The OpenSSL Project on Wednesday warned of multiple security holes in its implementation of the Secure Sockets Layer (SSL) protocol.
The project, which provides an open source toolkit for the Secure Socket
Layer (SSL) and Transport Layer Security (TLS) protocols, said the
vulnerabilities could be exploited by malicious hackers to trigger
Independent security consultants Secunia classified the flaws as
According to a project advisory,
internal testing uncovered a null-pointer assignment in the
“do_change_cipher_spec()” function used during the SSL/TLS handshake. The vulnerability could create an exploit situation that can cause OpenSSL to crash, the advisory said.
“A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that used the OpenSSL library in such a way as to cause
OpenSSL to crash. Depending on the application this could lead to a
denial-of-service,” it said.
All versions of OpenSSL from 0.9.6c to 0.9.6l inclusive and from 0.9.7a
to 0.9.7c inclusive are impacted by the vulnerabilities.
The group also warned of an out-of-bounds read error in a routine used during the SSL/TLS handshake when using Kerberos ciphersuites. This can also be exploited to crash OpenSSL via a specially crafted SSL/TLS handshake.
Immediately after the release of the OpenSSL alert, routing and switching giant Cisco
confirmed the vulnerabilities affected many of its software products. The company posted its own advisory with free software upgrades for customers.
Linux vendor Red Hat also issued updated packages
for OpenSSL, noting that the DoS vulnerabilities affected the RedHat
Enterprise Linux AS 2.1; RedHat Enterprise Linux ES 2.1; RedHat Enterprise
Linux WS 2.1 and RedHat Linux Advanced Workstation 2.1 for Itanium.