Subject: Re: what is the threat of the openssl advisory?
To: None <>
From: George Georgalis <>
List: current-users
Date: 09/29/2006 12:10:48
On Fri, Sep 29, 2006 at 08:50:29AM -0400, Jeff Quast wrote:
>On 9/28/06, George Georgalis <> wrote:
>> There was an openssl advisory today
>> my primary concern is
>>  A buffer overflow was discovered in the SSL_get_shared_ciphers()
>>  utility function.  An attacker could send a list of ciphers to an
>>  application that uses this function and overrun a buffer
>>  (CVE-2006-3738).
>> there is no comment on if an exploit is known to exist or how
>> difficult (or easy) it would be to create one based on the patch.
>> In fact the netbsd openssl looks pretty different than freebsd
>> in the context of applying the patch. Can we determine a level
>> of risk?  Are all ssl, openvpn, ssh, https, etc servers needing
>> access restricted to friendly IPs or is the threat just one bit
>> inside "astronomically possible?" -- I cannot tell.
>> // George
>For OpenSSH, to cite
>> Re: OpenSSH 4.4 released (mod 10/10)
>> by djm@ (IP on Thu Sep 28 05:17:36 2006 (GMT)
>> > It is my understanding that OpenSSH relies on OpenSSL,
>> > but can we really trust OpenSSL? [etc...]
>> OpenSSH doesn't trust OpenSSL for anything more than cryptographic
>> primitives. In particular, it avoids its default RSA signature verification
>> code that depends on the OpenSSL ASN.1 code - we use our own
>> minimal implementation instead (ssh-rsa.c).
>> IIRC this has saved us from at least two bugs so far: an ASN.1 bug a
>> while ago and the new Bleichenbacher attack.
>> Thanks Markus Friedl for this code :)
>of course, you should always review code yourself if this is such a
>serious issue. System administrators should be proficient in C for
>this very reason (and why I think recent 'network security' roles
>coming into corperations are full of smoke)

Thanks, I didn't realize openssh didn't depend on openssl for
this. (but aparently RedHat thinks it does)

Nobody seems concerned apache-ssl and openvpn servers are
vulnerable to "SSL_get_shared_ciphers() buffer overflow
(CVE-2006-3738)" though.

What the function does:

It is not clear to me if this is a server issue at all,
or only a client issue (eg firefox or other applications
that use ssl, https etc). seems the latter. Anyway the
ASN.1/Bleichenbacher issue is not the CVE-2006-3738 issue I'm
concerned with. Though it seems a client not a server issue.


// George

George Georgalis, systems architect, administrator <IXOYE><