Skip to content ↓ | Skip to navigation ↓

Still aching from the Heartbleed episode, OpenSSL has issued a security advisory and released critical updates to  patch six vulnerabilities, including a fix for one serious vulnerability (CVE-2014-0224) that can be exploited by a Man-in-the-Middle (MITM) attack.

OpenSSL runs atop two of the most widely used Web servers, Apache and nginx, as well as email servers (SMTP, POP and IMAP protocols), chat services (XMPP protocol), virtual private networks (SSL VPNs) and other software that use the OpenSSL code library.

“An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server,” the advisory states.

Fortunately, the attack can only be successfully performed between a vulnerable client and a vulnerable server. The advisory states that OpenSSL clients are vulnerable in all versions of OpenSSL, but that servers are only known to be vulnerable if using OpenSSL 1.0.1 and 1.0.2-beta1.

The vulnerability was discovered by Kikuchi Masashi and was reported to OpenSSL on May 1st by way of JPCERT/CC, and the remediation was developed by Stephen Henson of the OpenSSL core team, and was partially based on a patch engineered by Masashi.

OpenSSL recommends the following:

  • OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za
  • OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m
  • OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h

Also patched was the DTLS recursion vulnerability (CVE-2014-0221) in which an attacker sending an invalid DTLS handshake to an OpenSSL DTLS client could cause a denial of service. OpenSSL recommends:

  • OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za
  • OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m
  • OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h

Next up was DTLS invalid fragment vulnerability (CVE-2014-0195) which could result in a buffer overrun by sending invalid DTLS fragments and allow remote code execution. OpenSSL recommends:

  • OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za
  • OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m
  • OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h

A fix is also recommended for a flaw in the do_ssl3_write function which can allow attackers to cause a denial of service via a NULL pointer dereference – recommendations include:

  • OpenSSL 1.0.0 users should upgrade to 1.0.0m
  • OpenSSL 1.0.1 users should upgrade to 1.0.1h

More details on the vulnerabilities identified and recommended actions are available at the OpenSSL site.

Read More Here…