rhsa-2003_117
Vulnerability from csaf_redhat
Published
2003-04-15 13:13
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: openssl security update for Stronghold

Notes

Topic
Updated versions of Stronghold 3.0 that fix two OpenSSL vulnerabilities are now available.
Details
Stronghold 3 contains a number of open source technologies including OpenSSL. Two issues in OpenSSL have recently been discovered: OpenSSL is a commercial-grade, full-featured, and open source toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols. It also implements a full-strength general purpose cryptography library. Researchers have discovered a timing attack on RSA keys. Applications making use of OpenSSL are generally vulnerable to such an attack, unless RSA blinding has been turned on. OpenSSL does not use RSA blinding by default and most applications do not enable RSA blinding. A local or remote attacker could use this attack to obtain the server's private key. This could be done by determining factors using timing differences on: (1) The number of extra reductions during Montgomery reduction (2) The use of different integer multiplication algorithms ("Karatsuba" and normal) In order for an attack to be successful, an attacker must have good network conditions that allow small changes in timing to be reliably observed. Additionally, the SSL and TLS components for OpenSSL allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack. This attack uses a large number of SSL or TLS connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext. This is also known as the "Klima-Pokorny-Rosa attack." These erratum packages contain a patch provided by the OpenSSL group that enables RSA blinding by default and protects against Klima-Pokorny-Rosa attacks.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.


To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated versions of Stronghold 3.0 that fix two OpenSSL vulnerabilities are\nnow available.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Stronghold 3 contains a number of open source technologies including\nOpenSSL.  Two issues in OpenSSL have recently been discovered:\n\nOpenSSL is a commercial-grade, full-featured, and open source toolkit that\nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols.  It also implements a full-strength general \npurpose cryptography library.\n\nResearchers have discovered a timing attack on RSA keys. Applications\nmaking use of OpenSSL are generally vulnerable to such an attack, unless\nRSA blinding has been turned on. OpenSSL does not use RSA blinding by\ndefault and most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server\u0027s\nprivate key.  This could be done by determining factors using timing\ndifferences on:\n\n(1) The number of extra reductions during Montgomery reduction\n\n(2) The use of different integer multiplication algorithms (\"Karatsuba\" and\nnormal)\n\nIn order for an attack to be successful, an attacker must have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext.  This is also known as the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default and protects against\nKlima-Pokorny-Rosa attacks.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2003:117",
        "url": "https://access.redhat.com/errata/RHSA-2003:117"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_117.json"
      }
    ],
    "title": "Red Hat Security Advisory: openssl security update for Stronghold",
    "tracking": {
      "current_release_date": "2024-11-21T22:43:04+00:00",
      "generator": {
        "date": "2024-11-21T22:43:04+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2003:117",
      "initial_release_date": "2003-04-15T13:13:00+00:00",
      "revision_history": [
        {
          "date": "2003-04-15T13:13:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2003-03-25T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:43:04+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Stronghold 3",
                "product": {
                  "name": "Red Hat Stronghold 3",
                  "product_id": "Red Hat Stronghold 3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:stronghold:3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Stronghold Cross Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2003-0131",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616975"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.",
          "title": "Statement"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2003-0131"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616975",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616975"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2003-0131",
          "url": "https://www.cve.org/CVERecord?id=CVE-2003-0131"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2003-0131",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2003-0131"
        }
      ],
      "release_date": "2003-03-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-04-15T13:13:00+00:00",
          "details": "We have backported the security fixes for the versions of OpenSSL included\nin Stronghold 3. Stronghold 3.0 build code 3022 is now available, includes\nthese fixes, and can be downloaded from:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml",
          "product_ids": [
            "Red Hat Stronghold 3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:117"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2003-0147",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616986"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server\u0027s private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
          "title": "Statement"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2003-0147"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616986",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616986"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2003-0147",
          "url": "https://www.cve.org/CVERecord?id=CVE-2003-0147"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2003-0147",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2003-0147"
        }
      ],
      "release_date": "2003-03-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-04-15T13:13:00+00:00",
          "details": "We have backported the security fixes for the versions of OpenSSL included\nin Stronghold 3. Stronghold 3.0 build code 3022 is now available, includes\nthese fixes, and can be downloaded from:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml",
          "product_ids": [
            "Red Hat Stronghold 3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:117"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.