LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 31st, 2014
Linux Security Week: October 27th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandrake: openssl timing based attack Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Mandrake Researchers discovered a timing-based attack on RSA keys that OpenSSL is generally vulnerable to, unless RSA blinding is enabled.

________________________________________________________________________

                Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name:           openssl
Advisory ID:            MDKSA-2003:035
Date:                   March 25th, 2003

Affected versions:	7.2, 8.0, 8.1, 8.2, 9.0, 9.1,
			Corporate Server 2.1,
			Multi Network Firewall 8.2,
			Single Network Firewall 7.2
________________________________________________________________________

Problem Description:

 Researchers discovered a timing-based attack on RSA keys that OpenSSL 
 is generally vulnerable to, unless RSA blinding is enabled.  Patches 
 from the OpenSSL team have been applied to turn RSA blinding on by 
 default.
 
 An extension of the "Bleichenbacher attack" on RSA with PKS #1 v1.5 
 padding as used in SSL 3.0 and TSL 1.0 was also created by Czech 
 cryptologists Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa.  This 
 attack requires the attacker to open millions of SSL/TLS connections to 
 the server they are attacking.  This is done because the server's 
 behaviour when faced with specially crafted RSA ciphertexts can reveal 
 information that would in effect allow the attacker to perform a single 
 RSA private key operation on a ciphertext of their choice, using the 
 server's RSA key.  Despite this, the server's RSA key is not 
 compromised at any time.  Patches from the OpenSSL team modify SSL/TLS 
 server behaviour to avoid this vulnerability.
________________________________________________________________________

References:
  
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0147
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0131
   http://www.openssl.org/news/secadv_20030317.txt
   http://www.openssl.org/news/secadv_20030319.txt
   http://eprint.iacr.org/2003/052/
   http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html
________________________________________________________________________

Updated Packages:
  
 Corporate Server 2.1:
 1f97f51fc7844e5f6802e3aa6ca74791  corporate/2.1/RPMS/openssl-0.9.6i-1.4mdk.i586.rpm
 d040d1e5d74236246dc6e704bb2203f3  corporate/2.1/RPMS/libopenssl0-0.9.6i-1.4mdk.i586.rpm
 2f97c2eb1dfcc103ee9d9b7bc0da1ce6  corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.4mdk.i586.rpm
 8ced8d0418a91356f5ca9cb0c92ed13c  corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.4mdk.i586.rpm
 af0095b439927a91290dd7042ee5628b  corporate/2.1/SRPMS/openssl-0.9.6i-1.4mdk.src.rpm

 Linux-Mandrake 7.2:
 2456e38a9b1cb8a7a417ce813722d359  7.2/RPMS/openssl-0.9.5a-9.5mdk.i586.rpm
 25570e4332467ed6b9b66f7b83b98a5f  7.2/RPMS/openssl-devel-0.9.5a-9.5mdk.i586.rpm
 b81d7f132522e14f3ff3c72084ff598d  7.2/SRPMS/openssl-0.9.5a-9.5mdk.src.rpm

 Mandrake Linux 8.0:
 81d9b10942d49d2f9ced14e3a71424fd  8.0/RPMS/openssl-0.9.6i-1.3mdk.i586.rpm
 606e4b4e4e3b616bed2010853e53d51d  8.0/RPMS/openssl-devel-0.9.6i-1.3mdk.i586.rpm
 3b74a6605f4432dbe0edde40aa3dcadb  8.0/SRPMS/openssl-0.9.6i-1.3mdk.src.rpm

 Mandrake Linux 8.0/PPC:
 cdcb83e78a92995f41abc3cb609a3c1a  ppc/8.0/RPMS/openssl-0.9.6i-1.3mdk.ppc.rpm
 4ab4f18f118d908b25582c448b36e8ef  ppc/8.0/RPMS/openssl-devel-0.9.6i-1.3mdk.ppc.rpm
 3b74a6605f4432dbe0edde40aa3dcadb  ppc/8.0/SRPMS/openssl-0.9.6i-1.3mdk.src.rpm

 Mandrake Linux 8.1:
 b2ec1909cd8d4b545f400dfdd8dd21b8  8.1/RPMS/openssl-0.9.6i-1.4mdk.i586.rpm
 a5958222e4b56b28310b433a4cbf404c  8.1/RPMS/libopenssl0-0.9.6i-1.4mdk.i586.rpm
 f320b1015cf36d96e7112b422eaac247  8.1/RPMS/libopenssl0-devel-0.9.6i-1.4mdk.i586.rpm
 0ac93e28e8ea7961271fb1347bce45c0  8.1/RPMS/libopenssl0-static-devel-0.9.6i-1.4mdk.i586.rpm
 af0095b439927a91290dd7042ee5628b  8.1/SRPMS/openssl-0.9.6i-1.4mdk.src.rpm

 Mandrake Linux 8.1/IA64:
 e5bf45db5e39cabb968f67714fed5dc7  ia64/8.1/RPMS/openssl-0.9.6i-1.4mdk.ia64.rpm
 c980bab7c8b6ca490b10320c0627b8c8  ia64/8.1/RPMS/libopenssl0-0.9.6i-1.4mdk.ia64.rpm
 7cc714df2377bf7e829e0b3c4beca86e  ia64/8.1/RPMS/libopenssl0-devel-0.9.6i-1.4mdk.ia64.rpm
 132dafc5478b2d29ccbe00db9cdf4e23  ia64/8.1/RPMS/libopenssl0-static-devel-0.9.6i-1.4mdk.ia64.rpm
 af0095b439927a91290dd7042ee5628b  ia64/8.1/SRPMS/openssl-0.9.6i-1.4mdk.src.rpm

 Mandrake Linux 8.2:
 dda78cd11a20595e53312afc653fac9f  8.2/RPMS/openssl-0.9.6i-1.4mdk.i586.rpm
 4a7cd0178f82443f809cb38891582175  8.2/RPMS/libopenssl0-0.9.6i-1.4mdk.i586.rpm
 74b935ecd6879032ac68b5b44ad5c561  8.2/RPMS/libopenssl0-devel-0.9.6i-1.4mdk.i586.rpm
 98c8aea58c05af35f8332cb41bd270af  8.2/RPMS/libopenssl0-static-devel-0.9.6i-1.4mdk.i586.rpm
 af0095b439927a91290dd7042ee5628b  8.2/SRPMS/openssl-0.9.6i-1.4mdk.src.rpm

 Mandrake Linux 8.2/PPC:
 2473c3a4fa6d6590ba1cc159db8ed340  ppc/8.2/RPMS/openssl-0.9.6i-1.4mdk.ppc.rpm
 d1305bcf73666db63baebed6804b8a6c  ppc/8.2/RPMS/libopenssl0-0.9.6i-1.4mdk.ppc.rpm
 64f4c5e2c6208a391672a4402928200f  ppc/8.2/RPMS/libopenssl0-devel-0.9.6i-1.4mdk.ppc.rpm
 54d6290be283a0c38e54158db6a97474  ppc/8.2/RPMS/libopenssl0-static-devel-0.9.6i-1.4mdk.ppc.rpm
 af0095b439927a91290dd7042ee5628b  ppc/8.2/SRPMS/openssl-0.9.6i-1.4mdk.src.rpm

 Mandrake Linux 9.0:
 1f97f51fc7844e5f6802e3aa6ca74791  9.0/RPMS/openssl-0.9.6i-1.4mdk.i586.rpm
 d040d1e5d74236246dc6e704bb2203f3  9.0/RPMS/libopenssl0-0.9.6i-1.4mdk.i586.rpm
 2f97c2eb1dfcc103ee9d9b7bc0da1ce6  9.0/RPMS/libopenssl0-devel-0.9.6i-1.4mdk.i586.rpm
 8ced8d0418a91356f5ca9cb0c92ed13c  9.0/RPMS/libopenssl0-static-devel-0.9.6i-1.4mdk.i586.rpm
 af0095b439927a91290dd7042ee5628b  9.0/SRPMS/openssl-0.9.6i-1.4mdk.src.rpm

 Mandrake Linux 9.1:
 288774348383b48d7df2aab9a0880bca  9.1/RPMS/openssl-0.9.7a-1.1mdk.i586.rpm
 0c74aa06e11cebfd819f791bcc4273d5  9.1/RPMS/libopenssl0-0.9.6i-1.1mdk.i586.rpm
 2b55957ae61d7358f285c9c0367faaaa  9.1/RPMS/libopenssl0.9.7-0.9.7a-1.1mdk.i586.rpm
 21742fc79ee8127df48c2ac8e442dd9e  9.1/RPMS/libopenssl0.9.7-devel-0.9.7a-1.1mdk.i586.rpm
 773588cdfb5e60f79bc9fba2c519e558  9.1/RPMS/libopenssl0.9.7-static-devel-0.9.7a-1.1mdk.i586.rpm
 0b94e67c6e3e1bc3401a527094bc00de  9.1/SRPMS/openssl-0.9.7a-1.1mdk.src.rpm
 b95b94b3edb0c6a1a7c1e8d3d1f028fa  9.1/SRPMS/openssl0.9.6-0.9.6i-1.1mdk.src.rpm

 Mandrake Linux 9.1/PPC:
 00f6efe10d3d5b6a0190ccd5498c09e5  ppc/9.1/RPMS/openssl-0.9.7a-1.1mdk.ppc.rpm
 622128e23bbe2e34c90bd4ee27384621  ppc/9.1/RPMS/libopenssl0-0.9.6i-1.1mdk.ppc.rpm
 8398460586e2e2551db62d7206bdc9db  ppc/9.1/RPMS/libopenssl0.9.7-0.9.7a-1.1mdk.ppc.rpm
 ccc5f5eb95404a3f114dbe486d466350  ppc/9.1/RPMS/libopenssl0.9.7-devel-0.9.7a-1.1mdk.ppc.rpm
 cfcfacd4af2fcd34afa32d9494e81277  ppc/9.1/RPMS/libopenssl0.9.7-static-devel-0.9.7a-1.1mdk.ppc.rpm
 0b94e67c6e3e1bc3401a527094bc00de  ppc/9.1/SRPMS/openssl-0.9.7a-1.1mdk.src.rpm
 b95b94b3edb0c6a1a7c1e8d3d1f028fa  ppc/9.1/SRPMS/openssl0.9.6-0.9.6i-1.1mdk.src.rpm

 Multi Network Firewall 8.2:
 dda78cd11a20595e53312afc653fac9f  mnf8.2/RPMS/openssl-0.9.6i-1.4mdk.i586.rpm
 4a7cd0178f82443f809cb38891582175  mnf8.2/RPMS/libopenssl0-0.9.6i-1.4mdk.i586.rpm
 af0095b439927a91290dd7042ee5628b  mnf8.2/SRPMS/openssl-0.9.6i-1.4mdk.src.rpm

 Single Network Firewall 7.2:
 2456e38a9b1cb8a7a417ce813722d359  snf7.2/RPMS/openssl-0.9.5a-9.5mdk.i586.rpm
 b81d7f132522e14f3ff3c72084ff598d  snf7.2/SRPMS/openssl-0.9.5a-9.5mdk.src.rpm
________________________________________________________________________

Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
________________________________________________________________________

To upgrade automatically, use MandrakeUpdate.  The verification of md5
checksums and GPG signatures is performed automatically for you.

If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm".  A list of
FTP mirrors can be obtained from:

   http://www.mandrakesecure.net/en/ftp.php

Please verify the update prior to upgrading to ensure the integrity of
the downloaded package.  You can do this with the command:

  rpm --checksig 

All packages are signed by MandrakeSoft for security.  You can obtain
the GPG public key of the Mandrake Linux Security Team from:

  https://www.mandrakesecure.net/RPM-GPG-KEYS

Please be aware that sometimes it takes the mirrors a few hours to
update.

You can view other update advisories for Mandrake Linux at:

   http://www.mandrakesecure.net/en/advisories/

MandrakeSoft has several security-related mailing list services that
anyone can subscribe to.  Information on these lists can be obtained by
visiting:

   http://www.mandrakesecure.net/en/mlist.php

If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

Type Bits/KeyID     Date       User ID
pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Pirate Bay founder guilty in historic hacker case
Parallels CTO: Linux container security is not the problem
Advisory says to assume all Drupal 7 websites are compromised
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.