CVE-2003-0147
CVSS5.0
发布时间 :2003-03-31 00:00:00
修订时间 :2016-10-17 22:30:07
NMCOS    

[原文]OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).


[CNNVD]OpenSSL Timing攻击RSA私钥信息泄露漏洞(CNNVD-200303-116)

        
        OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。
        OpenSSL实现存在典型的定时(Timing)攻击,远程攻击者可以利用这个漏洞获得RSA私钥信息。
        定时攻击一般用于攻击一些弱计算机设备,如智能卡。OpenSSL在客户端和服务器端会话密钥协商时部分定时操作存在漏洞,可导致恶意客户端获得目标服务器的RSA私钥信息。
        详细分析可参看:
        http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:openssl:openssl:0.9.7OpenSSL Project OpenSSL 0.9.7
cpe:/a:stunnel:stunnel:3.9
cpe:/a:stunnel:stunnel:3.10
cpe:/a:stunnel:stunnel:3.8
cpe:/a:stunnel:stunnel:3.11
cpe:/a:stunnel:stunnel:3.7
cpe:/a:stunnel:stunnel:4.01
cpe:/a:openssl:openssl:0.9.6OpenSSL Project OpenSSL 0.9.6
cpe:/a:stunnel:stunnel:4.0
cpe:/a:stunnel:stunnel:4.04
cpe:/a:stunnel:stunnel:4.03
cpe:/a:stunnel:stunnel:4.02
cpe:/a:stunnel:stunnel:3.12
cpe:/a:stunnel:stunnel:3.13
cpe:/a:openssl:openssl:0.9.6aOpenSSL Project OpenSSL 0.9.6a
cpe:/a:stunnel:stunnel:3.14
cpe:/a:openssl:openssl:0.9.6bOpenSSL Project OpenSSL 0.9.6b
cpe:/a:stunnel:stunnel:3.15
cpe:/a:openpkg:openpkg:1.2OpenPKG 1.2
cpe:/a:openpkg:openpkg:1.1OpenPKG 1.1
cpe:/a:openpkg:openpkgOpenPKG
cpe:/a:stunnel:stunnel:3.20
cpe:/a:stunnel:stunnel:3.21
cpe:/a:stunnel:stunnel:3.22
cpe:/a:openssl:openssl:0.9.6cOpenSSL Project OpenSSL 0.9.6c
cpe:/a:stunnel:stunnel:3.16
cpe:/a:openssl:openssl:0.9.6dOpenSSL Project OpenSSL 0.9.6d
cpe:/a:stunnel:stunnel:3.17
cpe:/a:openssl:openssl:0.9.6eOpenSSL Project OpenSSL 0.9.6e
cpe:/a:stunnel:stunnel:3.18
cpe:/a:stunnel:stunnel:3.19
cpe:/a:openssl:openssl:0.9.7aOpenSSL Project OpenSSL 0.9.7a
cpe:/a:openssl:openssl:0.9.6gOpenSSL Project OpenSSL 0.9.6g
cpe:/a:openssl:openssl:0.9.6hOpenSSL Project OpenSSL 0.9.6h
cpe:/a:openssl:openssl:0.9.6iOpenSSL Project OpenSSL 0.9.6i

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:466OpenSSL No RSA Blinding Vulnerability
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0147
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0147
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200303-116
(官方数据源) CNNVD

- 其它链接及资源

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt
(UNKNOWN)  CALDERA  CSSA-2003-014.0
ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I
(UNKNOWN)  SGI  20030501-01-I
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html
(VENDOR_ADVISORY)  VULNWATCH  20030313 OpenSSL Private Key Disclosure
http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf
(UNKNOWN)  MISC  http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625
(UNKNOWN)  CONECTIVA  CLA-2003:625
http://marc.info/?l=bugtraq&m=104766550528628&w=2
(UNKNOWN)  BUGTRAQ  20030313 Vulnerability in OpenSSL
http://marc.info/?l=bugtraq&m=104792570615648&w=2
(UNKNOWN)  BUGTRAQ  20030317 [ADVISORY] Timing Attack on OpenSSL
http://marc.info/?l=bugtraq&m=104819602408063&w=2
(UNKNOWN)  BUGTRAQ  20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl)
http://marc.info/?l=bugtraq&m=104829040921835&w=2
(UNKNOWN)  GENTOO  GLSA-200303-15
http://marc.info/?l=bugtraq&m=104861762028637&w=2
(UNKNOWN)  GENTOO  GLSA-200303-24
http://www.debian.org/security/2003/dsa-288
(UNKNOWN)  DEBIAN  DSA-288
http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml
(UNKNOWN)  GENTOO  GLSA-200303-23
http://www.kb.cert.org/vuls/id/997481
(VENDOR_ADVISORY)  CERT-VN  VU#997481
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035
(UNKNOWN)  MANDRAKE  MDKSA-2003:035
http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html
(UNKNOWN)  OPENPKG  OpenPKG-SA-2003.019
http://www.openssl.org/news/secadv_20030317.txt
(UNKNOWN)  CONFIRM  http://www.openssl.org/news/secadv_20030317.txt
http://www.redhat.com/support/errata/RHSA-2003-101.html
(UNKNOWN)  REDHAT  RHSA-2003:101
http://www.redhat.com/support/errata/RHSA-2003-102.html
(UNKNOWN)  REDHAT  RHSA-2003:102
http://www.securityfocus.com/archive/1/archive/1/316165/30/25370/threaded
(UNKNOWN)  BUGTRAQ  20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL
http://www.securityfocus.com/archive/1/archive/1/316577/30/25310/threaded
(UNKNOWN)  BUGTRAQ  20030327 Immunix Secured OS 7+ openssl update

- 漏洞信息

OpenSSL Timing攻击RSA私钥信息泄露漏洞
中危 配置错误
2003-03-31 00:00:00 2005-10-20 00:00:00
远程  
        
        OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。
        OpenSSL实现存在典型的定时(Timing)攻击,远程攻击者可以利用这个漏洞获得RSA私钥信息。
        定时攻击一般用于攻击一些弱计算机设备,如智能卡。OpenSSL在客户端和服务器端会话密钥协商时部分定时操作存在漏洞,可导致恶意客户端获得目标服务器的RSA私钥信息。
        详细分析可参看:
        http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 第三方补丁如下:
        Index: crypto/rsa/rsa_eay.c
        ===================================================================
        RCS file: /e/openssl/cvs/openssl/crypto/rsa/rsa_eay.c,v
        retrieving revision 1.28.2.3
        diff -u -r1.28.2.3 rsa_eay.c
        --- crypto/rsa/rsa_eay.c 30 Jan 2003 17:37:46 -0000 1.28.2.3
        +++ crypto/rsa/rsa_eay.c 16 Mar 2003 10:34:13 -0000
        @@ -195,6 +195,25 @@
        return(r);
        }
        +static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx)
        + {
        + int ret = 1;
        + CRYPTO_w_lock(CRYPTO_LOCK_RSA);
        + /* Check again inside the lock - the macro's check is racey */
        + if(rsa->blinding == NULL)
        + ret = RSA_blinding_on(rsa, ctx);
        + CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
        + return ret;
        + }
        +
        +#define BLINDING_HELPER(rsa, ctx, err_instr) + do { + if(((rsa)->flags & RSA_FLAG_BLINDING) && + ((rsa)->blinding == NULL) && + !rsa_eay_blinding(rsa, ctx)) + err_instr + } while(0)
        +
        /* signing */
        static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
        unsigned char *to, RSA *rsa, int padding)
        @@ -239,8 +258,8 @@
        goto err;
        }
        - if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
        - RSA_blinding_on(rsa,ctx);
        + BLINDING_HELPER(rsa, ctx, goto err;);
        +
        if (rsa->flags & RSA_FLAG_BLINDING)
        if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
        @@ -318,8 +337,8 @@
        goto err;
        }
        - if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
        - RSA_blinding_on(rsa,ctx);
        + BLINDING_HELPER(rsa, ctx, goto err;);
        +
        if (rsa->flags & RSA_FLAG_BLINDING)
        if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
        Index: crypto/rsa/rsa_lib.c
        ===================================================================
        RCS file: /e/openssl/cvs/openssl/crypto/rsa/rsa_lib.c,v
        retrieving revision 1.30.2.2
        diff -u -r1.30.2.2 rsa_lib.c
        --- crypto/rsa/rsa_lib.c 30 Jan 2003 17:37:46 -0000 1.30.2.2
        +++ crypto/rsa/rsa_lib.c 16 Mar 2003 10:34:13 -0000
        @@ -72,7 +72,13 @@
        RSA *RSA_new(void)
        {
        - return(RSA_new_method(NULL));
        + RSA *r=RSA_new_method(NULL);
        +
        +#ifndef OPENSSL_NO_FORCE_RSA_BLINDING
        + r->flags|=RSA_FLAG_BLINDING;
        +#endif
        +
        + return r;
        }
        void RSA_set_default_method(const RSA_METHOD *meth)
        厂商补丁:
        Caldera
        -------
        Caldera已经为此发布了一个安全公告(CSSA-2003-014.0)以及相应补丁:
        CSSA-2003-014.0:Linux: several recently discovered openssl vulnerabilities
        链接:ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt
        补丁下载:
        SCO Patch openssl-devel-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-014.0/RPMS/openssl-devel-0.9.6-21.i386.rpm
        SCO Patch openssl-devel-static-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-014.0/RPMS/openssl-devel-static-0.9.6-21.i386.rpm
        SCO Patch openssl-devel-static-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-014.0/RPMS/openssl-devel-static-0.9.6-21.i386.rpm
        SCO Patch openssl-devel-static-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-014.0/RPMS/openssl-devel-static-0.9.6-21.i386.rpm
        SCO Patch openssl-devel-static-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-014.0/RPMS/openssl-devel-static-0.9.6-21.i386.rpm
        SCO Patch openssl-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-014.0/RPMS/openssl-0.9.6-21.i386.rpm
        SCO Patch openssl-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-014.0/RPMS/openssl-0.9.6-21.i386.rpm
        SCO Patch openssl-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-014.0/RPMS/openssl-0.9.6-21.i386.rpm
        SCO Patch openssl-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-014.0/RPMS/openssl-0.9.6-21.i386.rpm
        SCO Patch openssl-devel-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-014.0/RPMS/openssl-devel-0.9.6-21.i386.rpm
        SCO Patch openssl-devel-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-014.0/RPMS/openssl-devel-0.9.6-21.i386.rpm
        SCO Patch openssl-devel-0.9.6-21.i386.rpm
        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-014.0/RPMS/openssl-devel-0.9.6-21.i386.rpm
        MandrakeSoft
        ------------
        MandrakeSoft已经为此发布了一个安全公告(MDKSA-2003:035)以及相应补丁:
        MDKSA-2003:035:Updated openssl packages fix RSA-related insecurities
        链接:
        http://www.linux-mandrake.com/en/security/2003/2003-035.php

        补丁下载:
        Updated Packages:
        Corporate Server 2.1:
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/openssl-0.9.6i-1.4mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/libopenssl0-0.9.6i-1.4mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.4mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.4mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/SRPMS/openssl-0.9.6i-1.4mdk.src.rpm
        Linux-Mandrake 7.2:
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/openssl-0.9.5a-9.5mdk.i586.rpm
        

- 漏洞信息

3947
OpenSSL Non-RSA Blinding Private Key Disclosure
Remote / Network Access Information Disclosure
Loss of Confidentiality

- 漏洞描述

OpenSSL contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered because RSA blinding is not enabled by default, which will disclose private key information resulting in a loss of confidentiality.

- 时间线

2003-03-17 2003-03-17
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, OpenSSL has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

OpenSSL Timing Attack RSA Private Key Information Disclosure Vulnerability
Configuration Error 7101
Yes No
2003-03-14 12:00:00 2009-07-11 09:06:00
Discovery credited to David Brumley and Dan Boneh.

- 受影响的程序版本

VanDyke SecureCRT 4.0.4
VanDyke SecureCRT 4.0.3
VanDyke SecureCRT 4.0.2
VanDyke SecureCRT 4.0.1
VanDyke SecureCRT 3.4.8
VanDyke SecureCRT 3.4.7
VanDyke SecureCRT 3.4.6
VanDyke SecureCRT 3.4.5
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
VanDyke SecureCRT 3.4.4
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
VanDyke SecureCRT 3.4.3
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
VanDyke SecureCRT 3.4.2
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
VanDyke SecureCRT 3.4.1
VanDyke SecureCRT 3.4
VanDyke SecureCRT 3.3.4
VanDyke SecureCRT 3.3.3
VanDyke SecureCRT 3.3.2
VanDyke SecureCRT 3.3.1
VanDyke SecureCRT 3.3
VanDyke SecureCRT 3.2.2
VanDyke SecureCRT 3.2.1
VanDyke SecureCRT 3.2
VanDyke SecureCRT 3.1.2
VanDyke SecureCRT 3.1.1
VanDyke SecureCRT 3.1
VanDyke SecureCRT 3.0
VanDyke SecureCRT 2.4
Sun Cobalt RaQ XTR
Sun Cobalt RaQ 550
Sun Cobalt RaQ 4
Sun Cobalt Qube 3
Stunnel Stunnel 4.0 4
Stunnel Stunnel 4.0 3
Stunnel Stunnel 4.0 2
Stunnel Stunnel 4.0 1
Stunnel Stunnel 4.0 0
Stunnel Stunnel 3.22
Stunnel Stunnel 3.21
Stunnel Stunnel 3.19
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
Stunnel Stunnel 3.18
Stunnel Stunnel 3.17
Stunnel Stunnel 3.16
Stunnel Stunnel 3.15
Stunnel Stunnel 3.14
- Conectiva Linux 7.0
Stunnel Stunnel 3.13
Stunnel Stunnel 3.12
- Microsoft Windows 2000 Professional
- Microsoft Windows 98
- Sun Solaris 8_sparc
- Sun Solaris 7.0
Stunnel Stunnel 3.11
Stunnel Stunnel 3.9
Stunnel Stunnel 3.8
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux 4.2
+ Conectiva Linux 4.1
+ Conectiva Linux 4.0 es
+ Conectiva Linux 4.0
- Debian Linux 2.3
- Debian Linux 2.2
- Debian Linux 2.1
- Debian Linux 2.0
+ EnGarde Secure Linux 1.0.1
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1
- FreeBSD FreeBSD 4.0
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- OpenBSD OpenBSD 2.6
- OpenBSD OpenBSD 2.5
- OpenBSD OpenBSD 2.4
- OpenBSD OpenBSD 2.3
- OpenBSD OpenBSD 2.1
- OpenBSD OpenBSD 2.0
- RedHat Linux 7.0
- RedHat Linux 6.0 x
- RedHat Linux 5.0
Stunnel Stunnel 3.7
Stunnel Stunnel 3.20
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
Stunnel Stunnel 3.10
SSH Communications Security IPSEC Express Toolkit
SSH Communications Security Certificate/TLS Toolkit
SGI IRIX 6.5.19
RedHat mgetty-sendfax-1.1.14-8.i386.rpm 2.2
Oracle Oracle9i Standard Edition 9.2
Oracle Oracle9i Standard Edition 9.0.1
Oracle Oracle9i Standard Edition 8.1.7
Oracle Oracle9i Personal Edition 9.2
Oracle Oracle9i Personal Edition 9.0.1
Oracle Oracle9i Personal Edition 8.1.7
Oracle Oracle9i Enterprise Edition 9.2 .0
Oracle Oracle9i Enterprise Edition 9.0.1
Oracle Oracle9i Enterprise Edition 8.1.7
Oracle Oracle9i Application Server 9.0.3
Oracle Oracle9i Application Server 9.0.2
Oracle Oracle9i Application Server 1.0.2 .2
Oracle Oracle9i Application Server 1.0.2 .1s
Oracle Oracle HTTP Server 9.2 .0
+ Apache Software Foundation Apache 1.3.22
Oracle Oracle HTTP Server 9.0.1
Oracle Oracle HTTP Server 8.1.7
+ Apache Software Foundation Apache 1.3.12
+ Oracle Oracle8 8.1.7
+ Oracle Oracle8i Enterprise Edition 8.1.7 .0.0
+ Oracle Oracle8i Standard Edition 8.1.7
OpenSSL Project OpenSSL 0.9.7 a
+ Conectiva Linux 9.0
+ OpenPKG OpenPKG Current
OpenSSL Project OpenSSL 0.9.7
OpenSSL Project OpenSSL 0.9.6 i
+ HP Apache-Based Web Server 1.3.27 .01
+ HP Apache-Based Web Server 1.3.27 .00
+ HP HP-UX Apache-Based Web Server 1.0.1 .01
+ HP HP-UX Apache-Based Web Server 1.0 .07.01
+ HP HP-UX Apache-Based Web Server 1.0 .06.02
+ HP HP-UX Apache-Based Web Server 1.0 .06.01
+ HP HP-UX Apache-Based Web Server 1.0 .05.01
+ HP HP-UX Apache-Based Web Server 1.0 .04.01
+ HP HP-UX Apache-Based Web Server 1.0 .03.01
+ HP HP-UX Apache-Based Web Server 1.0 .02.01
+ HP HP-UX Apache-Based Web Server 1.0 .01
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Mandriva Linux Mandrake 9.0
+ S.u.S.E. Linux Personal 8.2
OpenSSL Project OpenSSL 0.9.6 h
OpenSSL Project OpenSSL 0.9.6 g
OpenSSL Project OpenSSL 0.9.6 e
+ FreeBSD FreeBSD 4.6 -RELEASE
+ FreeBSD FreeBSD 4.6
OpenSSL Project OpenSSL 0.9.6 d
+ Slackware Linux 8.1
OpenSSL Project OpenSSL 0.9.6 c
+ Conectiva Linux 8.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Mandriva Linux Mandrake 8.2
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
OpenSSL Project OpenSSL 0.9.6 b
OpenSSL Project OpenSSL 0.9.6 a
+ Conectiva Linux 7.0
+ NetBSD NetBSD 1.5.3
+ NetBSD NetBSD 1.5.2
+ NetBSD NetBSD 1.5.1
+ NetBSD NetBSD 1.5
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
OpenSSL Project OpenSSL 0.9.6
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Conectiva Linux 6.0
+ EnGarde Secure Linux 1.0.1
+ HP Secure OS software for Linux 1.0
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ NetBSD NetBSD 1.6 beta
+ NetBSD NetBSD 1.6
+ NetBSD NetBSD 1.5.3
+ NetBSD NetBSD 1.5.2
+ NetBSD NetBSD 1.5.1
+ NetBSD NetBSD 1.5
+ OpenBSD OpenBSD 2.9
+ OpenPKG OpenPKG 1.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.0 sparc
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
OpenPKG OpenPKG 1.2
OpenPKG OpenPKG 1.1
OpenPKG OpenPKG Current
mod_ssl mod_ssl 2.8.14
+ Slackware Linux 9.0
Intoto iGateway 3.2
HP HP-UX 11.22
HP HP-UX 11.11
HP HP-UX 11.0
GNU Transport Layer Security Library 0.8.5
GNU Transport Layer Security Library 0.8.4
GNU Transport Layer Security Library 0.8.3
GNU Transport Layer Security Library 0.8.2
GNU Transport Layer Security Library 0.8.1
GNU Transport Layer Security Library 0.8 .0
GNU libgcrypt 1.1.12
GNU libgcrypt 1.1.11
GNU libgcrypt 1.1.10
GNU libgcrypt 1.1.9
GNU libgcrypt 1.1.8
Foundry Networks Ironview
F5 BigIP 4.5
F5 BigIP 4.4
F5 BigIP 4.3
F5 BigIP 4.2
F5 BIG-IP Blade Controller 4.2.3 PTF-01
F5 3-DNS 4.5
Crypto++ Crypto++ Library 5.0
Crypto++ Crypto++ Library 4.2
Covalent Fast Start Server 3.3
Covalent Fast Start Server 3.2
Covalent Fast Start Server 3.1
Covalent Enterprise Ready Server 2.3
Covalent Enterprise Ready Server 2.2
Covalent Enterprise Ready Server 2.1
Computer Associates eTrust Security Command Center 1.0
Compaq Tru64 5.1 b
Compaq Tru64 5.1 a
Compaq Tru64 5.1
Compaq Tru64 5.0 a
Compaq Tru64 4.0 g
Compaq Tru64 4.0 f
Compaq OpenVMS 7.3 VAX
Compaq OpenVMS 7.3 Alpha
Compaq OpenVMS 7.2.1 Alpha
Compaq OpenVMS 7.2 -2 Alpha
Compaq OpenVMS 7.2 -1H2 Alpha
Compaq OpenVMS 7.2 -1H1 Alpha
Compaq OpenVMS 7.2 VAX
Compaq OpenVMS 7.2 Alpha
Compaq OpenVMS 7.1 -2 Alpha
Compaq OpenVMS 7.1 VAX
Compaq OpenVMS 7.1 Alpha
Compaq OpenVMS 6.2 VAX
Compaq OpenVMS 6.2 Alpha
Compaq OpenVMS 6.2
VanDyke SecureCRT 4.0.5
OpenSSL Project OpenSSL 0.9.7 b
+ OpenPKG OpenPKG 1.3
OpenSSL Project OpenSSL 0.9.6 j
OpenSSH OpenSSH 3.6.1
+ Novell Netware 6.5
HP HP-UX Apache-Based Web Server 1.0 .07.01
Crypto++ Crypto++ Library 5.1

- 不受影响的程序版本

VanDyke SecureCRT 4.0.5
OpenSSL Project OpenSSL 0.9.7 b
+ OpenPKG OpenPKG 1.3
OpenSSL Project OpenSSL 0.9.6 j
OpenSSH OpenSSH 3.6.1
+ Novell Netware 6.5
HP HP-UX Apache-Based Web Server 1.0 .07.01
Crypto++ Crypto++ Library 5.1

- 漏洞讨论

A side-channel attack in the OpenSSL implementation has been published in a recent paper that may ultimately result in an active adversary gaining the RSA private key of a target server. The attack involves analysis of the timing of certain operations during client-server session key negotiation. Through this attack, it may be possible for a malicious client to discover the RSA private key of a server using the vulnerable software.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

It is reported that certain versions of Computer Associates eTrust Security Command Center are prone to this vulnerability. Customers are advised to contact the vendor for further information pertaining to obtaining and applying appropriate updates.

Hewlett-Packard has released revision 1 of this advisory (HPSBUX0309-280), which contains fix information to address this issue in J2SE and JSSE, as well as new information on how to patch affected Servicecontrol Manager software. Users wishing to obtain an updated version of Servicecontrol Manager are advised to search for "SCM' and the following webpage:

http://software.hp.com

Hewlett-Packard ustomers are advised to upgrade as soon as possible. Further information regarding obtaining and applying fixes can be found in the referenced advisory.

SGI have released an advisory (20030501-01-I) which contains a fix to address this issue.

Hewlett-Packard have released an advisory (HPSBUX0304-0255 rev. 2) which contains fix information to address this issue. Customers are advised to upgrade to hp-ux apache-based web server v.1.0.03.01 or later, which includes OpenSSL 0.9.6i with patches.

OpenPKG have released an advisory (OpenPKG-SA-2003.019), which contains fix details that address this issue. Additionally, OpenPKG has released advisory OpenPKG-SA-2003.020 to address the default configuration of mod_ssl in Apache.

Trustix have released an advisory (TSLSA-2003-0010: openssl), which contains fix details that address this issue.

Patches have been released for OpenBSD 3.1 and 3.2 which address this issue.

Gentoo Linux has released an advisory. Users who have installed dev-libs/openssl are advised to upgrade to openssl-0.9.6i-r1 by issuing the following commands:

emerge sync
emerge openssl
emerge clean

Gentoo Linux users who have installed net-www/mod_ssl are advised to upgrade to mod_ssl-2.8.14 by issuing the following commands:

emerge sync
emerge mod_ssl
emerge clean

Sorcerer Linux has released an advisory. Users are advised to issue the following commands to update affected systems:

augur synch && augur update

Stunnel has released patches which addresses this issue. When released, Stunnel 4.05 and 3.23 are also expected to address this vulnerability.

SCO has released a security advisory containing fixes which address this issue in OpenLinux.

Apple has released a security advisory (APPLE-SA-2003-03-24) which contains an update. Information on how to obtain the fix can be found in the attached advisory.

NetBSD has made a source tree fix available, and has addressed this issue in NetBSD advisory 2003-005. See referenced advisory for additional details.

Red Hat has released an advisory (RHSA-2003:101-01). Information about obtaining and applying fixes are available in the referenced advisory.

Debian has released a security advisory (DSA 288-1) containing fixes which address this and other issues. Further information regarding how to obtain and apply fixes can be found in the attached advisory.

Covalent have released patches which address this issue. Further information can be found in the attached update reference.

An updated version of Crypto++ has been released which addresses this issue. Users are advised to upgrade as soon as possible.

F5 has released a patch which address this issue in their vulnerable products. A patch and further information can be obtained from the following location:

http://tech.f5.com/home/bigip/solutions/security/sol2379.html

Foundry Networks has reported that Ironview is affected by this issue. A patch is currently being developed which will address this issue.

FreeBSD has released a security advisory containing patches which address this issue. Users are advised to upgrade as soon as possible.

A patch has been released for Intot iGateway 3.2 and can be obtained by contacting the vendor at: support@intotoinc.com

VanDyke has announced that SecureCRT implementing the SSH1 protocol is affected by this issue. A fix is currently being developed to address this issue in version 4.0.4 and earlier. However, SecureCRT 4.0.5 is not affected by this issue.

Immunix has released updated OpenSSL packages which address this issue. Users are advised to upgrade as soon as possible.

SSH has released a patch for IPSEC Express Toolkit. Users are advised to contact the vendor for further information.

HP has released SSL updates for OpenVMS systems. Please see the attached HP OpenVMS advisory (SSRT3499, SSRT3518) for details on obtaining and applying fixes. HP has also released an advisory for Tru64 UNIX systems that contains details about obtaining and applying patches. Please see advisory SSRT3499, SSRT3518 (Tru64) for further information.

Oracle has released an advisory and patches to address this issue. User are advised to obtain patches from the Oracle metalink site listed in references.

Fixes available:


Sun Cobalt RaQ XTR

OpenPKG OpenPKG Current

Stunnel Stunnel 3.20

Sun Cobalt RaQ 4

OpenSSL Project OpenSSL 0.9.6 d

OpenSSL Project OpenSSL 0.9.6 a

OpenSSL Project OpenSSL 0.9.6

OpenSSL Project OpenSSL 0.9.6 i

OpenSSL Project OpenSSL 0.9.6 c

OpenSSL Project OpenSSL 0.9.6 e

OpenSSL Project OpenSSL 0.9.7 a

Covalent Enterprise Ready Server 2.1

RedHat mgetty-sendfax-1.1.14-8.i386.rpm 2.2

Covalent Enterprise Ready Server 2.3

mod_ssl mod_ssl 2.8.14

Stunnel Stunnel 3.12

Stunnel Stunnel 3.14

Stunnel Stunnel 3.15

Stunnel Stunnel 3.16

Stunnel Stunnel 3.19

Stunnel Stunnel 3.8

Stunnel Stunnel 4.0 4

Stunnel Stunnel 4.0 2

Stunnel Stunnel 4.0 1

VanDyke SecureCRT 4.0.2

VanDyke SecureCRT 4.0.3

VanDyke SecureCRT 4.0.4

SGI IRIX 6.5.19

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站