Vulnerability Note VU#978508

OpenSSL is vulnerable to a man-in-the-middle attack

Original Release date: 05 6月 2014 | Last revised: 05 6月 2014

Overview

OpenSSL is vulnerable to a man-in-the-middle attack.

Description

The OpenSSL security advisory states:

    SSL/TLS MITM vulnerability (CVE-2014-0224)
    ===========================================

    An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.

    The attack can only be performed between a vulnerable client *and* server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.

    OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za.
    OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m.
    OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.

    Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and researching this issue. This issue was reported to OpenSSL on 1st May 2014 via JPCERT/CC.

    The fix was developed by Stephen Henson of the OpenSSL core team partly based on an original patch from KIKUCHI Masashi.

Additional details may be found in the OpenSSL security advisory. This vulnerability is one of many that has been fixed in the latest release.

Masashi Kikuchi has written a technical blog post about the vulnerability.

Impact

A remote attacker with a man-in-the-middle vantage point on the network may be able to decrypt or modify traffic between a client and server.

Solution

Apply an Update

OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za.
OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m.
OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
FreeBSD ProjectAffected02 Jun 201405 Jun 2014
OpenSSLAffected09 May 201405 Jun 2014
Red Hat, Inc.Affected02 Jun 201405 Jun 2014
UbuntuAffected02 Jun 201405 Jun 2014
ACCESSUnknown02 Jun 201402 Jun 2014
Alcatel-LucentUnknown02 Jun 201402 Jun 2014
Apple Inc.Unknown02 Jun 201402 Jun 2014
Aruba Networks, Inc.Unknown02 Jun 201402 Jun 2014
AttachmateUnknown02 Jun 201402 Jun 2014
AT&TUnknown02 Jun 201402 Jun 2014
Avaya, Inc.Unknown02 Jun 201402 Jun 2014
Barracuda NetworksUnknown02 Jun 201402 Jun 2014
Belkin, Inc.Unknown02 Jun 201402 Jun 2014
Blue Coat SystemsUnknown02 Jun 201402 Jun 2014
BrocadeUnknown02 Jun 201402 Jun 2014
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base 6.4 AV:A/AC:M/Au:N/C:C/I:P/A:N
Temporal 5.0 E:POC/RL:OF/RC:C
Environmental 8.1 CDP:H/TD:H/CR:H/IR:M/AR:L

References

Credit

Thanks to KIKUCHI Masashi for reporting this vulnerability.

This document was written by Jared Allar.

Other Information

  • CVE IDs: CVE-2014-0224
  • Date Public: 05 6月 2014
  • Date First Published: 05 6月 2014
  • Date Last Updated: 05 6月 2014
  • Document Revision: 17

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.