Executive Summary

Summary
Title Sun Alert 258048 A Security Vulnerability in the ASN.1 Handling in Solaris OpenSSL May Lead to a Denial of Service (DoS) Condition
Informations
Name SUN-258048 First vendor Publication 2009-04-29
Vendor Sun Last vendor Modification 2009-06-08
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Solaris 10 Operating System OpenSolaris

A security vulnerability in the ASN.1 handling in the OpenSSL product (see openssl(5)) shipped with Solaris may allow a local or remote unprivileged user to cause a Denial of Service (DoS) to applications calling the "ASN1_STRING_print_ex()" printing function.

Additional information regarding this issue can be found in the following document:


State: Resolved
First released: 29-Apr-2009

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_258048_a_security

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10198
 
Oval ID: oval:org.mitre.oval:def:10198
Title: The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Description: The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0590
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13751
 
Oval ID: oval:org.mitre.oval:def:13751
Title: DSA-1763-1 openssl -- programming error
Description: It was discovered that insufficient length validations in the ASN.1 handling of the OpenSSL crypto library may lead to denial of service when processing a manipulated certificate. For the old stable distribution, this problem has been fixed in version 0.9.8c-4etch5 of the openssl package and in version 0.9.7k-3.1etch3 of the openssl097 package. For the stable distribution, this problem has been fixed in version 0.9.8g-15+lenny1. For the unstable distribution, this problem has been fixed in version 0.9.8g-16. We recommend that you upgrade your openssl packages.
Family: unix Class: patch
Reference(s): DSA-1763-1
CVE-2009-0590
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13799
 
Oval ID: oval:org.mitre.oval:def:13799
Title: USN-750-1 -- openssl vulnerability
Description: It was discovered that OpenSSL did not properly validate the length of an encoded BMPString or UniversalString when printing ASN.1 strings. If a user or automated system were tricked into processing a crafted certificate, an attacker could cause a denial of service via application crash in applications linked against OpenSSL.
Family: unix Class: patch
Reference(s): USN-750-1
CVE-2009-0590
Version: 5
Platform(s): Ubuntu 7.10
Ubuntu 8.04
Ubuntu 6.06
Ubuntu 8.10
Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22194
 
Oval ID: oval:org.mitre.oval:def:22194
Title: HP-UX Running OpenSSL, Remote Denial of Service (DoS), Bypass Security Restrictions
Description: The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0590
Version: 8
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25196
 
Oval ID: oval:org.mitre.oval:def:25196
Title: Vulnerability in OpenSSL before 0.9.8k, allows remote attackers to cause a denial of service (invalid memory access and application crash)
Description: The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Family: windows Class: vulnerability
Reference(s): CVE-2009-0590
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): OpenSSL
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6996
 
Oval ID: oval:org.mitre.oval:def:6996
Title: OpenSSL Multiple Vulnerabilities
Description: The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0590
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8038
 
Oval ID: oval:org.mitre.oval:def:8038
Title: DSA-1763 openssl -- programming error
Description: It was discovered that insufficient length validations in the ASN.1 handling of the OpenSSL crypto library may lead to denial of service when processing a manipulated certificate.
Family: unix Class: patch
Reference(s): DSA-1763
CVE-2009-0590
Version: 3
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): openssl
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 210
Os 2

OpenVAS Exploits

Date Description
2012-04-16 Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates
File : nvt/gb_VMSA-2010-0009.nasl
2011-08-09 Name : CentOS Update for openssl CESA-2009:1335 centos5 i386
File : nvt/gb_CESA-2009_1335_openssl_centos5_i386.nasl
2010-03-31 Name : CentOS Update for openssl CESA-2010:0163 centos3 i386
File : nvt/gb_CESA-2010_0163_openssl_centos3_i386.nasl
2010-03-31 Name : CentOS Update for openssl CESA-2010:0163 centos4 i386
File : nvt/gb_CESA-2010_0163_openssl_centos4_i386.nasl
2010-03-31 Name : RedHat Update for openssl RHSA-2010:0163-01
File : nvt/gb_RHSA-2010_0163-01_openssl.nasl
2009-10-13 Name : SLES10: Security update for compat-openssl097g
File : nvt/sles10_compat-openssl0.nasl
2009-10-13 Name : SLES10: Security update for OpenSSL
File : nvt/sles10_openssl1.nasl
2009-10-13 Name : Solaris Update for sshd 141742-04
File : nvt/gb_solaris_141742_04.nasl
2009-10-13 Name : Solaris Update for sshd 140119-11
File : nvt/gb_solaris_140119_11.nasl
2009-10-11 Name : SLES11: Security update for OpenSSL
File : nvt/sles11_libopenssl0_9_8.nasl
2009-10-10 Name : SLES9: Security update for OpenSSL
File : nvt/sles9p5048397.nasl
2009-09-23 Name : Solaris Update for sshd 141742-02
File : nvt/gb_solaris_141742_02.nasl
2009-09-23 Name : Solaris Update for sshd 140119-07
File : nvt/gb_solaris_140119_07.nasl
2009-09-23 Name : Solaris Update for sshd 140119-09
File : nvt/gb_solaris_140119_09.nasl
2009-09-21 Name : CentOS Security Advisory CESA-2009:1335 (openssl)
File : nvt/ovcesa2009_1335.nasl
2009-09-09 Name : RedHat Security Advisory RHSA-2009:1335
File : nvt/RHSA_2009_1335.nasl
2009-07-17 Name : HP-UX Update for OpenSSL HPSBUX02435
File : nvt/gb_hp_ux_HPSBUX02435.nasl
2009-05-20 Name : SuSE Security Summary SUSE-SR:2009:010
File : nvt/suse_sr_2009_010.nasl
2009-05-11 Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD.nasl
2009-04-28 Name : FreeBSD Security Advisory (FreeBSD-SA-09:08.openssl.asc)
File : nvt/freebsdsa_openssl7.nasl
2009-04-15 Name : Debian Security Advisory DSA 1763-1 (openssl)
File : nvt/deb_1763_1.nasl
2009-04-15 Name : Gentoo Security Advisory GLSA 200904-08 (openssl)
File : nvt/glsa_200904_08.nasl
2009-04-06 Name : Mandrake Security Advisory MDVSA-2009:087 (openssl)
File : nvt/mdksa_2009_087.nasl
2009-04-06 Name : Ubuntu USN-749-1 (libsndfile)
File : nvt/ubuntu_749_1.nasl
2009-04-06 Name : Ubuntu USN-750-1 (openssl)
File : nvt/ubuntu_750_1.nasl
2009-04-02 Name : OpenSSL Multiple Vulnerabilities (Win)
File : nvt/gb_openssl_mult_vuln_win.nasl
2009-04-02 Name : OpenSSL Multiple Vulnerabilities (Linux)
File : nvt/gb_openssl_mult_vuln_lin.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-098-01 openssl
File : nvt/esoft_slk_ssa_2009_098_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
62881 SSH Tectia Audit Player ASN1_STRING_print_ex() Function BMPString / Universal...

52864 OpenSSL ASN1_STRING_print_ex() Function BMPString / UniversalString Handling DoS

Nessus® Vulnerability Scanner

Date Description
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0019_remote.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0163.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1335.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090902_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100325_openssl_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-01-04 Name : The remote server is affected by multiple vulnerabilities.
File : openssl_0_9_8k.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_compat-openssl097g-7645.nasl - Type : ACT_GATHER_INFO
2011-07-28 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_compat-openssl097g-7644.nasl - Type : ACT_GATHER_INFO
2011-07-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO
2010-12-08 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0019.nasl - Type : ACT_GATHER_INFO
2010-06-01 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO
2010-05-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0163.nasl - Type : ACT_GATHER_INFO
2010-03-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0163.nasl - Type : ACT_GATHER_INFO
2010-03-05 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1335.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libopenssl-devel-090415.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_compat-openssl097g-6170.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_openssl-6179.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_compat-openssl097g-090416.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12397.nasl - Type : ACT_GATHER_INFO
2009-09-11 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2009-005.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_libopenssl-devel-090415.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_compat-openssl097g-090416.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libopenssl-devel-090415.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_compat-openssl097g-090416.nasl - Type : ACT_GATHER_INFO
2009-05-08 Name : The remote host is missing a security update
File : freebsd_pkg_fbc8413f2f7a11de9a3f001b77d09812.nasl - Type : ACT_GATHER_INFO
2009-04-30 Name : The remote openSUSE host is missing a security update.
File : suse_compat-openssl097g-6175.nasl - Type : ACT_GATHER_INFO
2009-04-30 Name : The remote openSUSE host is missing a security update.
File : suse_libopenssl-devel-6173.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-750-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-087.nasl - Type : ACT_GATHER_INFO
2009-04-08 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-098-01.nasl - Type : ACT_GATHER_INFO
2009-04-07 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200904-08.nasl - Type : ACT_GATHER_INFO
2009-04-07 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1763.nasl - Type : ACT_GATHER_INFO