Executive Summary
Summary | |
---|---|
Title | openssl security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:800 | First vendor Publication | 2005-10-11 |
Vendor | RedHat | Last vendor Modification | 2005-10-11 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated OpenSSL packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. This work-around is enabled in most servers that use OpenSSL to provide support for SSL and TLS. Yutaka Oiwa discovered that this work-around could allow an attacker, acting as a "man in the middle" to force an SSL connection to use SSL 2.0 rather than a stronger protocol such as SSL 3.0 or TLS 1.0. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2969 to this issue. A bug was also fixed in the way OpenSSL creates DSA signatures. A cache timing attack was fixed in RHSA-2005-476 which caused OpenSSL to do private key calculations with a fixed time window. The DSA fix for this was not complete and the calculations are not always performed within a fixed-window. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0109 to this issue. Users are advised to upgrade to these updated packages, which remove the MISE 3.0.2 work-around and contain patches to correct these issues. Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 169863 - CAN-2005-2969 Potential SSL 2.0 Rollback 170036 - CAN-2005-0109 DSA signing not quite constant time |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-800.html |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-220 | Client-Server Protocol Manipulation |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11454 | |||
Oval ID: | oval:org.mitre.oval:def:11454 | ||
Title: | The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack. | ||
Description: | The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2969 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9747 | |||
Oval ID: | oval:org.mitre.oval:def:9747 | ||
Title: | Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. | ||
Description: | Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0109 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-10 | Name : SLES9: Security update for OpenSSL File : nvt/sles9p5012506.nasl |
2009-06-03 | Name : Solaris Update for kernel 120011-14 File : nvt/gb_solaris_120011_14.nasl |
2009-06-03 | Name : Solaris Update for kernel 127128-11 File : nvt/gb_solaris_127128_11.nasl |
2009-05-05 | Name : HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186 File : nvt/gb_hp_ux_HPSBUX02186.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200510-11 (OpenSSL) File : nvt/glsa_200510_11.nasl |
2008-09-04 | Name : FreeBSD Ports: openssl, openssl-overwrite-base File : nvt/freebsd_openssl0.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-05:09.htt.asc) File : nvt/freebsdsa_htt.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-05:21.openssl.asc) File : nvt/freebsdsa_openssl2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 875-1 (openssl094) File : nvt/deb_875_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 881-1 (openssl096) File : nvt/deb_881_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 882-1 (openssl095) File : nvt/deb_882_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 888-1 (openssl) File : nvt/deb_888_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-286-01 OpenSSL File : nvt/esoft_slk_ssa_2005_286_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
19919 | OpenSSL SSL_OP_ALL SSL 2.0 Verification Weakness |
16440 | Multiple Unix Vendor Hyper-Threading (HTT) Arbitrary Thread Process Informati... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL5533.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-762.nasl - Type : ACT_GATHER_INFO |
2012-01-04 | Name : The remote server is vulnerable to man-in-the-middle attacks. File : openssl_0_9_7h_0_9_8a.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0629.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0525.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0264.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-875.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-881.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-882.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-888.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-476.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-800.nasl - Type : ACT_GATHER_INFO |
2006-05-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_60e26a403b2511da948400123ffe8333.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-131-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-204-1.nasl - Type : ACT_GATHER_INFO |
2005-11-30 | Name : The remote operating system is missing a vendor-supplied patch. File : macosx_SecUpd2005-009.nasl - Type : ACT_GATHER_INFO |
2005-10-20 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_061.nasl - Type : ACT_GATHER_INFO |
2005-10-19 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-179.nasl - Type : ACT_GATHER_INFO |
2005-10-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200510-11.nasl - Type : ACT_GATHER_INFO |
2005-10-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-800.nasl - Type : ACT_GATHER_INFO |
2005-10-19 | Name : The remote Fedora Core host is missing one or more security updates. File : fedora_2005-986.nasl - Type : ACT_GATHER_INFO |
2005-10-19 | Name : The remote Fedora Core host is missing one or more security updates. File : fedora_2005-985.nasl - Type : ACT_GATHER_INFO |
2005-10-19 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-286-01.nasl - Type : ACT_GATHER_INFO |
2005-07-01 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-110.nasl - Type : ACT_GATHER_INFO |
2005-07-01 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-111.nasl - Type : ACT_GATHER_INFO |
2005-06-08 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-096.nasl - Type : ACT_GATHER_INFO |
2005-06-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-476.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2018-10-16 17:22:08 |
|
2014-02-17 11:49:43 |
|