.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2003-02-19T00:00:00", descriptions: [ { lang: "en", value: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2010-02-23T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20030501-01-I", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { name: "3945", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/3945", }, { name: "ssl-cbc-information-leak(11369)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "http://www.iss.net/security_center/static/11369.php", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20030219.txt", }, { name: "2003-0005", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.org/errata/2003/0005", }, { name: "DSA-253", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2003/dsa-253", }, { name: "RHSA-2003:205", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-205.html", }, { name: "ESA-20030220-005", tags: [ "vendor-advisory", "x_refsource_ENGARDE", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-2874.html", }, { name: "N-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://www.ciac.org/ciac/bulletins/n-051.shtml", }, { name: "20030219 OpenSSL 0.9.7a and 0.9.6i released", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104567627211904&w=2", }, { name: "RHSA-2003:104", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-104.html", }, { name: "6884", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/6884", }, { name: "NetBSD-SA2003-001", tags: [ "vendor-advisory", "x_refsource_NETBSD", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-001.txt.asc", }, { name: "MDKSA-2003:020", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:020", }, { name: "CLSA-2003:570", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570", }, { name: "20030219 [OpenPKG-SA-2003.013] OpenPKG Security Advisory (openssl)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104568426824439&w=2", }, { name: "GLSA-200302-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://marc.info/?l=bugtraq&m=104577183206905&w=2", }, { name: "RHSA-2003:082", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-082.html", }, { name: "RHSA-2003:063", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-063.html", }, { name: "RHSA-2003:062", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-062.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0078", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20030501-01-I", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { name: "3945", refsource: "OSVDB", url: "http://www.osvdb.org/3945", }, { name: "ssl-cbc-information-leak(11369)", refsource: "XF", url: "http://www.iss.net/security_center/static/11369.php", }, { name: "http://www.openssl.org/news/secadv_20030219.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20030219.txt", }, { name: "2003-0005", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2003/0005", }, { name: "DSA-253", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-253", }, { name: "RHSA-2003:205", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-205.html", }, { name: "ESA-20030220-005", refsource: "ENGARDE", url: "http://www.linuxsecurity.com/advisories/engarde_advisory-2874.html", }, { name: "N-051", refsource: "CIAC", url: "http://www.ciac.org/ciac/bulletins/n-051.shtml", }, { name: "20030219 OpenSSL 0.9.7a and 0.9.6i released", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104567627211904&w=2", }, { name: "RHSA-2003:104", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-104.html", }, { name: "6884", refsource: "BID", url: "http://www.securityfocus.com/bid/6884", }, { name: "NetBSD-SA2003-001", refsource: "NETBSD", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-001.txt.asc", }, { name: "MDKSA-2003:020", refsource: "MANDRAKE", url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:020", }, { name: "CLSA-2003:570", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570", }, { name: "20030219 [OpenPKG-SA-2003.013] OpenPKG Security Advisory (openssl)", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104568426824439&w=2", }, { name: "GLSA-200302-10", refsource: "GENTOO", url: "http://marc.info/?l=bugtraq&m=104577183206905&w=2", }, { name: "RHSA-2003:082", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-082.html", }, { name: "RHSA-2003:063", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-063.html", }, { name: "RHSA-2003:062", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-062.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2003-0078", datePublished: "2004-09-01T04:00:00", dateReserved: "2003-02-10T00:00:00", dateUpdated: "2024-08-08T01:43:35.347Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2003-0078\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2003-03-03T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \\\"Vaudenay timing attack.\\\"\"},{\"lang\":\"es\",\"value\":\"ssl3_get_record en s3_ptk.c de OpenSSL anteriores a 0.9.7a y 0.9.6 anteriores a 0.9.6i no realiza un cálculo MAC si un relleno de bloque de cifra incorrecto es usado, lo que causa una fuga de información (discrepancia en temporización) que puede hacer más fácil lanzar ataques criptográficos que dependan de distinguir entren errores de relleno o de verificación de MAC, posiblemente conducentes a la extracción del texto plano original, también conocida como \\\"Ataque de temporización de Vaudenay\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.9.6i\",\"matchCriteriaId\":\"7693CC10-F1E9-47D4-81C0-EF0E3D9CAE10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC626D0B-6D4F-4727-8933-B9EE7546ABA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E3AB748-E463-445C-ABAB-4FEDDFD1878B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"660E4B8D-AABA-4520-BC4D-CF8E76E07C05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"85BFEED5-4941-41BB-93D1-CD5C2A41290E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"9644CC68-1E91-45E7-8C53-1E3FC9976A4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B1B98C4-1FFD-4A7C-AA86-A34BC6F7AB31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"73934717-2DA3-4614-A076-D6EDA5EB0626\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF49BF03-C25E-4737-84D5-892895C86C58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2019E0E-426B-43AF-8904-1B811AE171E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55C5FC1A-1253-4390-A4FC-573BB14EA937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44308D13-D935-4FF8-AB52-F0E115ED1AD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C001822-FDF8-497C-AC2C-B59A00E9ACD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B86C77AB-B8FF-4376-9B4E-C88417396F3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61EBA52A-2D8B-4FB5-866E-AE67CE1842E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA33E7E2-DE7B-411E-8991-718DA0988C51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1957B3C0-7F25-469B-BC3F-7B09260837ED\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-001.txt.asc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=104567627211904&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=104568426824439&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=104577183206905&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ciac.org/ciac/bulletins/n-051.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2003/dsa-253\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.iss.net/security_center/static/11369.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.linuxsecurity.com/advisories/engarde_advisory-2874.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:020\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.openssl.org/news/secadv_20030219.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/3945\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-062.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-063.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-082.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-104.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-205.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/6884\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.trustix.org/errata/2003/0005\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-001.txt.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=104567627211904&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=104568426824439&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=104577183206905&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ciac.org/ciac/bulletins/n-051.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2003/dsa-253\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.iss.net/security_center/static/11369.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.linuxsecurity.com/advisories/engarde_advisory-2874.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:020\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.openssl.org/news/secadv_20030219.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/3945\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-062.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-063.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-082.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-104.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-205.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/6884\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.trustix.org/errata/2003/0005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}", }, }
RHSA-2003:082
Vulnerability from csaf_redhat
Published
2003-03-03 09:16
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold
Notes
Topic
Updated versions of Stronghold 4 cross-platform are available to fix a
number of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat.
Also included in this update are bug fixes for mod_proxy and the
mod_authz_ldap package.
Details
Stronghold 4 cross platform contains a number of open source technologies
such as OpenSSL, Apache, and PHP. A number of issues have been found in
versions of these projects:
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to be able to retrieve the plain text of a common,
fixed block. In order for an attack to be successful an attacker must be
able to act as a man-in-the-middle to intercept and modify multiple
connections which all involve a common fixed plain text block (such as a
password), and have good network conditions that allow small changes in
timing to be reliably observed.
The Apache Web server does not prevent escape sequences from being written
to the error log. This could allow an attacker to embed arbitrary escape
sequences into the log file. A recent paper by HD Moore highlighted
several issues where common terminal emulator software (such as xterm) can
be remotely abused or exploited by displaying arbitrary escape sequences.
The MySQL client library (libmysqlclient) used in the PHP MySQL extension
in PHP versions earlier than 4.3.0 does not properly verify length fields
for certain responses in the read_rows or read_one_row routines, which
allows a malicious server to cause a denial of service and possibly execute
arbitrary code.
A source code exposure vulnerability has been found that affects Tomcat
versions 4.0.0 through 4.0.5 and 4.1.0 through 4.1.12, in a variant of
the issue addressed in RHSA-2002:217. Using a carefully crafted request, a
remote attacker can read the source code of any deployed JSP file.
In addition to the security fixes, two bug fixes have also been applied:
If Apache is configured to act as a reverse proxy by specifying the backend
server using a numeric IP address, the mod_proxy module will perform a
redundant reverse DNS lookup on the IP address, causing a delay in request
processing.
A bug in mod_authz_ldap version 0.21 and earlier prevent
authentication being performed by other Apache modules (such as
filed-based authentication using mod_auth) when the mod_authz_ldap module
is loaded.
Stronghold 4 cross platform contains OpenSSL 0.9.6c, Apache 1.3.22, PHP
4.1.2, Tomcat 4.0.5, and mod_authz_ldap 0.19, and is therefore vulnerable
to these issues. Users of Stronghold are advised to update to the errata
versions of Stronghold 4 which contain backported security fixes and are
not vulnerable to these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of Stronghold 4 cross-platform are available to fix a\nnumber of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat.\n\nAlso included in this update are bug fixes for mod_proxy and the\nmod_authz_ldap package.", title: "Topic", }, { category: "general", text: "Stronghold 4 cross platform contains a number of open source technologies\nsuch as OpenSSL, Apache, and PHP. A number of issues have been found in\nversions of these projects:\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to be able to retrieve the plain text of a common,\nfixed block. In order for an attack to be successful an attacker must be\nable to act as a man-in-the-middle to intercept and modify multiple\nconnections which all involve a common fixed plain text block (such as a\npassword), and have good network conditions that allow small changes in\ntiming to be reliably observed.\n\nThe Apache Web server does not prevent escape sequences from being written\nto the error log. This could allow an attacker to embed arbitrary escape\nsequences into the log file. A recent paper by HD Moore highlighted\nseveral issues where common terminal emulator software (such as xterm) can\nbe remotely abused or exploited by displaying arbitrary escape sequences.\n\nThe MySQL client library (libmysqlclient) used in the PHP MySQL extension\nin PHP versions earlier than 4.3.0 does not properly verify length fields\nfor certain responses in the read_rows or read_one_row routines, which\nallows a malicious server to cause a denial of service and possibly execute\narbitrary code.\n\nA source code exposure vulnerability has been found that affects Tomcat\nversions 4.0.0 through 4.0.5 and 4.1.0 through 4.1.12, in a variant of\nthe issue addressed in RHSA-2002:217. Using a carefully crafted request, a\nremote attacker can read the source code of any deployed JSP file.\n\nIn addition to the security fixes, two bug fixes have also been applied:\n\nIf Apache is configured to act as a reverse proxy by specifying the backend\nserver using a numeric IP address, the mod_proxy module will perform a\nredundant reverse DNS lookup on the IP address, causing a delay in request\nprocessing.\n\nA bug in mod_authz_ldap version 0.21 and earlier prevent\nauthentication being performed by other Apache modules (such as\nfiled-based authentication using mod_auth) when the mod_authz_ldap module\nis loaded.\n\nStronghold 4 cross platform contains OpenSSL 0.9.6c, Apache 1.3.22, PHP\n4.1.2, Tomcat 4.0.5, and mod_authz_ldap 0.19, and is therefore vulnerable\nto these issues. Users of Stronghold are advised to update to the errata\nversions of Stronghold 4 which contain backported security fixes and are\nnot vulnerable to these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:082", url: "https://access.redhat.com/errata/RHSA-2003:082", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", url: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", }, { category: "external", summary: "http://www.digitaldefense.net/labs/papers/Termulation.txt", url: "http://www.digitaldefense.net/labs/papers/Termulation.txt", }, { category: "external", summary: "80057", url: "https://bugzilla.redhat.com/show_bug.cgi?id=80057", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_082.json", }, ], title: "Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:41:49+00:00", generator: { date: "2024-11-21T22:41:49+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:082", initial_release_date: "2003-03-03T09:16:00+00:00", revision_history: [ { date: "2003-03-03T09:16:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-02-27T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:49+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 4", product: { name: "Red Hat Stronghold 4", product_id: "Red Hat Stronghold 4", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:4", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2002-1376", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616897", }, ], notes: [ { category: "description", text: "libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2002-1376", }, { category: "external", summary: "RHBZ#1616897", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616897", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2002-1376", url: "https://www.cve.org/CVERecord?id=CVE-2002-1376", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", url: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", }, ], release_date: "2002-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2002-1394", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616907", }, ], notes: [ { category: "description", text: "Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2002-1394", }, { category: "external", summary: "RHBZ#1616907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616907", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2002-1394", url: "https://www.cve.org/CVERecord?id=CVE-2002-1394", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2002-1394", url: "https://nvd.nist.gov/vuln/detail/CVE-2002-1394", }, ], release_date: "2002-10-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], title: "security flaw", }, { cve: "CVE-2003-0020", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616937", }, ], notes: [ { category: "description", text: "Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0020", }, { category: "external", summary: "RHBZ#1616937", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616937", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0020", url: "https://www.cve.org/CVERecord?id=CVE-2003-0020", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
rhsa-2003_082
Vulnerability from csaf_redhat
Published
2003-03-03 09:16
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold
Notes
Topic
Updated versions of Stronghold 4 cross-platform are available to fix a
number of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat.
Also included in this update are bug fixes for mod_proxy and the
mod_authz_ldap package.
Details
Stronghold 4 cross platform contains a number of open source technologies
such as OpenSSL, Apache, and PHP. A number of issues have been found in
versions of these projects:
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to be able to retrieve the plain text of a common,
fixed block. In order for an attack to be successful an attacker must be
able to act as a man-in-the-middle to intercept and modify multiple
connections which all involve a common fixed plain text block (such as a
password), and have good network conditions that allow small changes in
timing to be reliably observed.
The Apache Web server does not prevent escape sequences from being written
to the error log. This could allow an attacker to embed arbitrary escape
sequences into the log file. A recent paper by HD Moore highlighted
several issues where common terminal emulator software (such as xterm) can
be remotely abused or exploited by displaying arbitrary escape sequences.
The MySQL client library (libmysqlclient) used in the PHP MySQL extension
in PHP versions earlier than 4.3.0 does not properly verify length fields
for certain responses in the read_rows or read_one_row routines, which
allows a malicious server to cause a denial of service and possibly execute
arbitrary code.
A source code exposure vulnerability has been found that affects Tomcat
versions 4.0.0 through 4.0.5 and 4.1.0 through 4.1.12, in a variant of
the issue addressed in RHSA-2002:217. Using a carefully crafted request, a
remote attacker can read the source code of any deployed JSP file.
In addition to the security fixes, two bug fixes have also been applied:
If Apache is configured to act as a reverse proxy by specifying the backend
server using a numeric IP address, the mod_proxy module will perform a
redundant reverse DNS lookup on the IP address, causing a delay in request
processing.
A bug in mod_authz_ldap version 0.21 and earlier prevent
authentication being performed by other Apache modules (such as
filed-based authentication using mod_auth) when the mod_authz_ldap module
is loaded.
Stronghold 4 cross platform contains OpenSSL 0.9.6c, Apache 1.3.22, PHP
4.1.2, Tomcat 4.0.5, and mod_authz_ldap 0.19, and is therefore vulnerable
to these issues. Users of Stronghold are advised to update to the errata
versions of Stronghold 4 which contain backported security fixes and are
not vulnerable to these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of Stronghold 4 cross-platform are available to fix a\nnumber of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat.\n\nAlso included in this update are bug fixes for mod_proxy and the\nmod_authz_ldap package.", title: "Topic", }, { category: "general", text: "Stronghold 4 cross platform contains a number of open source technologies\nsuch as OpenSSL, Apache, and PHP. A number of issues have been found in\nversions of these projects:\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to be able to retrieve the plain text of a common,\nfixed block. In order for an attack to be successful an attacker must be\nable to act as a man-in-the-middle to intercept and modify multiple\nconnections which all involve a common fixed plain text block (such as a\npassword), and have good network conditions that allow small changes in\ntiming to be reliably observed.\n\nThe Apache Web server does not prevent escape sequences from being written\nto the error log. This could allow an attacker to embed arbitrary escape\nsequences into the log file. A recent paper by HD Moore highlighted\nseveral issues where common terminal emulator software (such as xterm) can\nbe remotely abused or exploited by displaying arbitrary escape sequences.\n\nThe MySQL client library (libmysqlclient) used in the PHP MySQL extension\nin PHP versions earlier than 4.3.0 does not properly verify length fields\nfor certain responses in the read_rows or read_one_row routines, which\nallows a malicious server to cause a denial of service and possibly execute\narbitrary code.\n\nA source code exposure vulnerability has been found that affects Tomcat\nversions 4.0.0 through 4.0.5 and 4.1.0 through 4.1.12, in a variant of\nthe issue addressed in RHSA-2002:217. Using a carefully crafted request, a\nremote attacker can read the source code of any deployed JSP file.\n\nIn addition to the security fixes, two bug fixes have also been applied:\n\nIf Apache is configured to act as a reverse proxy by specifying the backend\nserver using a numeric IP address, the mod_proxy module will perform a\nredundant reverse DNS lookup on the IP address, causing a delay in request\nprocessing.\n\nA bug in mod_authz_ldap version 0.21 and earlier prevent\nauthentication being performed by other Apache modules (such as\nfiled-based authentication using mod_auth) when the mod_authz_ldap module\nis loaded.\n\nStronghold 4 cross platform contains OpenSSL 0.9.6c, Apache 1.3.22, PHP\n4.1.2, Tomcat 4.0.5, and mod_authz_ldap 0.19, and is therefore vulnerable\nto these issues. Users of Stronghold are advised to update to the errata\nversions of Stronghold 4 which contain backported security fixes and are\nnot vulnerable to these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:082", url: "https://access.redhat.com/errata/RHSA-2003:082", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", url: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", }, { category: "external", summary: "http://www.digitaldefense.net/labs/papers/Termulation.txt", url: "http://www.digitaldefense.net/labs/papers/Termulation.txt", }, { category: "external", summary: "80057", url: "https://bugzilla.redhat.com/show_bug.cgi?id=80057", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_082.json", }, ], title: "Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:41:49+00:00", generator: { date: "2024-11-21T22:41:49+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:082", initial_release_date: "2003-03-03T09:16:00+00:00", revision_history: [ { date: "2003-03-03T09:16:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-02-27T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:49+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 4", product: { name: "Red Hat Stronghold 4", product_id: "Red Hat Stronghold 4", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:4", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2002-1376", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616897", }, ], notes: [ { category: "description", text: "libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2002-1376", }, { category: "external", summary: "RHBZ#1616897", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616897", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2002-1376", url: "https://www.cve.org/CVERecord?id=CVE-2002-1376", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", url: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", }, ], release_date: "2002-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2002-1394", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616907", }, ], notes: [ { category: "description", text: "Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2002-1394", }, { category: "external", summary: "RHBZ#1616907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616907", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2002-1394", url: "https://www.cve.org/CVERecord?id=CVE-2002-1394", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2002-1394", url: "https://nvd.nist.gov/vuln/detail/CVE-2002-1394", }, ], release_date: "2002-10-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], title: "security flaw", }, { cve: "CVE-2003-0020", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616937", }, ], notes: [ { category: "description", text: "Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0020", }, { category: "external", summary: "RHBZ#1616937", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616937", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0020", url: "https://www.cve.org/CVERecord?id=CVE-2003-0020", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
RHSA-2003:062
Vulnerability from csaf_redhat
Published
2003-03-06 15:10
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: : Updated OpenSSL packages fix timing attack
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to make it possible to retrieve the plaintext of a
common, fixed block.
In order for an attack to be sucessful, an attacker must be able to act as
a man-in-the-middle to intercept and modify multiple connections, which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably
observed.
These erratum packages contain a patch provided by the OpenSSL group that
corrects this vulnerability.
Because server applications are affected by these vulnerabilities, we
advise users to restart all services that use OpenSSL functionality or
alternatively reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements the Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to make it possible to retrieve the plaintext of a\ncommon, fixed block.\n\nIn order for an attack to be sucessful, an attacker must be able to act as\na man-in-the-middle to intercept and modify multiple connections, which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nThese erratum packages contain a patch provided by the OpenSSL group that\ncorrects this vulnerability.\n\nBecause server applications are affected by these vulnerabilities, we\nadvise users to restart all services that use OpenSSL functionality or\nalternatively reboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:062", url: "https://access.redhat.com/errata/RHSA-2003:062", }, { category: "external", summary: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", url: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_062.json", }, ], title: "Red Hat Security Advisory: : Updated OpenSSL packages fix timing attack", tracking: { current_release_date: "2024-11-21T22:41:37+00:00", generator: { date: "2024-11-21T22:41:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:062", initial_release_date: "2003-03-06T15:10:00+00:00", revision_history: [ { date: "2003-03-06T15:10:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-02-19T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 6.2", product: { name: "Red Hat Linux 6.2", product_id: "Red Hat Linux 6.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:6.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.0", product: { name: "Red Hat Linux 7.0", product_id: "Red Hat Linux 7.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.0", }, }, }, { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, { category: "product_name", name: "Red Hat Linux 7.2", product: { name: "Red Hat Linux 7.2", product_id: "Red Hat Linux 7.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.3", product: { name: "Red Hat Linux 7.3", product_id: "Red Hat Linux 7.3", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.3", }, }, }, { category: "product_name", name: "Red Hat Linux 8.0", product: { name: "Red Hat Linux 8.0", product_id: "Red Hat Linux 8.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:8.0", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-06T15:10:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:062", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
rhsa-2003:062
Vulnerability from csaf_redhat
Published
2003-03-06 15:10
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: : Updated OpenSSL packages fix timing attack
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to make it possible to retrieve the plaintext of a
common, fixed block.
In order for an attack to be sucessful, an attacker must be able to act as
a man-in-the-middle to intercept and modify multiple connections, which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably
observed.
These erratum packages contain a patch provided by the OpenSSL group that
corrects this vulnerability.
Because server applications are affected by these vulnerabilities, we
advise users to restart all services that use OpenSSL functionality or
alternatively reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements the Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to make it possible to retrieve the plaintext of a\ncommon, fixed block.\n\nIn order for an attack to be sucessful, an attacker must be able to act as\na man-in-the-middle to intercept and modify multiple connections, which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nThese erratum packages contain a patch provided by the OpenSSL group that\ncorrects this vulnerability.\n\nBecause server applications are affected by these vulnerabilities, we\nadvise users to restart all services that use OpenSSL functionality or\nalternatively reboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:062", url: "https://access.redhat.com/errata/RHSA-2003:062", }, { category: "external", summary: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", url: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_062.json", }, ], title: "Red Hat Security Advisory: : Updated OpenSSL packages fix timing attack", tracking: { current_release_date: "2024-11-21T22:41:37+00:00", generator: { date: "2024-11-21T22:41:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:062", initial_release_date: "2003-03-06T15:10:00+00:00", revision_history: [ { date: "2003-03-06T15:10:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-02-19T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 6.2", product: { name: "Red Hat Linux 6.2", product_id: "Red Hat Linux 6.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:6.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.0", product: { name: "Red Hat Linux 7.0", product_id: "Red Hat Linux 7.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.0", }, }, }, { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, { category: "product_name", name: "Red Hat Linux 7.2", product: { name: "Red Hat Linux 7.2", product_id: "Red Hat Linux 7.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.3", product: { name: "Red Hat Linux 7.3", product_id: "Red Hat Linux 7.3", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.3", }, }, }, { category: "product_name", name: "Red Hat Linux 8.0", product: { name: "Red Hat Linux 8.0", product_id: "Red Hat Linux 8.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:8.0", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-06T15:10:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:062", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
rhsa-2003:205
Vulnerability from csaf_redhat
Published
2003-06-23 17:37
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities
Notes
Topic
Updated OpenSSL packages that fix potential timing-based and modified
Bleichenbacher attacks are available for Red Hat Linux on IBM iSeries and
pSeries systems.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to make it possible to retrieve the plaintext of a
common, fixed block.
In order for an attack to be sucessful, an attacker must be able to act as
a man-in-the-middle to intercept and modify multiple connections, which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably
observed.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms ("Karatsuba" and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions allowing small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext, aka the "Klima-Pokorny-Rosa attack."
These erratum packages contain patches provided by the OpenSSL group that
enable RSA blinding by default and protect against the other vulnerabilities.
Because server applications are affected by these vulnerabilities, users
are advised to restart all services that use OpenSSL functionality, or
reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages that fix potential timing-based and modified\nBleichenbacher attacks are available for Red Hat Linux on IBM iSeries and\npSeries systems.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to make it possible to retrieve the plaintext of a\ncommon, fixed block.\n\nIn order for an attack to be sucessful, an attacker must be able to act as\na man-in-the-middle to intercept and modify multiple connections, which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (\"Karatsuba\" and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions allowing small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain patches provided by the OpenSSL group that\nenable RSA blinding by default and protect against the other vulnerabilities.\n\nBecause server applications are affected by these vulnerabilities, users\nare advised to restart all services that use OpenSSL functionality, or\nreboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:205", url: "https://access.redhat.com/errata/RHSA-2003:205", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86112", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_205.json", }, ], title: "Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities", tracking: { current_release_date: "2024-11-21T22:43:08+00:00", generator: { date: "2024-11-21T22:43:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:205", initial_release_date: "2003-06-23T17:37:00+00:00", revision_history: [ { date: "2003-06-23T17:37:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-06-23T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003_062
Vulnerability from csaf_redhat
Published
2003-03-06 15:10
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: : Updated OpenSSL packages fix timing attack
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to make it possible to retrieve the plaintext of a
common, fixed block.
In order for an attack to be sucessful, an attacker must be able to act as
a man-in-the-middle to intercept and modify multiple connections, which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably
observed.
These erratum packages contain a patch provided by the OpenSSL group that
corrects this vulnerability.
Because server applications are affected by these vulnerabilities, we
advise users to restart all services that use OpenSSL functionality or
alternatively reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements the Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to make it possible to retrieve the plaintext of a\ncommon, fixed block.\n\nIn order for an attack to be sucessful, an attacker must be able to act as\na man-in-the-middle to intercept and modify multiple connections, which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nThese erratum packages contain a patch provided by the OpenSSL group that\ncorrects this vulnerability.\n\nBecause server applications are affected by these vulnerabilities, we\nadvise users to restart all services that use OpenSSL functionality or\nalternatively reboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:062", url: "https://access.redhat.com/errata/RHSA-2003:062", }, { category: "external", summary: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", url: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_062.json", }, ], title: "Red Hat Security Advisory: : Updated OpenSSL packages fix timing attack", tracking: { current_release_date: "2024-11-21T22:41:37+00:00", generator: { date: "2024-11-21T22:41:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:062", initial_release_date: "2003-03-06T15:10:00+00:00", revision_history: [ { date: "2003-03-06T15:10:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-02-19T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 6.2", product: { name: "Red Hat Linux 6.2", product_id: "Red Hat Linux 6.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:6.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.0", product: { name: "Red Hat Linux 7.0", product_id: "Red Hat Linux 7.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.0", }, }, }, { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, { category: "product_name", name: "Red Hat Linux 7.2", product: { name: "Red Hat Linux 7.2", product_id: "Red Hat Linux 7.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.3", product: { name: "Red Hat Linux 7.3", product_id: "Red Hat Linux 7.3", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.3", }, }, }, { category: "product_name", name: "Red Hat Linux 8.0", product: { name: "Red Hat Linux 8.0", product_id: "Red Hat Linux 8.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:8.0", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-06T15:10:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:062", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
RHSA-2003:205
Vulnerability from csaf_redhat
Published
2003-06-23 17:37
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities
Notes
Topic
Updated OpenSSL packages that fix potential timing-based and modified
Bleichenbacher attacks are available for Red Hat Linux on IBM iSeries and
pSeries systems.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to make it possible to retrieve the plaintext of a
common, fixed block.
In order for an attack to be sucessful, an attacker must be able to act as
a man-in-the-middle to intercept and modify multiple connections, which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably
observed.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms ("Karatsuba" and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions allowing small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext, aka the "Klima-Pokorny-Rosa attack."
These erratum packages contain patches provided by the OpenSSL group that
enable RSA blinding by default and protect against the other vulnerabilities.
Because server applications are affected by these vulnerabilities, users
are advised to restart all services that use OpenSSL functionality, or
reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages that fix potential timing-based and modified\nBleichenbacher attacks are available for Red Hat Linux on IBM iSeries and\npSeries systems.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to make it possible to retrieve the plaintext of a\ncommon, fixed block.\n\nIn order for an attack to be sucessful, an attacker must be able to act as\na man-in-the-middle to intercept and modify multiple connections, which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (\"Karatsuba\" and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions allowing small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain patches provided by the OpenSSL group that\nenable RSA blinding by default and protect against the other vulnerabilities.\n\nBecause server applications are affected by these vulnerabilities, users\nare advised to restart all services that use OpenSSL functionality, or\nreboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:205", url: "https://access.redhat.com/errata/RHSA-2003:205", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86112", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_205.json", }, ], title: "Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities", tracking: { current_release_date: "2024-11-21T22:43:08+00:00", generator: { date: "2024-11-21T22:43:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:205", initial_release_date: "2003-06-23T17:37:00+00:00", revision_history: [ { date: "2003-06-23T17:37:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-06-23T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003_205
Vulnerability from csaf_redhat
Published
2003-06-23 17:37
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities
Notes
Topic
Updated OpenSSL packages that fix potential timing-based and modified
Bleichenbacher attacks are available for Red Hat Linux on IBM iSeries and
pSeries systems.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to make it possible to retrieve the plaintext of a
common, fixed block.
In order for an attack to be sucessful, an attacker must be able to act as
a man-in-the-middle to intercept and modify multiple connections, which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably
observed.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms ("Karatsuba" and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions allowing small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext, aka the "Klima-Pokorny-Rosa attack."
These erratum packages contain patches provided by the OpenSSL group that
enable RSA blinding by default and protect against the other vulnerabilities.
Because server applications are affected by these vulnerabilities, users
are advised to restart all services that use OpenSSL functionality, or
reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages that fix potential timing-based and modified\nBleichenbacher attacks are available for Red Hat Linux on IBM iSeries and\npSeries systems.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to make it possible to retrieve the plaintext of a\ncommon, fixed block.\n\nIn order for an attack to be sucessful, an attacker must be able to act as\na man-in-the-middle to intercept and modify multiple connections, which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (\"Karatsuba\" and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions allowing small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain patches provided by the OpenSSL group that\nenable RSA blinding by default and protect against the other vulnerabilities.\n\nBecause server applications are affected by these vulnerabilities, users\nare advised to restart all services that use OpenSSL functionality, or\nreboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:205", url: "https://access.redhat.com/errata/RHSA-2003:205", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86112", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_205.json", }, ], title: "Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities", tracking: { current_release_date: "2024-11-21T22:43:08+00:00", generator: { date: "2024-11-21T22:43:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:205", initial_release_date: "2003-06-23T17:37:00+00:00", revision_history: [ { date: "2003-06-23T17:37:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-06-23T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003_063
Vulnerability from csaf_redhat
Published
2003-03-10 15:18
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: openssl security update
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack.
[Updated 12 March 2003]
Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise
Linux WS
Details
OpenSSL is a commercial-grade, full-featured, open source toolkit which
implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength, general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to be able to retrieve the plaintext of a common,
fixed block.
In order for an attack to be sucessful an attacker must be able to act as a
man-in-the-middle to intercept and modify multiple connections which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably observed.
These updated packages contain a patch provided by the OpenSSL group that
corrects this vulnerability.
Because server applications are affected by these vulnerabilities, we
advise users to restart all services that use OpenSSL functionality or
alternatively reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack.\n\n[Updated 12 March 2003]\nAdded packages for Red Hat Enterprise Linux ES and Red Hat Enterprise\nLinux WS", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, open source toolkit which\nimplements the Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength, general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to be able to retrieve the plaintext of a common,\nfixed block.\n\nIn order for an attack to be sucessful an attacker must be able to act as a\nman-in-the-middle to intercept and modify multiple connections which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably observed.\n\nThese updated packages contain a patch provided by the OpenSSL group that\ncorrects this vulnerability.\n\nBecause server applications are affected by these vulnerabilities, we\nadvise users to restart all services that use OpenSSL functionality or\nalternatively reboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:063", url: "https://access.redhat.com/errata/RHSA-2003:063", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", url: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", }, { category: "external", summary: "84597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=84597", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_063.json", }, ], title: "Red Hat Security Advisory: openssl security update", tracking: { current_release_date: "2024-11-21T22:41:41+00:00", generator: { date: "2024-11-21T22:41:41+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:063", initial_release_date: "2003-03-10T15:18:00+00:00", revision_history: [ { date: "2003-03-10T15:18:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-02-19T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:41+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product: { name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_id: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::as", }, }, }, { category: "product_name", name: "Red Hat Linux Advanced Workstation 2.1", product: { name: "Red Hat Linux Advanced Workstation 2.1", product_id: "Red Hat Linux Advanced Workstation 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::aw", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 2.1", product: { name: "Red Hat Enterprise Linux ES version 2.1", product_id: "Red Hat Enterprise Linux ES version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 2.1", product: { name: "Red Hat Enterprise Linux WS version 2.1", product_id: "Red Hat Enterprise Linux WS version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-10T15:18:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nPlease note that this update is available via Red Hat Network. To use Red\nHat Network, launch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:063", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
RHSA-2003:063
Vulnerability from csaf_redhat
Published
2003-03-10 15:18
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: openssl security update
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack.
[Updated 12 March 2003]
Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise
Linux WS
Details
OpenSSL is a commercial-grade, full-featured, open source toolkit which
implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength, general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to be able to retrieve the plaintext of a common,
fixed block.
In order for an attack to be sucessful an attacker must be able to act as a
man-in-the-middle to intercept and modify multiple connections which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably observed.
These updated packages contain a patch provided by the OpenSSL group that
corrects this vulnerability.
Because server applications are affected by these vulnerabilities, we
advise users to restart all services that use OpenSSL functionality or
alternatively reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack.\n\n[Updated 12 March 2003]\nAdded packages for Red Hat Enterprise Linux ES and Red Hat Enterprise\nLinux WS", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, open source toolkit which\nimplements the Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength, general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to be able to retrieve the plaintext of a common,\nfixed block.\n\nIn order for an attack to be sucessful an attacker must be able to act as a\nman-in-the-middle to intercept and modify multiple connections which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably observed.\n\nThese updated packages contain a patch provided by the OpenSSL group that\ncorrects this vulnerability.\n\nBecause server applications are affected by these vulnerabilities, we\nadvise users to restart all services that use OpenSSL functionality or\nalternatively reboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:063", url: "https://access.redhat.com/errata/RHSA-2003:063", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", url: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", }, { category: "external", summary: "84597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=84597", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_063.json", }, ], title: "Red Hat Security Advisory: openssl security update", tracking: { current_release_date: "2024-11-21T22:41:41+00:00", generator: { date: "2024-11-21T22:41:41+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:063", initial_release_date: "2003-03-10T15:18:00+00:00", revision_history: [ { date: "2003-03-10T15:18:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-02-19T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:41+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product: { name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_id: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::as", }, }, }, { category: "product_name", name: "Red Hat Linux Advanced Workstation 2.1", product: { name: "Red Hat Linux Advanced Workstation 2.1", product_id: "Red Hat Linux Advanced Workstation 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::aw", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 2.1", product: { name: "Red Hat Enterprise Linux ES version 2.1", product_id: "Red Hat Enterprise Linux ES version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 2.1", product: { name: "Red Hat Enterprise Linux WS version 2.1", product_id: "Red Hat Enterprise Linux WS version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-10T15:18:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nPlease note that this update is available via Red Hat Network. To use Red\nHat Network, launch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:063", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
rhsa-2003:063
Vulnerability from csaf_redhat
Published
2003-03-10 15:18
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: openssl security update
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack.
[Updated 12 March 2003]
Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise
Linux WS
Details
OpenSSL is a commercial-grade, full-featured, open source toolkit which
implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength, general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to be able to retrieve the plaintext of a common,
fixed block.
In order for an attack to be sucessful an attacker must be able to act as a
man-in-the-middle to intercept and modify multiple connections which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably observed.
These updated packages contain a patch provided by the OpenSSL group that
corrects this vulnerability.
Because server applications are affected by these vulnerabilities, we
advise users to restart all services that use OpenSSL functionality or
alternatively reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack.\n\n[Updated 12 March 2003]\nAdded packages for Red Hat Enterprise Linux ES and Red Hat Enterprise\nLinux WS", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, open source toolkit which\nimplements the Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength, general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to be able to retrieve the plaintext of a common,\nfixed block.\n\nIn order for an attack to be sucessful an attacker must be able to act as a\nman-in-the-middle to intercept and modify multiple connections which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably observed.\n\nThese updated packages contain a patch provided by the OpenSSL group that\ncorrects this vulnerability.\n\nBecause server applications are affected by these vulnerabilities, we\nadvise users to restart all services that use OpenSSL functionality or\nalternatively reboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:063", url: "https://access.redhat.com/errata/RHSA-2003:063", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", url: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", }, { category: "external", summary: "84597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=84597", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_063.json", }, ], title: "Red Hat Security Advisory: openssl security update", tracking: { current_release_date: "2024-11-21T22:41:41+00:00", generator: { date: "2024-11-21T22:41:41+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:063", initial_release_date: "2003-03-10T15:18:00+00:00", revision_history: [ { date: "2003-03-10T15:18:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-02-19T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:41+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product: { name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_id: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::as", }, }, }, { category: "product_name", name: "Red Hat Linux Advanced Workstation 2.1", product: { name: "Red Hat Linux Advanced Workstation 2.1", product_id: "Red Hat Linux Advanced Workstation 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::aw", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 2.1", product: { name: "Red Hat Enterprise Linux ES version 2.1", product_id: "Red Hat Enterprise Linux ES version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 2.1", product: { name: "Red Hat Enterprise Linux WS version 2.1", product_id: "Red Hat Enterprise Linux WS version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-10T15:18:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nPlease note that this update is available via Red Hat Network. To use Red\nHat Network, launch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:063", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
RHSA-2003:104
Vulnerability from csaf_redhat
Published
2003-03-18 11:01
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: apache, openssl, php security update for Stronghold
Notes
Topic
Updated versions of Stronghold 3.0 are available to fix a number of
vulnerabilities in OpenSSL, Apache, and PHP.
Details
Stronghold 3.0 contains a number of open source technologies such as
OpenSSL, Apache, and PHP. The following paragraphs describe a number of
issues that have been found in versions of these projects.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to be able to retrieve the plain text of a common,
fixed block. In order for an attack to be successful an attacker must be
able to act as a man-in-the-middle to intercept and modify multiple
connections which all involve a common fixed plain text block (such as a
password), and have good network conditions that allow small changes in
timing to be reliably observed.
The SSL timing attack announced recently by David Brumly and Dan Boneh
is not fixed by this erratum; this new issue will be addressed by a
future erratum release.
The Apache Web server does not prevent escape sequences from being written
to log files. This could allow an attacker to embed arbitrary escape
sequences into log files. A recent paper by HD Moore highlighted
several issues where common terminal emulator software (such as xterm) can
be remotely abused or exploited by displaying arbitrary escape sequences.
The MySQL client library (libmysqlclient) used in the PHP MySQL extension
in PHP versions earlier than 4.3.0 does not properly verify length fields
for certain responses in the read_rows or read_one_row routines, which
allows a malicious server to cause a denial of service and possibly execute
arbitrary code.
Stronghold 3.0 contains OpenSSL 0.9.6b, Apache 1.3.22, and PHP
4.1.2 and is, therefore, vulnerable to these issues. Users of Stronghold are
advised to update to the errata versions of Stronghold 3.0 which contain
backported security fixes and are not vulnerable to these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of Stronghold 3.0 are available to fix a number of\nvulnerabilities in OpenSSL, Apache, and PHP.", title: "Topic", }, { category: "general", text: "Stronghold 3.0 contains a number of open source technologies such as\nOpenSSL, Apache, and PHP. The following paragraphs describe a number of\nissues that have been found in versions of these projects.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to be able to retrieve the plain text of a common,\nfixed block. In order for an attack to be successful an attacker must be\nable to act as a man-in-the-middle to intercept and modify multiple\nconnections which all involve a common fixed plain text block (such as a\npassword), and have good network conditions that allow small changes in\ntiming to be reliably observed.\n\nThe SSL timing attack announced recently by David Brumly and Dan Boneh\nis not fixed by this erratum; this new issue will be addressed by a\nfuture erratum release.\n\nThe Apache Web server does not prevent escape sequences from being written\nto log files. This could allow an attacker to embed arbitrary escape\nsequences into log files. A recent paper by HD Moore highlighted\nseveral issues where common terminal emulator software (such as xterm) can\nbe remotely abused or exploited by displaying arbitrary escape sequences.\n\nThe MySQL client library (libmysqlclient) used in the PHP MySQL extension\nin PHP versions earlier than 4.3.0 does not properly verify length fields\nfor certain responses in the read_rows or read_one_row routines, which\nallows a malicious server to cause a denial of service and possibly execute\narbitrary code.\n\nStronghold 3.0 contains OpenSSL 0.9.6b, Apache 1.3.22, and PHP\n4.1.2 and is, therefore, vulnerable to these issues. Users of Stronghold are\nadvised to update to the errata versions of Stronghold 3.0 which contain\nbackported security fixes and are not vulnerable to these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:104", url: "https://access.redhat.com/errata/RHSA-2003:104", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://stronghold.redhat.com/", url: "http://stronghold.redhat.com/", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_104.json", }, ], title: "Red Hat Security Advisory: apache, openssl, php security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:41:57+00:00", generator: { date: "2024-11-21T22:41:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:104", initial_release_date: "2003-03-18T11:01:00+00:00", revision_history: [ { date: "2003-03-18T11:01:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-18T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 3", product: { name: "Red Hat Stronghold 3", product_id: "Red Hat Stronghold 3", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:3", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2002-1376", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616897", }, ], notes: [ { category: "description", text: "libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2002-1376", }, { category: "external", summary: "RHBZ#1616897", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616897", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2002-1376", url: "https://www.cve.org/CVERecord?id=CVE-2002-1376", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", url: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", }, ], release_date: "2002-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0020", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616937", }, ], notes: [ { category: "description", text: "Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0020", }, { category: "external", summary: "RHBZ#1616937", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616937", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0020", url: "https://www.cve.org/CVERecord?id=CVE-2003-0020", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2003-0083", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616961", }, ], notes: [ { category: "description", text: "Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0083", }, { category: "external", summary: "RHBZ#1616961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616961", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0083", url: "https://www.cve.org/CVERecord?id=CVE-2003-0083", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], title: "security flaw", }, ], }
rhsa-2003:082
Vulnerability from csaf_redhat
Published
2003-03-03 09:16
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold
Notes
Topic
Updated versions of Stronghold 4 cross-platform are available to fix a
number of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat.
Also included in this update are bug fixes for mod_proxy and the
mod_authz_ldap package.
Details
Stronghold 4 cross platform contains a number of open source technologies
such as OpenSSL, Apache, and PHP. A number of issues have been found in
versions of these projects:
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to be able to retrieve the plain text of a common,
fixed block. In order for an attack to be successful an attacker must be
able to act as a man-in-the-middle to intercept and modify multiple
connections which all involve a common fixed plain text block (such as a
password), and have good network conditions that allow small changes in
timing to be reliably observed.
The Apache Web server does not prevent escape sequences from being written
to the error log. This could allow an attacker to embed arbitrary escape
sequences into the log file. A recent paper by HD Moore highlighted
several issues where common terminal emulator software (such as xterm) can
be remotely abused or exploited by displaying arbitrary escape sequences.
The MySQL client library (libmysqlclient) used in the PHP MySQL extension
in PHP versions earlier than 4.3.0 does not properly verify length fields
for certain responses in the read_rows or read_one_row routines, which
allows a malicious server to cause a denial of service and possibly execute
arbitrary code.
A source code exposure vulnerability has been found that affects Tomcat
versions 4.0.0 through 4.0.5 and 4.1.0 through 4.1.12, in a variant of
the issue addressed in RHSA-2002:217. Using a carefully crafted request, a
remote attacker can read the source code of any deployed JSP file.
In addition to the security fixes, two bug fixes have also been applied:
If Apache is configured to act as a reverse proxy by specifying the backend
server using a numeric IP address, the mod_proxy module will perform a
redundant reverse DNS lookup on the IP address, causing a delay in request
processing.
A bug in mod_authz_ldap version 0.21 and earlier prevent
authentication being performed by other Apache modules (such as
filed-based authentication using mod_auth) when the mod_authz_ldap module
is loaded.
Stronghold 4 cross platform contains OpenSSL 0.9.6c, Apache 1.3.22, PHP
4.1.2, Tomcat 4.0.5, and mod_authz_ldap 0.19, and is therefore vulnerable
to these issues. Users of Stronghold are advised to update to the errata
versions of Stronghold 4 which contain backported security fixes and are
not vulnerable to these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of Stronghold 4 cross-platform are available to fix a\nnumber of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat.\n\nAlso included in this update are bug fixes for mod_proxy and the\nmod_authz_ldap package.", title: "Topic", }, { category: "general", text: "Stronghold 4 cross platform contains a number of open source technologies\nsuch as OpenSSL, Apache, and PHP. A number of issues have been found in\nversions of these projects:\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to be able to retrieve the plain text of a common,\nfixed block. In order for an attack to be successful an attacker must be\nable to act as a man-in-the-middle to intercept and modify multiple\nconnections which all involve a common fixed plain text block (such as a\npassword), and have good network conditions that allow small changes in\ntiming to be reliably observed.\n\nThe Apache Web server does not prevent escape sequences from being written\nto the error log. This could allow an attacker to embed arbitrary escape\nsequences into the log file. A recent paper by HD Moore highlighted\nseveral issues where common terminal emulator software (such as xterm) can\nbe remotely abused or exploited by displaying arbitrary escape sequences.\n\nThe MySQL client library (libmysqlclient) used in the PHP MySQL extension\nin PHP versions earlier than 4.3.0 does not properly verify length fields\nfor certain responses in the read_rows or read_one_row routines, which\nallows a malicious server to cause a denial of service and possibly execute\narbitrary code.\n\nA source code exposure vulnerability has been found that affects Tomcat\nversions 4.0.0 through 4.0.5 and 4.1.0 through 4.1.12, in a variant of\nthe issue addressed in RHSA-2002:217. Using a carefully crafted request, a\nremote attacker can read the source code of any deployed JSP file.\n\nIn addition to the security fixes, two bug fixes have also been applied:\n\nIf Apache is configured to act as a reverse proxy by specifying the backend\nserver using a numeric IP address, the mod_proxy module will perform a\nredundant reverse DNS lookup on the IP address, causing a delay in request\nprocessing.\n\nA bug in mod_authz_ldap version 0.21 and earlier prevent\nauthentication being performed by other Apache modules (such as\nfiled-based authentication using mod_auth) when the mod_authz_ldap module\nis loaded.\n\nStronghold 4 cross platform contains OpenSSL 0.9.6c, Apache 1.3.22, PHP\n4.1.2, Tomcat 4.0.5, and mod_authz_ldap 0.19, and is therefore vulnerable\nto these issues. Users of Stronghold are advised to update to the errata\nversions of Stronghold 4 which contain backported security fixes and are\nnot vulnerable to these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:082", url: "https://access.redhat.com/errata/RHSA-2003:082", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", url: "http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps", }, { category: "external", summary: "http://www.digitaldefense.net/labs/papers/Termulation.txt", url: "http://www.digitaldefense.net/labs/papers/Termulation.txt", }, { category: "external", summary: "80057", url: "https://bugzilla.redhat.com/show_bug.cgi?id=80057", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_082.json", }, ], title: "Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:41:49+00:00", generator: { date: "2024-11-21T22:41:49+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:082", initial_release_date: "2003-03-03T09:16:00+00:00", revision_history: [ { date: "2003-03-03T09:16:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-02-27T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:49+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 4", product: { name: "Red Hat Stronghold 4", product_id: "Red Hat Stronghold 4", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:4", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2002-1376", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616897", }, ], notes: [ { category: "description", text: "libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2002-1376", }, { category: "external", summary: "RHBZ#1616897", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616897", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2002-1376", url: "https://www.cve.org/CVERecord?id=CVE-2002-1376", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", url: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", }, ], release_date: "2002-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2002-1394", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616907", }, ], notes: [ { category: "description", text: "Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2002-1394", }, { category: "external", summary: "RHBZ#1616907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616907", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2002-1394", url: "https://www.cve.org/CVERecord?id=CVE-2002-1394", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2002-1394", url: "https://nvd.nist.gov/vuln/detail/CVE-2002-1394", }, ], release_date: "2002-10-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], title: "security flaw", }, { cve: "CVE-2003-0020", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616937", }, ], notes: [ { category: "description", text: "Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0020", }, { category: "external", summary: "RHBZ#1616937", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616937", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0020", url: "https://www.cve.org/CVERecord?id=CVE-2003-0020", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-03T09:16:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/stop-tomcat\n$ bin/start-tomcat\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:082", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
rhsa-2003:104
Vulnerability from csaf_redhat
Published
2003-03-18 11:01
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: apache, openssl, php security update for Stronghold
Notes
Topic
Updated versions of Stronghold 3.0 are available to fix a number of
vulnerabilities in OpenSSL, Apache, and PHP.
Details
Stronghold 3.0 contains a number of open source technologies such as
OpenSSL, Apache, and PHP. The following paragraphs describe a number of
issues that have been found in versions of these projects.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to be able to retrieve the plain text of a common,
fixed block. In order for an attack to be successful an attacker must be
able to act as a man-in-the-middle to intercept and modify multiple
connections which all involve a common fixed plain text block (such as a
password), and have good network conditions that allow small changes in
timing to be reliably observed.
The SSL timing attack announced recently by David Brumly and Dan Boneh
is not fixed by this erratum; this new issue will be addressed by a
future erratum release.
The Apache Web server does not prevent escape sequences from being written
to log files. This could allow an attacker to embed arbitrary escape
sequences into log files. A recent paper by HD Moore highlighted
several issues where common terminal emulator software (such as xterm) can
be remotely abused or exploited by displaying arbitrary escape sequences.
The MySQL client library (libmysqlclient) used in the PHP MySQL extension
in PHP versions earlier than 4.3.0 does not properly verify length fields
for certain responses in the read_rows or read_one_row routines, which
allows a malicious server to cause a denial of service and possibly execute
arbitrary code.
Stronghold 3.0 contains OpenSSL 0.9.6b, Apache 1.3.22, and PHP
4.1.2 and is, therefore, vulnerable to these issues. Users of Stronghold are
advised to update to the errata versions of Stronghold 3.0 which contain
backported security fixes and are not vulnerable to these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of Stronghold 3.0 are available to fix a number of\nvulnerabilities in OpenSSL, Apache, and PHP.", title: "Topic", }, { category: "general", text: "Stronghold 3.0 contains a number of open source technologies such as\nOpenSSL, Apache, and PHP. The following paragraphs describe a number of\nissues that have been found in versions of these projects.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to be able to retrieve the plain text of a common,\nfixed block. In order for an attack to be successful an attacker must be\nable to act as a man-in-the-middle to intercept and modify multiple\nconnections which all involve a common fixed plain text block (such as a\npassword), and have good network conditions that allow small changes in\ntiming to be reliably observed.\n\nThe SSL timing attack announced recently by David Brumly and Dan Boneh\nis not fixed by this erratum; this new issue will be addressed by a\nfuture erratum release.\n\nThe Apache Web server does not prevent escape sequences from being written\nto log files. This could allow an attacker to embed arbitrary escape\nsequences into log files. A recent paper by HD Moore highlighted\nseveral issues where common terminal emulator software (such as xterm) can\nbe remotely abused or exploited by displaying arbitrary escape sequences.\n\nThe MySQL client library (libmysqlclient) used in the PHP MySQL extension\nin PHP versions earlier than 4.3.0 does not properly verify length fields\nfor certain responses in the read_rows or read_one_row routines, which\nallows a malicious server to cause a denial of service and possibly execute\narbitrary code.\n\nStronghold 3.0 contains OpenSSL 0.9.6b, Apache 1.3.22, and PHP\n4.1.2 and is, therefore, vulnerable to these issues. Users of Stronghold are\nadvised to update to the errata versions of Stronghold 3.0 which contain\nbackported security fixes and are not vulnerable to these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:104", url: "https://access.redhat.com/errata/RHSA-2003:104", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://stronghold.redhat.com/", url: "http://stronghold.redhat.com/", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_104.json", }, ], title: "Red Hat Security Advisory: apache, openssl, php security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:41:57+00:00", generator: { date: "2024-11-21T22:41:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:104", initial_release_date: "2003-03-18T11:01:00+00:00", revision_history: [ { date: "2003-03-18T11:01:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-18T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 3", product: { name: "Red Hat Stronghold 3", product_id: "Red Hat Stronghold 3", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:3", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2002-1376", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616897", }, ], notes: [ { category: "description", text: "libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2002-1376", }, { category: "external", summary: "RHBZ#1616897", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616897", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2002-1376", url: "https://www.cve.org/CVERecord?id=CVE-2002-1376", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", url: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", }, ], release_date: "2002-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0020", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616937", }, ], notes: [ { category: "description", text: "Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0020", }, { category: "external", summary: "RHBZ#1616937", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616937", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0020", url: "https://www.cve.org/CVERecord?id=CVE-2003-0020", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2003-0083", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616961", }, ], notes: [ { category: "description", text: "Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0083", }, { category: "external", summary: "RHBZ#1616961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616961", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0083", url: "https://www.cve.org/CVERecord?id=CVE-2003-0083", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], title: "security flaw", }, ], }
rhsa-2003_104
Vulnerability from csaf_redhat
Published
2003-03-18 11:01
Modified
2024-11-21 22:41
Summary
Red Hat Security Advisory: apache, openssl, php security update for Stronghold
Notes
Topic
Updated versions of Stronghold 3.0 are available to fix a number of
vulnerabilities in OpenSSL, Apache, and PHP.
Details
Stronghold 3.0 contains a number of open source technologies such as
OpenSSL, Apache, and PHP. The following paragraphs describe a number of
issues that have been found in versions of these projects.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to be able to retrieve the plain text of a common,
fixed block. In order for an attack to be successful an attacker must be
able to act as a man-in-the-middle to intercept and modify multiple
connections which all involve a common fixed plain text block (such as a
password), and have good network conditions that allow small changes in
timing to be reliably observed.
The SSL timing attack announced recently by David Brumly and Dan Boneh
is not fixed by this erratum; this new issue will be addressed by a
future erratum release.
The Apache Web server does not prevent escape sequences from being written
to log files. This could allow an attacker to embed arbitrary escape
sequences into log files. A recent paper by HD Moore highlighted
several issues where common terminal emulator software (such as xterm) can
be remotely abused or exploited by displaying arbitrary escape sequences.
The MySQL client library (libmysqlclient) used in the PHP MySQL extension
in PHP versions earlier than 4.3.0 does not properly verify length fields
for certain responses in the read_rows or read_one_row routines, which
allows a malicious server to cause a denial of service and possibly execute
arbitrary code.
Stronghold 3.0 contains OpenSSL 0.9.6b, Apache 1.3.22, and PHP
4.1.2 and is, therefore, vulnerable to these issues. Users of Stronghold are
advised to update to the errata versions of Stronghold 3.0 which contain
backported security fixes and are not vulnerable to these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of Stronghold 3.0 are available to fix a number of\nvulnerabilities in OpenSSL, Apache, and PHP.", title: "Topic", }, { category: "general", text: "Stronghold 3.0 contains a number of open source technologies such as\nOpenSSL, Apache, and PHP. The following paragraphs describe a number of\nissues that have been found in versions of these projects.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to be able to retrieve the plain text of a common,\nfixed block. In order for an attack to be successful an attacker must be\nable to act as a man-in-the-middle to intercept and modify multiple\nconnections which all involve a common fixed plain text block (such as a\npassword), and have good network conditions that allow small changes in\ntiming to be reliably observed.\n\nThe SSL timing attack announced recently by David Brumly and Dan Boneh\nis not fixed by this erratum; this new issue will be addressed by a\nfuture erratum release.\n\nThe Apache Web server does not prevent escape sequences from being written\nto log files. This could allow an attacker to embed arbitrary escape\nsequences into log files. A recent paper by HD Moore highlighted\nseveral issues where common terminal emulator software (such as xterm) can\nbe remotely abused or exploited by displaying arbitrary escape sequences.\n\nThe MySQL client library (libmysqlclient) used in the PHP MySQL extension\nin PHP versions earlier than 4.3.0 does not properly verify length fields\nfor certain responses in the read_rows or read_one_row routines, which\nallows a malicious server to cause a denial of service and possibly execute\narbitrary code.\n\nStronghold 3.0 contains OpenSSL 0.9.6b, Apache 1.3.22, and PHP\n4.1.2 and is, therefore, vulnerable to these issues. Users of Stronghold are\nadvised to update to the errata versions of Stronghold 3.0 which contain\nbackported security fixes and are not vulnerable to these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:104", url: "https://access.redhat.com/errata/RHSA-2003:104", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://stronghold.redhat.com/", url: "http://stronghold.redhat.com/", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_104.json", }, ], title: "Red Hat Security Advisory: apache, openssl, php security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:41:57+00:00", generator: { date: "2024-11-21T22:41:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:104", initial_release_date: "2003-03-18T11:01:00+00:00", revision_history: [ { date: "2003-03-18T11:01:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-18T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:41:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 3", product: { name: "Red Hat Stronghold 3", product_id: "Red Hat Stronghold 3", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:3", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2002-1376", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616897", }, ], notes: [ { category: "description", text: "libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2002-1376", }, { category: "external", summary: "RHBZ#1616897", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616897", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2002-1376", url: "https://www.cve.org/CVERecord?id=CVE-2002-1376", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", url: "https://nvd.nist.gov/vuln/detail/CVE-2002-1376", }, ], release_date: "2002-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0020", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616937", }, ], notes: [ { category: "description", text: "Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0020", }, { category: "external", summary: "RHBZ#1616937", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616937", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0020", url: "https://www.cve.org/CVERecord?id=CVE-2003-0020", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0020", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2003-0083", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616961", }, ], notes: [ { category: "description", text: "Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0083", }, { category: "external", summary: "RHBZ#1616961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616961", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0083", url: "https://www.cve.org/CVERecord?id=CVE-2003-0083", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-18T11:01:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL, Apache\nand PHP included in Stronghold 3. Stronghold 3.0 build code 3021 is now\navailable which includes these fixes, and can be downloaded from\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:104", }, ], title: "security flaw", }, ], }
fkie_cve-2003-0078
Vulnerability from fkie_nvd
Published
2003-03-03 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openssl | openssl | * | |
| openssl | openssl | 0.9.6i | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| freebsd | freebsd | 4.2 | |
| freebsd | freebsd | 4.3 | |
| freebsd | freebsd | 4.4 | |
| freebsd | freebsd | 4.5 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.7 | |
| freebsd | freebsd | 5.0 | |
| openbsd | openbsd | 3.1 | |
| openbsd | openbsd | 3.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "7693CC10-F1E9-47D4-81C0-EF0E3D9CAE10", versionEndExcluding: "0.9.6i", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", matchCriteriaId: "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:-:*:*:*:*:*:*", matchCriteriaId: "CC626D0B-6D4F-4727-8933-B9EE7546ABA5", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", matchCriteriaId: "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", matchCriteriaId: "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", matchCriteriaId: "85BFEED5-4941-41BB-93D1-CD5C2A41290E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", matchCriteriaId: "9644CC68-1E91-45E7-8C53-1E3FC9976A4E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", matchCriteriaId: "9B1B98C4-1FFD-4A7C-AA86-A34BC6F7AB31", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", matchCriteriaId: "73934717-2DA3-4614-A076-D6EDA5EB0626", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", matchCriteriaId: "DF49BF03-C25E-4737-84D5-892895C86C58", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", matchCriteriaId: "D2019E0E-426B-43AF-8904-1B811AE171E8", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", matchCriteriaId: "55C5FC1A-1253-4390-A4FC-573BB14EA937", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*", matchCriteriaId: "44308D13-D935-4FF8-AB52-F0E115ED1AD2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*", matchCriteriaId: "9C001822-FDF8-497C-AC2C-B59A00E9ACD2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*", matchCriteriaId: "B86C77AB-B8FF-4376-9B4E-C88417396F3D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*", matchCriteriaId: "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*", matchCriteriaId: "DA33E7E2-DE7B-411E-8991-718DA0988C51", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*", matchCriteriaId: "1957B3C0-7F25-469B-BC3F-7B09260837ED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", }, { lang: "es", value: "ssl3_get_record en s3_ptk.c de OpenSSL anteriores a 0.9.7a y 0.9.6 anteriores a 0.9.6i no realiza un cálculo MAC si un relleno de bloque de cifra incorrecto es usado, lo que causa una fuga de información (discrepancia en temporización) que puede hacer más fácil lanzar ataques criptográficos que dependan de distinguir entren errores de relleno o de verificación de MAC, posiblemente conducentes a la extracción del texto plano original, también conocida como \"Ataque de temporización de Vaudenay\".", }, ], id: "CVE-2003-0078", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-03-03T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-001.txt.asc", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=104567627211904&w=2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=104568426824439&w=2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=104577183206905&w=2", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/n-051.shtml", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://www.debian.org/security/2003/dsa-253", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://www.iss.net/security_center/static/11369.php", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-2874.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:020", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Patch", "Vendor Advisory", ], url: "http://www.openssl.org/news/secadv_20030219.txt", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.osvdb.org/3945", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-062.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-063.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-082.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-104.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-205.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/6884", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.trustix.org/errata/2003/0005", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-001.txt.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=104567627211904&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=104568426824439&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=104577183206905&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/n-051.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://www.debian.org/security/2003/dsa-253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://www.iss.net/security_center/static/11369.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-2874.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:020", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Patch", "Vendor Advisory", ], url: "http://www.openssl.org/news/secadv_20030219.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.osvdb.org/3945", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-062.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-063.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-082.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-104.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-205.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/6884", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.trustix.org/errata/2003/0005", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-203", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2003-0078
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
Aliases
Aliases
{ GSD: { alias: "CVE-2003-0078", description: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", id: "GSD-2003-0078", references: [ "https://www.debian.org/security/2003/dsa-253", "https://access.redhat.com/errata/RHSA-2003:205", "https://access.redhat.com/errata/RHSA-2003:104", "https://access.redhat.com/errata/RHSA-2003:082", "https://access.redhat.com/errata/RHSA-2003:063", "https://access.redhat.com/errata/RHSA-2003:062", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2003-0078", ], details: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", id: "GSD-2003-0078", modified: "2023-12-13T01:22:13.230780Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0078", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20030501-01-I", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { name: "3945", refsource: "OSVDB", url: "http://www.osvdb.org/3945", }, { name: "ssl-cbc-information-leak(11369)", refsource: "XF", url: "http://www.iss.net/security_center/static/11369.php", }, { name: "http://www.openssl.org/news/secadv_20030219.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20030219.txt", }, { name: "2003-0005", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2003/0005", }, { name: "DSA-253", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-253", }, { name: "RHSA-2003:205", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-205.html", }, { name: "ESA-20030220-005", refsource: "ENGARDE", url: "http://www.linuxsecurity.com/advisories/engarde_advisory-2874.html", }, { name: "N-051", refsource: "CIAC", url: "http://www.ciac.org/ciac/bulletins/n-051.shtml", }, { name: "20030219 OpenSSL 0.9.7a and 0.9.6i released", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104567627211904&w=2", }, { name: "RHSA-2003:104", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-104.html", }, { name: "6884", refsource: "BID", url: "http://www.securityfocus.com/bid/6884", }, { name: "NetBSD-SA2003-001", refsource: "NETBSD", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-001.txt.asc", }, { name: "MDKSA-2003:020", refsource: "MANDRAKE", url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:020", }, { name: "CLSA-2003:570", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570", }, { name: "20030219 [OpenPKG-SA-2003.013] OpenPKG Security Advisory (openssl)", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104568426824439&w=2", }, { name: "GLSA-200302-10", refsource: "GENTOO", url: "http://marc.info/?l=bugtraq&m=104577183206905&w=2", }, { name: "RHSA-2003:082", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-082.html", }, { name: "RHSA-2003:063", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-063.html", }, { name: "RHSA-2003:062", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-062.html", }, ], }, }, "nvd.nist.gov": { cve: { configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "7693CC10-F1E9-47D4-81C0-EF0E3D9CAE10", versionEndExcluding: "0.9.6i", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", matchCriteriaId: "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:-:*:*:*:*:*:*", matchCriteriaId: "CC626D0B-6D4F-4727-8933-B9EE7546ABA5", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", matchCriteriaId: "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", matchCriteriaId: "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", matchCriteriaId: "85BFEED5-4941-41BB-93D1-CD5C2A41290E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", matchCriteriaId: "9644CC68-1E91-45E7-8C53-1E3FC9976A4E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", matchCriteriaId: "9B1B98C4-1FFD-4A7C-AA86-A34BC6F7AB31", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", matchCriteriaId: "73934717-2DA3-4614-A076-D6EDA5EB0626", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", matchCriteriaId: "DF49BF03-C25E-4737-84D5-892895C86C58", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", matchCriteriaId: "D2019E0E-426B-43AF-8904-1B811AE171E8", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", matchCriteriaId: "55C5FC1A-1253-4390-A4FC-573BB14EA937", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*", matchCriteriaId: "44308D13-D935-4FF8-AB52-F0E115ED1AD2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*", matchCriteriaId: "9C001822-FDF8-497C-AC2C-B59A00E9ACD2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*", matchCriteriaId: "B86C77AB-B8FF-4376-9B4E-C88417396F3D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*", matchCriteriaId: "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*", matchCriteriaId: "DA33E7E2-DE7B-411E-8991-718DA0988C51", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*", matchCriteriaId: "1957B3C0-7F25-469B-BC3F-7B09260837ED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], descriptions: [ { lang: "en", value: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", }, { lang: "es", value: "ssl3_get_record en s3_ptk.c de OpenSSL anteriores a 0.9.7a y 0.9.6 anteriores a 0.9.6i no realiza un cálculo MAC si un relleno de bloque de cifra incorrecto es usado, lo que causa una fuga de información (discrepancia en temporización) que puede hacer más fácil lanzar ataques criptográficos que dependan de distinguir entren errores de relleno o de verificación de MAC, posiblemente conducentes a la extracción del texto plano original, también conocida como \"Ataque de temporización de Vaudenay\".", }, ], id: "CVE-2003-0078", lastModified: "2024-02-14T15:07:42.947", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-03-03T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-001.txt.asc", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=104567627211904&w=2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=104568426824439&w=2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=104577183206905&w=2", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/n-051.shtml", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://www.debian.org/security/2003/dsa-253", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://www.iss.net/security_center/static/11369.php", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-2874.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:020", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Patch", "Vendor Advisory", ], url: "http://www.openssl.org/news/secadv_20030219.txt", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.osvdb.org/3945", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-062.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-063.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-082.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-104.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2003-205.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/6884", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.trustix.org/errata/2003/0005", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-203", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }, }, }, }
ghsa-2x68-h5x4-c4qp
Vulnerability from github
Published
2022-05-03 03:09
Modified
2022-05-03 03:09
Details
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
{ affected: [], aliases: [ "CVE-2003-0078", ], database_specific: { cwe_ids: [], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2003-03-03T05:00:00Z", severity: "MODERATE", }, details: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", id: "GHSA-2x68-h5x4-c4qp", modified: "2022-05-03T03:09:37Z", published: "2022-05-03T03:09:37Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, { type: "WEB", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=104567627211904&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=104568426824439&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=104577183206905&w=2", }, { type: "WEB", url: "http://www.ciac.org/ciac/bulletins/n-051.shtml", }, { type: "WEB", url: "http://www.debian.org/security/2003/dsa-253", }, { type: "WEB", url: "http://www.iss.net/security_center/static/11369.php", }, { type: "WEB", url: "http://www.linuxsecurity.com/advisories/engarde_advisory-2874.html", }, { type: "WEB", url: "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:020", }, { type: "WEB", url: "http://www.openssl.org/news/secadv_20030219.txt", }, { type: "WEB", url: "http://www.osvdb.org/3945", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2003-062.html", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2003-063.html", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2003-082.html", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2003-104.html", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2003-205.html", }, { type: "WEB", url: "http://www.securityfocus.com/bid/6884", }, { type: "WEB", url: "http://www.trustix.org/errata/2003/0005", }, ], schema_version: "1.4.0", severity: [], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.