[Pkg-openssl-devel] Bug#532037: Bug#532037: CVE-2009-138{6, 7}: Two OpenSSL DTLS remote DoS
Kurt Roeckx
kurt at roeckx.be
Mon Jun 8 17:22:05 UTC 2009
On Sat, Jun 06, 2009 at 12:10:53AM +0200, Giuseppe Iuculano wrote:
> Package: openssl
> Severity: serious
> Tags: security
>
>
> Hi,
> the following CVE (Common Vulnerabilities & Exposures) ids were
> published for openssl.
>
> CVE-2009-1386[0]:
> | ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause
> | a denial of service (NULL pointer dereference and daemon crash) via a
> | DTLS ChangeCipherSpec packet that occurs before ClientHello.
So this is already fixed in unstable, but not in
testing/stable/oldstable.
Since this seems to be DTLS related, this doesn't affect
openssl097.
> CVE-2009-1387[1]:
> | The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in
> | OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial
> | of service (NULL pointer dereference and daemon crash) via an
> | out-of-sequence DTLS handshake message, related to a "fragment bug."
I'll upload this to unstable, and provided fixed packages
for stable/oldstable for both issues.
Kurt
More information about the Pkg-openssl-devel
mailing list