OpenSSL 1.0.2a, 1.0.1m, 1.0.0r, and 0.9.8zf have been released. The latest updates include fixes for several bugs and security issues.
After OpenSSL announced earlier this week that the most serious flaw fixed with these updates has been classified as “high severity,” some suggested that it might be a vulnerability as critical as Heartbleed, but it doesn’t seem to be the case.
The only high severity issue fixed in the latest versions of OpenSSL is a denial-of-service (DoS) vulnerability (CVE-2015-0291). The flaw was reported on February 26 by David Ramos of Stanford University and it affects OpenSSL 1.0.2.
“If a client connects to an OpenSSL 1.0.2 server and renegotiates with an invalid signature algorithms extension a NULL pointer dereference will occur. This can be exploited in a DoS attack against the server,” the OpenSSL Project team wrote in an advisory.
OpenSSL 1.0.2a, 1.0.1m, 1.0.0r, and 0.9.8zf include fixes for a total of eight moderate severity vulnerabilities. One of the weaknesses is caused by a corrupted pointer in the recently introduced “multiblock” performance feature (CVE-2015-0290). In some cases, the vulnerability can be leveraged for a DoS attack, OpenSSL said.
The list of moderate severity vulnerabilities also includes two segmentation faults related to the DTLSv1_listen (CVE-2015-0207) and ASN1_TYPE_cmp (CVE-2015-0286) functions. A different segmentation fault the can be exploited in a DoS attack is related to signature verification routines (CVE-2015-0208).
A DoS condition can also be caused by sending a specially crafted SSLv2 CLIENT-MASTER-KEY message to servers that support SSLv2 and enable export cipher suites (CVE-2015-0293), or by sending an empty ClientKeyExchange message if client auth and the DHE ciphersuite are used (CVE-2015-1787).
The remaining moderate severity issues have been described as an ASN.1 structure reuse memory corruption (CVE-2015-0287) and PKCS7 NULL pointer dereferences (CVE-2015-0289). These flaws don’t affect OpenSSL clients and servers.
The low severity vulnerabilities are a NULL pointer dereference related to the X509_to_X509_REQ function, a use-after-free following a d2i_ECPrivatekey function error, and an issue that allowed an OpenSSL 1.0.2 client to complete a handshake with an unseeded pseudorandom number generator (PRNG).
OpenSSL 1.0.1, 1.0.0 and 0.9.8 are affected by a vulnerability related to processing base64 encoded data (CVE-2015-0292). An attacker can use maliciously crafted base64 data to trigger a segmentation fault or memory corruption. This issue was fixed in earlier versions of OpenSSL, but this is the first time it has been mentioned in an advisory.
Initially, the OpenSSL Project rated the recently disclosed FREAK bug as “low severity” because it thought that not many servers supported the weak RSA export-grade ciphersuite. After seeing that RSA export ciphersuite support is common, OpenSSL has decided to change the severity rating to “high.” It’s worth noting that OpenSSL fixed the FREAK flaw back in early January.
“After Heartbleed, POODLE and other recent OpenSSL bugs, organizations should have a good handle on what systems in their environments need to be patched and what needs to be done to patch them. If you are still trying to get a handle on where your network is vulnerable to OpenSSL issues and what needs to be done to remediate that issue, you should probably take a close look at your processes and see where you can streamline those efforts,” Cris Thomas, strategist at Tenable Network Security, told SecurityWeek.
“By now a new critical vulnerability in OpenSSL should not be a fire drill for CISOs and IT security teams; there have been several previous instances to practice and refine your technique, and by now it should be a simple matter of following the procedures you developed based on the previous instances,” Thomas added.
Trey Ford, global security strategist at Rapid7, noted that the fixes should be applied as soon as possible on Internet-exposed systems because attack code will be quickly built by reverse engineering the published patches.