FreeBSD : openssl -- TLS extension parsing race condition (3042c33a-f237-11df-9d02-0018fe623f2b)

NASLDB: FreeBSD : openssl -- TLS extension parsing race condition (3042c33a-f237-11df-9d02-0018fe623f2b)

General

ID: 50627
Name: FreeBSD : openssl — TLS extension parsing race condition (3042c33a-f237-11df-9d02-0018fe623f2b)

Summary: Checks for updated package in pkg_info output

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –

Port: 0
Family: FreeBSD Local Security Checks
Type: Local

Description

OpenSSL Team reports :

Rob Hulswit has found a flaw in the OpenSSL TLS server extension code
parsing which on affected servers can be exploited in a buffer overrun
attack.

Any OpenSSL based TLS server is vulnerable if it is multi-threaded and
uses OpenSSL’s internal caching mechanism. Servers that are
multi-process and/or disable internal session caching are NOT
affected.

In particular the Apache HTTP server (which never uses OpenSSL
internal caching) and Stunnel (which includes its own workaround) are
NOT affected.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2010-3864
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: 2010/10/08
Patch Release: 2010/11/17
Plugin Release: 2010/11/18

Plugin

Version: 1.7
Filename: freebsd_pkg_3042c33af23711df9d020018fe623f2b.nasl
Filesize: 4552 bytes
MD5 Hash: 09ddef6648da44342aee4de9db32dddf

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info
Dependencies: "ssh_get_info.nasl"