----------------------------------------------------------------------- Immunix Secured OS Security Advisory Packages updated: openssl, openssh, mod_ssl Affected products: ImmunixOS 6.2, 7.0, 7+ Bugs fixed: CAN-2003-0131 CAN-2003-0147 Date: Wed Mar 26 2003 Advisory ID: IMNX-2003-7+-001-01 Author: Seth Arnold <sarnoldat_private> ----------------------------------------------------------------------- Description: This update fixes two problems with openssl packages and recompiles openssh and mod_ssl against the new version of openssl. Quoting from the OpenSSL advisory: Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa have come up with an extension of the "Bleichenbacher attack" on RSA with PKCS #1 v1.5 padding as used in SSL 3.0 and TLS 1.0. Their attack requires the attacker to open millions of SSL/TLS connections to the server under attack; the server's behaviour when faced with specially made-up RSA ciphertexts can reveal information that in effect allows the attacker to perform a single RSA private key operation on a ciphertext of its choice using the server's RSA key. Note that the server's RSA key is not compromised in this attack. The other problem, quoting from the CERT advisory: David Brumley and Dan Boneh, researchers at Stanford University, have written a paper that demonstrates a practical attack that can be used to extract private keys from vulnerable RSA applications. Using statistical techniques and carefully measuring the amount of time required to complete an RSA operation, an attacker can recover one of the factors (q) of the RSA key. [...] Under optimal conditions, a 1024-bit RSA private key was extracted in approximately two hours using ~350,000 guesses. References: http://www.kb.cert.org/vuls/id/997481 http://www.openssl.org/news/secadv_20030319.txt Package names and locations: Precompiled binary packages for Immunix 7+ are available at: http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/mod_ssl-2.8.12-1.7_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/openssh-3.4p1-1_imnx_10.i386.rpm http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/openssh-askpass-3.4p1-1_imnx_10.i386.rpm http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/openssh-clients-3.4p1-1_imnx_10.i386.rpm http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/openssh-server-3.4p1-1_imnx_10.i386.rpm http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/openssl-0.9.6g-1_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/openssl-devel-0.9.6g-1_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/openssl-perl-0.9.6g-1_imnx_2.i386.rpm Immunix OS 7+ md5sums: 17a8a4c07a421c0b0a98369d77d06ed4 openssh-3.4p1-1_imnx_10.i386.rpm 59bffcfb9ca2fbe74e9d2eb3568d134a openssh-askpass-3.4p1-1_imnx_10.i386.rpm 37d2acf53c72ee23e5f9576557a5fd6e openssh-clients-3.4p1-1_imnx_10.i386.rpm d61f9a2c3fc41f8dded88f2b84be2a83 openssh-server-3.4p1-1_imnx_10.i386.rpm ccb8fa2cce44efa243d368cf7785b9cf openssl-0.9.6g-1_imnx_2.i386.rpm 0ba9e8a2c9728a64ee4a89aa2cecd804 openssl-devel-0.9.6g-1_imnx_2.i386.rpm fa6f0d1dde78b941a8bc9147dfd7a5b6 openssl-perl-0.9.6g-1_imnx_2.i386.rpm 490d4340e153daff3e3e4e548321e5af mod_ssl-2.8.12-1.7_imnx_2.i386.rpm GPG verification: Our public key is available at <http://wirex.com/security/GPG_KEY>. NOTE: Ibiblio is graciously mirroring our updates, so if the links above are slow, please try: ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/ or one of the many mirrors available at: http://www.ibiblio.org/pub/Linux/MIRRORS.html ImmunixOS 6.2 is no longer officially supported. ImmunixOS 7.0 is no longer officially supported. Contact information: To report vulnerabilities, please contact securityat_private WireX attempts to conform to the RFP vulnerability disclosure protocol <http://www.wiretrip.net/rfp/policy.html>.
This archive was generated by hypermail 2b30 : Thu Mar 27 2003 - 15:55:12 PST