Vulners
Lucene search
OpenSSL < 0.9.8l and previous versions Multiple Vulnerability
| Reporter | Title | Published | Views | Family All 145 |
|---|---|---|---|---|
 | Security Bulletin: This Power System update is being released to address multiple CVEs for vTPM1.2 | 5 Dec 202223:45 | – | ibm |
 | Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8m-alt1 | 26 Feb 201000:00 | – | altlinux |
| Security fix for the ALT Linux 8 package openssl10 version 0.9.8m-alt1 | 26 Feb 201000:00 | – | altlinux |
| Security fix for the ALT Linux 6 package openssl10 version 0.9.8m-alt1 | 26 Feb 201000:00 | – | altlinux |
| Security fix for the ALT Linux 9 package openssl10 version 0.9.8m-alt1 | 26 Feb 201000:00 | – | altlinux |
 | OpenSSL < 0.9.8m Multiple Vulnerabilities | 9 Mar 201000:00 | – | nessus |
| Mac OS X 10.6 < 10.6.8 Multiple Vulnerabilities | 23 Jun 201100:00 | – | nessus |
| Mac OS X 10.6 < 10.6.8 Multiple Vulnerabilities | 23 Jun 201100:00 | – | nessus |
| OpenSSL < 0.9.8m Multiple Vulnerabilities | 9 Mar 201000:00 | – | nessus |
| AIX OpenSSL Advisory : openssl_advisory.asc | 16 Apr 201400:00 | – | nessus |
10
=============================================================
OpenSSL < 0.9.8l and previous versions Multiple Vulnerability
=============================================================
SecurityRisk : High Security Risk High (About)
Arrow Remote Exploit : Yes
Arrow Local Exploit : No
Arrow Victim interaction required : No
Arrow Exploit Available : Yes
Arrow Credit : Bodo Moeller
Arrow Published : 09.03.2010
Arrow Affected Software : openssl:openssl:0.9.8l and previous versions
openssl:openssl:0.9.8k
openssl:openssl:0.9.8j
openssl:openssl:0.9.8i
openssl:openssl:0.9.8h
openssl:openssl:0.9.8g
openssl:openssl:0.9.8f
openssl:openssl:0.9.8e
openssl:openssl:0.9.8d
openssl:openssl:0.9.8c
openssl:openssl:0.9.8b
openssl:openssl:0.9.8a
openssl:openssl:0.9.8
OpenSSL CVS Repository
http://cvs.openssl.org/
___________________________________________________________________________
_
Server: cvs.openssl.org Name: Bodo Moeller
Root: /v/openssl/cvs Email: [email protected]
Module: openssl Date: 23-Feb-2010 11:36:41
Branch: OpenSSL_0_9_8-stable Handle: 2010022310363902
Modified files: (Branch: OpenSSL_0_9_8-stable)
openssl CHANGES
openssl/crypto/bn bn_div.c bn_gf2m.c
openssl/crypto/ec ec2_smpl.c
openssl/engines e_ubsec.c
Log:
Always check bn_wexpend() return values for failure (CVE-2009-3245).
(The CHANGES entry covers the change from PR #2111 as well, submitted
by
Martin Olsson.)
Submitted by: Neel Mehta
Summary:
Revision Changes Path
1.1238.2.189+3 -0 openssl/CHANGES
1.37.2.9 +1 -1 openssl/crypto/bn/bn_div.c
1.18.2.3 +2 -1 openssl/crypto/bn/bn_gf2m.c
1.14.2.2 +6 -4 openssl/crypto/ec/ec2_smpl.c
1.13.2.4 +2 -2 openssl/engines/e_ubsec.c
___________________________________________________________________________
_
patch -p0 <<'@@ .'
Index: openssl/CHANGES
===========================================================================
=
$ cvs diff -u -r1.1238.2.188 -r1.1238.2.189 CHANGES
--- openssl/CHANGES 19 Feb 2010 18:25:37 -0000 1.1238.2.188
+++ openssl/CHANGES 23 Feb 2010 10:36:39 -0000 1.1238.2.189
@@ -4,6 +4,9 @@
Changes between 0.9.8l and 0.9.8m [xx XXX xxxx]
+ *) Always check bn_wexpend() return values for failure.
(CVE-2009-3245)
+ [Martin Olsson, Neel Mehta]
+
*) Fix X509_STORE locking: Every 'objs' access requires a lock (to
accommodate for stack sorting, always a write lock!).
[Bodo Moeller]
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/bn/bn_div.c
===========================================================================
=
$ cvs diff -u -r1.37.2.8 -r1.37.2.9 bn_div.c
--- openssl/crypto/bn/bn_div.c 17 Jun 2009 11:26:39 -0000 1.37.2.8
+++ openssl/crypto/bn/bn_div.c 23 Feb 2010 10:36:41 -0000 1.37.2.9
@@ -102,7 +102,7 @@
/* The next 2 are needed so we can do a dv->d<A NAME="-0"></A>[0]|=1
later
* since BN_lshift1 will only work once there is a value :-) */
BN_zero(dv);
- bn_wexpand(dv,1);
+ if(bn_wexpand(dv,1) == NULL) goto end;
dv->top=1;
if (!BN_lshift(D,D,nm-nd)) goto end;
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/bn/bn_gf2m.c
===========================================================================
=
$ cvs diff -u -r1.18.2.2 -r1.18.2.3 bn_gf2m.c
--- openssl/crypto/bn/bn_gf2m.c 23 Jun 2008 20:46:28 -0000 1.18.2.2
+++ openssl/crypto/bn/bn_gf2m.c 23 Feb 2010 10:36:41 -0000 1.18.2.3
@@ -294,7 +294,8 @@
if (a->top < b->top) { at = b; bt = a; }
else { at = a; bt = b; }
- bn_wexpand(r, at->top);
+ if(bn_wexpand(r, at->top) == NULL)
+ return 0;
for (i = 0; i < bt->top; i++)
{
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/ec/ec2_smpl.c
===========================================================================
=
$ cvs diff -u -r1.14.2.1 -r1.14.2.2 ec2_smpl.c
--- openssl/crypto/ec/ec2_smpl.c 13 Mar 2006 23:12:07 -0000 1.14.2.1
+++ openssl/crypto/ec/ec2_smpl.c 23 Feb 2010 10:36:41 -0000 1.14.2.2
@@ -174,8 +174,10 @@
dest->poly<A NAME="-2"></A>[2] = src->poly[2];
dest->poly<A NAME="-3"></A>[3] = src->poly[3];
dest->poly<A NAME="-4"></A>[4] = src->poly[4];
- bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2);
- bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2);
+ if(bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2)
== NULL)
+ return 0;
+ if(bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2)
== NULL)
+ return 0;
for (i = dest->a.top; i < dest->a.dmax; i++) dest->a.d[i] = 0;
for (i = dest->b.top; i < dest->b.dmax; i++) dest->b.d[i] = 0;
return 1;
@@ -199,12 +201,12 @@
/* group->a */
if (!BN_GF2m_mod_arr(&group->a, a, group->poly)) goto err;
- bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) /
BN_BITS2);
+ if(bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) /
BN_BITS2) == NULL) goto err;
for (i = group->a.top; i < group->a.dmax; i++) group->a.d[i] = 0;
/* group->b */
if (!BN_GF2m_mod_arr(&group->b, b, group->poly)) goto err;
- bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) /
BN_BITS2);
+ if(bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) /
BN_BITS2) == NULL) goto err;
for (i = group->b.top; i < group->b.dmax; i++) group->b.d[i] = 0;
ret = 1;
@@ .
patch -p0 <<'@@ .'
Index: openssl/engines/e_ubsec.c
===========================================================================
=
$ cvs diff -u -r1.13.2.3 -r1.13.2.4 e_ubsec.c
--- openssl/engines/e_ubsec.c 6 Sep 2007 12:43:53 -0000 1.13.2.3
+++ openssl/engines/e_ubsec.c 23 Feb 2010 10:36:41 -0000 1.13.2.4
@@ -934,7 +934,7 @@
priv_key = BN_new();
if (priv_key == NULL) goto err;
priv_key_len = BN_num_bits(dh->p);
- bn_wexpand(priv_key, dh->p->top);
+ if(bn_wexpand(priv_key, dh->p->top) == NULL) goto err;
do
if (!BN_rand_range(priv_key, dh->p)) goto err;
while (BN_is_zero(priv_key));
@@ -949,7 +949,7 @@
{
pub_key = BN_new();
pub_key_len = BN_num_bits(dh->p);
- bn_wexpand(pub_key, dh->p->top);
+ if(bn_wexpand(pub_key, dh->p->top) == NULL) goto err;
if(pub_key == NULL) goto err;
}
else
@@ .
# 0day.today [2018-02-21] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
09 Mar 2010 00:00Current
7.1High risk
Vulners AI Score7.1
EPSS0.19914