The process of scrutinizing the OpenSSL source code, which began with the discovery of the Heart Bleed vulnerability, is continuing and picking up speed. As we previously foretold, professionals around the world have turned their heads to the encryption library, to better the way we keep our information safe. This is why, new vulnerabilities are bound to be discovered. A fresh example of that, are the new vulnerabilities found just a day ago. The large number of nine new weaknesses, may frighten you at first, but what it really means is that much is done to patch the leaks and improve the user experience of the encryption library.
To put things in context we will spare few words for each of the newly found vulnerabilities:
• There is a flaw in the OBJ_obj2txt that may cause pretty printing functions such as X509_name_online , X509_name_print_ex etc. to leak information. The vulnerability my affect some applications and cause them to echo pretty printing output to a malicious actor.
• An issue allowing a malicious server to crash the client by specifying an SRP cipher suite even though it was not properly negotiated with the client. This can be exploited through a DDoS attack.
• Up to 255 bytes of freed memory can be written up if a multithreaded client connects to a malicious server with a resumed session and the server sends an ec point format extension.
• An error condition can be forced by an attacker, crashing OpenSSL while processing DTLS packets, due to the double freeing of memory. This also can be exploited through a DDoS attack.
• OpenSSl can be forsed to consume large amounts of memory while processing DTLS handshake messages. This can be exploited through a Denial of Service attack.
• By sending carefully crafted DTLS packets an attacker could cause OpenSSL to leak memory. This can be exploited through a Denial of Service attack.
• OpenSSL DTLS clients enabling anonymous (EC)DH cipher suites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference (read) by specifying an anonymous (EC)DH cipher suite and sending carefully crafted handshake messages.
• A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate TLS 1.0 instead of higher protocol versions when the ClientHello message is badly fragmented. This allows a man-in-the-middle attacker to force a downgrade to TLS 1.0 even if both the server and the client support a higher protocol version, by modifying the client’s TLS records.
• A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected.
To ease the nerves of our clients, we would like to state that we have done a timely operational update, that has patched all known vulnerabilities. We are currently running OpenSSL version 1.0.1i as it is secured from all discovered weaknesses of the encryption library source code and is recommended by the OpenSSL team. The update of the OpenSSL library has been applied throughout our whole infrastructure and all of our Points of Presence are now patched for these vulnerabilities.
The cleaning up of OpenSSL’s source code is far from over. This means that there are surely new weak points to be found in the future and new fixes and patches to be applied. We would like to assure our customers that each fix is implemented within the shortest time possible and all of their information is safe with us. We strive to achieve utmost service excellence and lasting customer satisfaction, this is why we do our best to keep both our infrastructure and our software up-to-date and as secure as possible.