[ Fedora Core OpenSSL Exploit ]

t3gah · 03-25-2005, 02:20 AM

According to Linux Security, the OpenSSL that comes with Fedora Core is vulnerable to attacks by false SSL handshakes that will cause a DoS to your system.

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

For those that don't know what DoS means, the acronymn stands for: Denial Of Service.
(Basically you get locked out from the Internet because your operating system can't handle what's coming in network wise.)

If you run rkhunter on your FC system you will see a report that indeed this is true.

freshmeat.net: Project details for Rootkit Hunter

This exploit effects OpenSSL 0.9.7a which you will see is the package that installs in RedHat's Fedora Project Core 3 release.

t3gah · 03-27-2005, 01:00 AM

If you look in http://download.fedora.redhat.com for the "update" directory for FC3, you will see not a version HIGHER than 0.9.7a but what you will see is the version that doesn't have the problem and that version is 0.9.6b.

http://www.securityspace.com/smysecu....html?id=51126

http://www.remoteassessment.com/?op=...e&vulnid=12704

http://www.linuxsecurity.com/content/view/105849/110/

What's really strange about this issue is the fact that the alert came from RedHat over one year ago today and the problem are RedHat O/S releases. Those versions of RH were and still are:

Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)

The OpenSSL version from RH is also the same revision that RedHat put in their Fedora Project, Core 3 release. The alert goes on to state that RH users should run up2date immediately as this is a critical flaw and will allow servers and clients to be hacked with sensitive data stolen as a possible end result scenario. This effects all applications that use OpenSSL.

There should be a notice on the FC3 ISO download web page IMHO.....

Quote:

Test ID: 51126
Category: Red Hat Local Security Checks
Title: RedHat Security Advisory RHSA-2004:120
Summary: Redhat Security Advisory RHSA-2004:120

Description: The remote host is missing updates announced in advisory RHSA-2004:120.

The OpenSSL toolkit implements Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1) protocols, and serves as a full-strength general purpose cryptography library.

Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a null-pointer assignment in the do_change_cipher_spec() function in OpenSSL 0.9.6c-0.9.6k and 0.9.7a-0.9.7c. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that uses the OpenSSL library in such a way as to cause OpenSSL to crash. Depending on the application this could lead to a denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0079 to this issue.......

For the rest of the article click this link > http://rhn.redhat.com/errata/RHSA-2004-120.html

One less now with this post for the 0 reply list > http://www.linuxquestions.org/questi...n=norepliesall