Mandriva Linux Security Advisory : openssl (MDVSA-2014:158)
Medium Nessus Plugin ID 77097
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionMultiple vulnerabilities has been discovered and corrected in openssl :
A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. OpenSSL SSL/TLS clients and servers themselves are not affected (CVE-2014-3508).
If a multithreaded client connects to a malicious server using a resumed session and the server sends an ec point format extension it could write up to 255 bytes to freed memory (CVE-2014-3509).
An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. This can be exploited through a Denial of Service attack (CVE-2014-3505).
An attacker can force openssl to consume large amounts of memory whilst processing DTLS handshake messages. This can be exploited through a Denial of Service attack (CVE-2014-3506).
By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. This can be exploited through a Denial of Service attack (CVE-2014-3507).
OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a NULL pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and sending carefully crafted handshake messages (CVE-2014-3510).
The updated packages have been upgraded to the 1.0.0n version where these security flaws has been fixed.
SolutionUpdate the affected packages.