Home page logo

bugtraq logo Bugtraq mailing list archives

UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : OpenSSL Multiple Vulnerabilities
From: security () sco com
Date: Thu, 2 Oct 2003 14:45:48 -0700

To: announce () lists sco com bugtraq () securityfocus com full-disclosure () lists netsys com

Hash: SHA1


                        SCO Security Advisory

Subject:                UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : OpenSSL Multiple Vulnerabilities
Advisory number:        CSSA-2003-SCO.25
Issue date:             2003 October 01
Cross reference:

1. Problem Description

        OpenSSL is a commercial-grade, full-featured, open source
        toolkit that implements Secure Sockets Layer (SSL v2/v3)
        and Transport Layer Security (TLS v1) protocols, as well
        as a full-strength general purpose cryptography library.

        Multiple vulnerabilities have been found that could result
        in denial of service. NISCC (www.niscc.gov.uk) prepared a
        test suite to check the operation of SSL/TLS software when
        presented with a wide range of malformed client certificates.

        Dr Stephen Henson (steve () openssl org) of the OpenSSL core
        team identified and prepared fixes for a number of
        vulnerabilities in the OpenSSL ASN1 code when running the
        test suite. 

        A bug in OpenSSLs SSL/TLS protocol was also identified which 
        causes OpenSSL to parse a client certificate from an SSL/TLS 
        client when it should reject it as a protocol error. For the 
        full OpenSSL advisory please see:

        The Common Vulnerabilities and Exposures project (cve.mitre.org) 
        has assigned the name CAN-2003-0545 and CAN-2003-0543 and
        CAN-2003-0544 to these issues. 

        CERT has assigned the names VU#935264, VU#255484 and VU#255484 
        to these issues. 

        CERT VU#935264 / CAN-2003-0545: Double-free vulnerability in
        OpenSSL 0.9.7 allows remote attackers to cause a denial
        of service (crash) and possibly execute arbitrary code via
        an SSL client certificate with a certain invalid ASN.1

        CERT VU#255484 / CAN-2003-0543: Integer overflow
        in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause
        a denial of service (crash) via an SSL client certificate
        with certain ASN.1 tag values. 

        CERT VU#255484 / CAN-2003-0544:
        OpenSSL 0.9.6 and 0.9.7 does not properly track the number
        of characters in certain ASN.1 inputs, which allows remote
        attackers to cause a denial of service (crash) via an SSL
        client certificate that causes OpenSSL to read past the
        end of a buffer when the long form is used. 

2. Vulnerable Supported Versions

        System                          Binaries
        UnixWare 7.1.3, 
        Open UNIX 8.0.0,
        UnixWare 7.1.1 
3. Solution

        The proper solution is to install the latest packages.

4. UnixWare 7.1.3 / Open UNIX 8.0.0 / UnixWare 7.1.1

        4.1 The OpenSsl package must be installed.  It is located at


        4.2 Location of Fixed Binaries


        4.3 Verification

        MD5 (erg712449.Z) = 3a52615dfa14ef4ea7be1a4221fa7aed

        md5 is available for download from

        4.4 Installing Fixed Binaries

        Upgrade the affected binaries with the following sequence:

        1. Download the erg712449.Z file to the /tmp directory on your machine.

        2. As root, uncompress the file and add the package to your system
           using these commands:

        $ su
        Password: <type your root password>
        # uncompress /tmp/erg712449.Z
        # pkgadd -d /tmp/erg712449
        # rm /tmp/erg712449

5. References

        Specific references for this advisory:

        SCO security resources:

        This security fix closes SCO incidents sr885388 fz528383

6. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers
        intended to promote secure installation and use of SCO

7. Acknowledgments

        SCO would like to thank Dr. Stephen Henson who discovered
        a number of errors in the OpenSSL ASN1 code, using a test
        suite provided by NISCC (www.niscc.gov.uk). SCO would also
        like to thank NISCC for their research.


Version: GnuPG v1.2.3 (SCO/UNIX_SVR5)


  By Date           By Thread  

Current thread:
  • UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : OpenSSL Multiple Vulnerabilities security (Oct 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]