[Secure-testing-team] Bug#684527: openssl: CVE-2011-5095 - The remote SSL/TLS server accepts a weak Diffie-Hellman public value

Arne Wichmann aw at linux.de
Fri Aug 10 19:12:14 UTC 2012


Package: openssl
Version: 0.9.8o-4squeeze13
Severity: grave
Tags: security
Justification: user security hole

openssl in squeeze (at least up to 0.9.8o-4squeeze13) is vulnerable to
CVE-2011-5095 [1]. For reference you might have a look at [2] - the problem
seems to be that fips/dh/fips_dh_key.c does not incorporate a fix in
crypto/dh/dh_key.c, namely calling DH_check_pub_key, like in [3].

As far as I can see the problem is gone in 1.0.1c - but I leave this bug
open for unstable/testing so that it can be doublechecked by someone more
versed in openssl.

[1] http://security-tracker.debian.org/tracker/CVE-2011-5095
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5095
[2] http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-5095.html
[3] http://cvs.openssl.org/chngview?cn=14375

cu

AW

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable'), (50, 'unstable'), (40, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.23 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash

Versions of packages openssl depends on:
ii  libc6        2.13-33
ii  libssl1.0.0  1.0.1c-3
ii  zlib1g       1:1.2.7.dfsg-13

openssl recommends no packages.

Versions of packages openssl suggests:
ii  ca-certificates  20120623

-- no debconf information



More information about the Secure-testing-team mailing list