OpenSSL Clears Logjam, Fixes Holes
Tuesday, June 16, 2015 @ 10:06 AM gHale
The latest versions of OpenSSL, the open-source toolkit for SSL/TLS, fixes moderate and low severity security bugs.
The latest OpenSSL released versions are 1.0.2b, 1.0.1n, 1.0.0s and 0.9.8zg.
An advisory published by the developers reports about a patch for the vulnerability labeled “Logjam.”
The developers mitigated it in OpenSSL 1.0.2b and 1.0.1n. The vulnerability (CVE-2015-4000) is similar to FREAK and attackers can leverage it via man-in-the-middle (MitM) attacks to downgrade TLS connections to 512-bit export-grade cryptography.
“OpenSSL has added protection for TLS clients by rejecting handshakes with DH (Diffie-Hellman) parameters shorter than 768 bits. This limit will be increased to 1024 bits in a future release,” OpenSSL said in advisory.
The latest updates also address a moderate severity denial-of-service (DoS) vulnerability caused by the way ECParameters structures end up handled (CVE-2015-1788).
“When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field,” OpenSSL said in its advisory. “This can be used to perform denial of service against any system which processes public keys, certificate requests or certificates. This includes TLS clients and TLS servers with client authentication enabled.”
The vulnerability affects OpenSSL 1.0.2, 1.0.1, 1.0.0d and below, and 0.9.8r and below. Recent 1.0.0 and 0.9.8 versions are not impacted.
Another moderate severity DoS flaw is an out-of-bounds read in the X509_cmp_time function (CVE-2015-1789).
The vulnerability affects all current versions of OpenSSL and it can end up exploited with the aid of malformed certificates and certificate revocation lists (CRLs) against applications that verify certificates or CRLs.