exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2017-3738

Status Candidate

Overview

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.

Related Files

Red Hat Security Advisory 2018-2186-01
Posted Jul 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2186-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2016-2182, CVE-2016-6302, CVE-2016-6306, CVE-2016-7055, CVE-2017-3731, CVE-2017-3732, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738
SHA-256 | 3ae001c838be7fe63f3f17218120c104c0337869b4012d6ba095f9df05b116a8
Red Hat Security Advisory 2018-2185-01
Posted Jul 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2185-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2016-2182, CVE-2016-6302, CVE-2016-6306, CVE-2016-7055, CVE-2017-3731, CVE-2017-3732, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738
SHA-256 | 7e87933107e4717883ce5385c59d3741b7ecc791f11d4f3340888ec72b50870b
Red Hat Security Advisory 2018-2187-01
Posted Jul 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2187-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include out-of-bounds access.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-2182, CVE-2016-6302, CVE-2016-6306, CVE-2016-7055, CVE-2017-3731, CVE-2017-3732, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738
SHA-256 | 3cf3a4008f8603285e63957d08f151b7215154836af4d8dfe0c8ddd59cc6c556
Red Hat Security Advisory 2018-0998-01
Posted Apr 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0998-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include an overflow issue.

tags | advisory, overflow, protocol
systems | linux, redhat
advisories | CVE-2017-3736, CVE-2017-3737, CVE-2017-3738
SHA-256 | 6168c059542581f19fa9bbb4b7ec633dce320694f1a1867ac12680acc809cebe
Debian Security Advisory 4157-1
Posted Mar 30, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4157-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-3738, CVE-2018-0739
SHA-256 | e8680537002526b1337312ee29fa9521aef52fdb74130e66d0d1dac4c4dbbbdb
OpenSSL Security Advisory 20180327
Posted Mar 27, 2018
Site openssl.org

OpenSSL Security Advisory 20180327 - Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Other issues were also addressed.

tags | advisory, denial of service
advisories | CVE-2015-3193, CVE-2016-0701, CVE-2017-3732, CVE-2017-3736, CVE-2017-3738, CVE-2018-0733, CVE-2018-0739
SHA-256 | 06f896618c972892739490677cca48ef1283e588c8790590bbec26307dcc26b6
Gentoo Linux Security Advisory 201712-03
Posted Dec 15, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201712-3 - Multiple vulnerabilities have been found in OpenSSL, the worst of which may lead to a Denial of Service condition. Versions less than 1.0.2n are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2017-3735, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738
SHA-256 | fce3728192f2ad29f4f85aa453b99dae4b60a8dc3c7ceb2e2bc45239433e0b60
Ubuntu Security Notice USN-3512-1
Posted Dec 12, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3512-1 - David Benjamin discovered that OpenSSL did not correctly prevent buggy applications that ignore handshake errors from subsequently calling certain functions. It was discovered that OpenSSL incorrectly performed the x86_64 Montgomery multiplication procedure. While unlikely, a remote attacker could possibly use this issue to recover private keys.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-3737, CVE-2017-3738
SHA-256 | a103b944d6f8a85749386afed57846e8edac57db3a95092b4bd3128777b3642f
Slackware Security Advisory - openssl Updates
Posted Dec 12, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-3737, CVE-2017-3738
SHA-256 | df944e02ba3ab7e2c344e82703dedcc6aaf7c147044b9875407518d20e3be9a5
FreeBSD Security Advisory - FreeBSD-SA-17:12.openssl
Posted Dec 12, 2017
Site security.freebsd.org

FreeBSD Security Advisory - Invoking SSL_read()/SSL_write() while in an error state causes data to be passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. Various other issues were addressed.

tags | advisory
systems | freebsd, bsd
advisories | CVE-2017-3737, CVE-2017-3738
SHA-256 | bb3377d0fb3c1fc7d239e5446ade3da5c43af286b662042e0a558c54cd6d4ed5
OpenSSL Toolkit 1.0.2n
Posted Dec 9, 2017
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Read/write after SSL object in error state addressed. rsaz_1024_mul_avx2 overflow bug on x86_64 addressed. Various other issues address.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2017-3737, CVE-2017-3738
SHA-256 | 370babb75f278c39e0c50e8c4e7493bc0f18db6867478341a832a982fd15a8fe
OpenSSL Security Advisory 20171207
Posted Dec 7, 2017
Site openssl.org

OpenSSL Security Advisory 20171207 - OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. Other issues were also addressed.

tags | advisory
advisories | CVE-2015-3193, CVE-2016-0701, CVE-2017-3732, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738
SHA-256 | 5b23d35b31c30e0ba27356ef231c18b5e034386ca01935b4c9740a2cf6a7469b
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close