Executive Summary
Summary | |
---|---|
Title | OpenSSL 3.0.0 to 3.0.6 decodes some punycode email addresses in X.509 certificates improperly |
Informations | |||
---|---|---|---|
Name | VU#794340 | First vendor Publication | 2022-11-01 |
Vendor | VU-CERT | Last vendor Modification | 2023-07-13 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |||
---|---|---|---|
Overall CVSS Score | 7.5 | ||
Base Score | 7.5 | Environmental Score | 7.5 |
impact SubScore | 3.6 | Temporal Score | 7.5 |
Exploitabality Sub Score | 3.9 | ||
Attack Vector | Network | Attack Complexity | Low |
Privileges Required | None | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | None |
Integrity Impact | None | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | N/A | Attack Range | N/A |
Cvss Impact Score | N/A | Attack Complexity | N/A |
Cvss Expoit Score | N/A | Authentication | N/A |
Calculate full CVSS 2.0 Vectors scores |
Detail
OverviewTwo buffer overflow vulnerabilities were discovered in OpenSSL versions 3.0.0 through 3.0.6. These vulnerabilities were introduced in version 3.0.0 with the inclusion of support for punycode email address parsing for X.509 certificates. OpenSSL's assessment of the severity of the vulnerabilities has reduced from CRITICAL to HIGH, and OpenSSL 3.0.7 addresses the issues. DescriptionTwo buffer overflows have been reported in the OpenSSL 3.0.x branch prior to version 3.0.7 that, when exploited, may lead to denial of services or, in some cases, remote code execution in the vulnerable target environment. OpenSSL client and server implementations that use the vulnerable libraries are affected. The server implementation also requires that TLS client authentication is enabled in order to attack, and potentially exploit, a vulnerable target. OpenSSL provides details:
OpenSSL versions 1.1.1 and 1.0.2 are not affected. CERT/CC is unaware of any exploitation of this vulnerability at this time. ImpactSuccessful exploitation could lead to denial of service or remote execution of arbitrary code in the target environment. SolutionAny services depending on versions of OpenSSL 3.0.x prior to OpenSSL 3.0.7 should be upgraded to version 3.0.7 or later. Operators may also consider temporarily disabling TLS client authentication until applying an update. AcknowledgementsThanks to OpenSSL for coordinating and remediating the vulnerability. Polar Bear is credited as having discovered CVE--2022-3602. Viktor Dukhovni is reported as the source of CVE-2022-3786. This document was written by Kevin Stephens, Eric Hatleback, Vijay Sarvepalli, and Jeffrey S. Havrilla. |
Original Source
Url : https://kb.cert.org/vuls/id/794340 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
50 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
Alert History
Date | Informations |
---|---|
2023-07-13 21:22:08 |
|
2023-04-20 21:22:05 |
|
2023-04-19 21:22:05 |
|
2023-04-06 00:22:06 |
|
2023-04-03 21:22:05 |
|
2023-03-30 17:22:03 |
|
2023-03-06 17:22:04 |
|
2023-02-15 21:22:06 |
|
2023-01-24 17:22:10 |
|
2023-01-10 17:22:05 |
|
2022-12-14 21:22:03 |
|
2022-12-09 21:22:02 |
|
2022-12-07 21:22:00 |
|
2022-12-07 00:22:03 |
|
2022-12-01 17:22:13 |
|
2022-11-28 17:22:02 |
|
2022-11-21 17:22:05 |
|
2022-11-19 09:22:06 |
|
2022-11-17 00:22:03 |
|
2022-11-11 05:22:02 |
|
2022-11-09 05:22:03 |
|
2022-11-02 21:37:47 |
|
2022-11-02 05:22:08 |
|
2022-11-02 00:21:59 |
|