RHEL 2.1 : openssl (RHSA-2003:063)

medium Nessus Plugin ID 12368

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Updated OpenSSL packages are available that fix a potential timing-based attack.

[Updated 12 March 2003] Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise Linux WS

OpenSSL is a commercial-grade, full-featured, open source toolkit which implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength, general purpose cryptography library.

In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites in SSL and TLS. An active attacker may be able to use timing observations to distinguish between two different error cases:
cipher padding errors and MAC verification errors. Over multiple connections this can leak sufficient information to be able to retrieve the plaintext of a common, fixed block.

In order for an attack to be sucessful an attacker must be able to act as a man-in-the-middle to intercept and modify multiple connections which all involve a common fixed plaintext block (such as a password), and have good network conditions that allow small changes in timing to be reliably observed.

These updated packages contain a patch provided by the OpenSSL group that corrects this vulnerability.

Because server applications are affected by these vulnerabilities, we advise users to restart all services that use OpenSSL functionality or alternatively reboot their systems after installing these updates.

Solution

Update the affected packages.

See Also

https://access.redhat.com/security/cve/cve-2003-0078

https://lasec.epfl.ch/pub/lasec/doc/Vau02a.ps

https://access.redhat.com/errata/RHSA-2003:063

Plugin Details

Severity: Medium

ID: 12368

File Name: redhat-RHSA-2003-063.nasl

Version: 1.27

Type: local

Agent: unix

Published: 7/6/2004

Updated: 1/14/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:openssl, p-cpe:/a:redhat:enterprise_linux:openssl-devel, p-cpe:/a:redhat:enterprise_linux:openssl-perl, p-cpe:/a:redhat:enterprise_linux:openssl095a, p-cpe:/a:redhat:enterprise_linux:openssl096, cpe:/o:redhat:enterprise_linux:2.1

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 3/20/2003

Vulnerability Publication Date: 3/3/2003

Reference Information

CVE: CVE-2003-0078

RHSA: 2003:063