| VID |
22247 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Web server is using a version of OpenSSL which is older than 0.9.6m or 0.9.7d. Several vulnerabilities in the detected version could allow a remote attacker to cause a denial of service against the affected host. OpenSSL is an open-source implementation of the SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols.
Three security vulnerabilities have been reported to affect OpenSSL as the followings:
1. The first vulnerability is a NULL pointer assignment that can be triggered by attackers during SSL/TLS handshake exchanges. The CVE candidate name for this vulnerability is CAN-2004-0079. Versions 0.9.6c to 0.9.6k (inclusive) and from 0.9.7a to 0.9.7c (inclusive) are vulnerable.
2. The second vulnerability is also exploited during the SSL/TLS handshake, though only when Kerberos ciphersuites are in use. The CVE candidate name for this vulnerability is CAN-2004-0112. Versions 0.9.7a, 0.9.7b, and 0.9.7c are affected.
3. A third denial of service vulnerability was discovered affecting 0.9.6 and fixed in 0.9.6d. The CVE candidate name for this vulnerability is CAN-2004-0081.
* Note: This check solely relied on the banner of the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.kb.cert.org/vuls/id/288574
http://www.kb.cert.org/vuls/id/484726
http://www.kb.cert.org/vuls/id/465542
http://www.ciac.org/ciac/bulletins/o-101.shtml
* Platforms Affected:
OpenSSL Project OpenSSL 0.9.6m prior
OpenSSL Project OpenSSL 0.9.7d prior
Linux Any version
Unix Any version
Microsoft Windows Any version
Cisco Systems, Inc. Cisco Products |
| Recommendation |
Upgrade to the latest version of OpenSSL (0.9.6m or 0.9.7d), as listed in OpenSSL Security Advisory [17 March 2004] at http://www.openssl.org/news/secadv_20040317.txt
For Cisco:
Upgrade to the latest software version for an affected device, as listed in Cisco Security Advisory Document ID: 49898 at http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml
For Red Hat Linux 9:
Upgrade to the latest openssl package (0.9.7a-20.2 or later), as listed in Red Hat Security Advisory RHSA-2004:121-01 at http://www.linuxsecurity.com/advisories/redhat_advisory-4142.html
For Mandrake Linux:
Upgrade to the latest openssl package, as listed in MandrakeSoft Security Advisory MDKSA-2004:023:openssl at http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:023
For SuSE Linux:
Upgrade to the latest openssl package, as listed in SuSE Security Announcement SuSE-SA:2004:007 at http://www.suse.de/de/security/2004_07_openssl.html
For other distributions:
Contact your vendor for upgrade or patch information. Or see the CERT Vulnerability Note VU#288574, VU#484726, and VU#465542 at the "References" section of this document. |
| Related URL |
CVE-2004-0079,CVE-2004-0081,CVE-2004-0112 (CVE) |
| Related URL |
9899 (SecurityFocus) |
| Related URL |
15505,15508,15509 (ISS) |
|
