76 lines
3 KiB
XML
76 lines
3 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
|
|
|
<glsa id="200612-11">
|
|
<title>AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities</title>
|
|
<synopsis>
|
|
OpenSSL contains multiple vulnerabilities including the possible execution
|
|
of remote arbitrary code.
|
|
</synopsis>
|
|
<product type="ebuild">emul-linux-x86-baselibs</product>
|
|
<announced>December 11, 2006</announced>
|
|
<revised>December 11, 2006: 01</revised>
|
|
<bug>152640</bug>
|
|
<access>remote</access>
|
|
<affected>
|
|
<package name="app-emulation/emul-linux-x86-baselibs" auto="yes" arch="amd64">
|
|
<unaffected range="ge">2.5.5</unaffected>
|
|
<vulnerable range="lt">2.5.5</vulnerable>
|
|
</package>
|
|
</affected>
|
|
<background>
|
|
<p>
|
|
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport
|
|
Layer Security protocols and a general-purpose cryptography library.
|
|
The x86 emulation base libraries for AMD64 contain a vulnerable version
|
|
of OpenSSL.
|
|
</p>
|
|
</background>
|
|
<description>
|
|
<p>
|
|
Tavis Ormandy and Will Drewry, both of the Google Security Team,
|
|
discovered that the SSL_get_shared_ciphers() function contains a buffer
|
|
overflow vulnerability, and that the SSLv2 client code contains a flaw
|
|
leading to a crash. Additionally, Dr. Stephen N. Henson found that the
|
|
ASN.1 handler contains two Denial of Service vulnerabilities: while
|
|
parsing an invalid ASN.1 structure and while handling certain types of
|
|
public key.
|
|
</p>
|
|
</description>
|
|
<impact type="high">
|
|
<p>
|
|
An attacker could trigger the buffer overflow by sending a malicious
|
|
suite of ciphers to an application using the vulnerable function, and
|
|
thus execute arbitrary code with the rights of the user running the
|
|
application. An attacker could also consume CPU and/or memory by
|
|
exploiting the Denial of Service vulnerabilities. Finally, a malicious
|
|
server could crash a SSLv2 client through the SSLv2 vulnerability.
|
|
</p>
|
|
</impact>
|
|
<workaround>
|
|
<p>
|
|
There is no known workaround at this time.
|
|
</p>
|
|
</workaround>
|
|
<resolution>
|
|
<p>
|
|
All AMD64 x86 emulation base libraries users should upgrade to the
|
|
latest version:
|
|
</p>
|
|
<code>
|
|
# emerge --sync
|
|
# emerge --ask --oneshot --verbose ">=app-emulation/emul-linux-x86-baselibs-2.5.5"</code>
|
|
</resolution>
|
|
<references>
|
|
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937">CVE-2006-2937</uri>
|
|
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940">CVE-2006-2940</uri>
|
|
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738">CVE-2006-3738</uri>
|
|
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343">CVE-2006-4343</uri>
|
|
</references>
|
|
<metadata tag="submitter" timestamp="Tue, 24 Oct 2006 10:04:50 +0000">
|
|
falco
|
|
</metadata>
|
|
<metadata tag="bugReady" timestamp="Mon, 11 Dec 2006 23:29:14 +0000">
|
|
falco
|
|
</metadata>
|
|
</glsa>
|