Executive Summary
Summary | |
---|---|
Title | openssl security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:476 | First vendor Publication | 2005-06-01 |
Vendor | RedHat | Last vendor Modification | 2005-06-01 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:M/Au:N/C:C/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.7 | Attack Range | Local |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 3.4 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated OpenSSL packages that fix security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. Colin Percival reported a cache timing attack that could allow a malicious local user to gain portions of cryptographic keys. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CAN-2005-0109 to the issue. The OpenSSL library has been patched to add a new fixed-window mod_exp implementation as default for RSA, DSA, and DH private-key operations. This patch is designed to mitigate cache timing and potentially related attacks. A flaw was found in the way the der_chop script creates temporary files. It is possible that a malicious local user could cause der_chop to overwrite files (CAN-2004-0975). The der_chop script was deprecated and has been removed from these updated packages. Red Hat Enterprise Linux 4 did not ship der_chop and is therefore not vulnerable to this issue. Users are advised to update to these erratum packages which contain patches to correct these issues. Please note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 136302 - CAN-2004-0975 temporary file vulnerabilities in der_chop script 140061 - CAN-2004-0975 temporary file vulnerabilities in der_chop script 157631 - CAN-2005-0109 timing attack on OpenSSL with HT |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-476.html |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10621 | |||
Oval ID: | oval:org.mitre.oval:def:10621 | ||
Title: | The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. | ||
Description: | The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0975 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:164 | |||
Oval ID: | oval:org.mitre.oval:def:164 | ||
Title: | Trustix Secure Linux der_chop Script Symlink Attack Vulnerability | ||
Description: | The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0975 | Version: | 1 |
Platform(s): | Red Hat Enterprise Linux 3 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9747 | |||
Oval ID: | oval:org.mitre.oval:def:9747 | ||
Title: | Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. | ||
Description: | Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0109 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200411-15 (OpenSSL) File : nvt/glsa_200411_15.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-05:09.htt.asc) File : nvt/freebsdsa_htt.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 603-1 (openssl) File : nvt/deb_603_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
16440 | Multiple Unix Vendor Hyper-Threading (HTT) Arbitrary Thread Process Informati... |
11125 | OpenSSL der_chop Script Symlink Arbitrary File Modification The OpenSSL der_chop script contains a flaw that may allow a malicious user to overwrite files with the permissions of the user running the script. The issue is due to the creation of world-writeable symlinks with predictable names; attackers may change where these links point, and thus specify the data that will be written, resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-01-04 | Name : Arbitrary files could be overwritten on the remote server. File : openssl_0_9_7f.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-476.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-800.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-131-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-24-1.nasl - Type : ACT_GATHER_INFO |
2005-10-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-800.nasl - Type : ACT_GATHER_INFO |
2005-07-01 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-110.nasl - Type : ACT_GATHER_INFO |
2005-07-01 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-111.nasl - Type : ACT_GATHER_INFO |
2005-06-08 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-096.nasl - Type : ACT_GATHER_INFO |
2005-06-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-476.nasl - Type : ACT_GATHER_INFO |
2004-12-07 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-147.nasl - Type : ACT_GATHER_INFO |
2004-12-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-603.nasl - Type : ACT_GATHER_INFO |
2004-11-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200411-15.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2018-10-16 17:22:08 |
|
2014-02-17 11:49:24 |
|