{"id":4151,"date":"2014-06-06T13:19:04","date_gmt":"2014-06-06T05:19:04","guid":{"rendered":"https:\/\/www.icocean.com\/blog\/?p=4151"},"modified":"2014-06-06T13:19:04","modified_gmt":"2014-06-06T05:19:04","slug":"%e6%96%b0openssl%e4%b8%ad%e9%97%b4%e4%ba%ba%e6%bc%8f%e6%b4%9e%e5%bd%b1%e5%93%8d%e6%89%80%e6%9c%89%e7%89%88%e6%9c%ac","status":"publish","type":"post","link":"https:\/\/www.icocean.com\/blog\/?p=4151","title":{"rendered":"\u65b0OpenSSL\u4e2d\u95f4\u4eba\u6f0f\u6d1e\u5f71\u54cd\u6240\u6709\u7248\u672c"},"content":{"rendered":"<p>OpenSSL\u9879\u76ee\u62ab\u9732\u4e86<a href=\"https:\/\/www.openssl.org\/news\/secadv_20140605.txt\" target=\"_blank\">\u591a\u4e2a\u65b0\u5b89\u5168\u6f0f\u6d1e<\/a>\uff0c\u5305\u62ec\u5141\u8bb8\u4e2d\u95f4\u4eba\u653b\u51fb\u7684\u6f0f\u6d1e\u548c\u5141\u8bb8\u6267\u884c\u4ee3\u7801\u7684\u6f0f\u6d1e\u3002\u5176\u4e2d\u4e2d\u95f4\u4eba\u653b\u51fb\u6f0f\u6d1e\u4e0eChangeCipherSpec(CCS)\u5b9e\u73b0\u4e0d\u6b63\u786e\u6709\u5173\uff0c\u5b83\u5728OpenSSL 1998\u5e74\u53d1\u5e03\u7684\u65e9\u671f\u7248\u672c\u4e2d\u5c31\u5df2\u7ecf\u5b58\u5728\uff0c\u81f3\u4eca\u5df2\u670916\u5e74\u5386\u53f2\uff0c\u5f71\u54cd\u76ee\u524d\u7684\u6240\u6709\u7248\u672c\uff0c\u4f46\u4e25\u91cd\u7a0b\u5ea6\u5e76\u4e0d\u9ad8\uff0c\u56e0\u4e3a\u653b\u51fb\u8005\u62e6\u622a\u548c\u89e3\u5bc6\u52a0\u5bc6\u6d41\u91cf\u9700\u8981\u5ba2\u6237\u7aef\u548c\u670d\u52a1\u5668\u7aef\u90fd\u8fd0\u884c\u5b58\u5728\u6f0f\u6d1e\u7684OpenSSL\uff0c\u800c\u6d4f\u89c8\u5668\u5e76\u4e0d\u5305\u542bOpenSSL\u3002<\/p>\n<p>\u8be5\u6f0f\u6d1e\u7684\u53d1\u73b0\u8005\u662f\u65e5\u672c\u7814\u7a76\u5458Masashi Kikuchi\uff0c\u4ed6\u5728\u535a\u5ba2\u4e0a<a href=\"http:\/\/ccsinjection.lepidum.co.jp\/blog\/2014-06-05\/CCS-Injection-en\/index.html\" target=\"_blank\">\u4ecb\u7ecd\u4e86\u53d1\u73b0\u7ecf\u8fc7<\/a>\uff0c\u8ba4\u4e3aOpenSSL\u9879\u76ee\u5b58\u5728\u4e00\u4e2a\u8d85\u8fc716\u5e74\u7684\u6f0f\u6d1e\u7684\u6700\u4e3b\u8981\u539f\u56e0\u662f\u4ee3\u7801\u5ba1\u67e5\u4e0d\u5145\u5206\uff0c\u7f3a\u4e4f\u6709\u7ecf\u9a8c\u7684TLS\/SSL\u4e13\u5bb6\u3002<br \/>\n<!--more--><br \/>\n<a href=\"https:\/\/www.openssl.org\/news\/secadv_20140605.txt\" target=\"_blank\">https:\/\/www.openssl.org\/news\/secadv_20140605.txt<\/a><\/p>\n<p>OpenSSL Security Advisory [05 Jun 2014]<br \/>\n========================================<\/p>\n<p>SSL\/TLS MITM vulnerability (CVE-2014-0224)<br \/>\n===========================================<\/p>\n<p>An attacker using a carefully crafted handshake can force the use of weak<br \/>\nkeying material in OpenSSL SSL\/TLS clients and servers. This can be exploited<br \/>\nby a Man-in-the-middle (MITM) attack where the attacker can decrypt and<br \/>\nmodify traffic from the attacked client and server.<\/p>\n<p>The attack can only be performed between a vulnerable client *and*<br \/>\nserver. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers<br \/>\nare only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users<br \/>\nof OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.<\/p>\n<p>OpenSSL 0.9.8 SSL\/TLS users (client and\/or server) should upgrade to 0.9.8za.<br \/>\nOpenSSL 1.0.0 SSL\/TLS users (client and\/or server) should upgrade to 1.0.0m.<br \/>\nOpenSSL 1.0.1 SSL\/TLS users (client and\/or server) should upgrade to 1.0.1h.<\/p>\n<p>Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and<br \/>\nresearching this issue. This issue was reported to OpenSSL on 1st May<br \/>\n2014 via JPCERT\/CC.<\/p>\n<p>The fix was developed by Stephen Henson of the OpenSSL core team partly based<br \/>\non an original patch from KIKUCHI Masashi.<\/p>\n<p>DTLS recursion flaw (CVE-2014-0221)<br \/>\n====================================<\/p>\n<p>By sending an invalid DTLS handshake to an OpenSSL DTLS client the code<br \/>\ncan be made to recurse eventually crashing in a DoS attack.<\/p>\n<p>Only applications using OpenSSL as a DTLS client are affected.<\/p>\n<p>OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za<br \/>\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m.<br \/>\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.<\/p>\n<p>Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This<br \/>\nissue was reported to OpenSSL on 9th May 2014.<\/p>\n<p>The fix was developed by Stephen Henson of the OpenSSL core team.<\/p>\n<p>DTLS invalid fragment vulnerability (CVE-2014-0195)<br \/>\n====================================================<\/p>\n<p>A buffer overrun attack can be triggered by sending invalid DTLS fragments<br \/>\nto an OpenSSL DTLS client or server. This is potentially exploitable to<br \/>\nrun arbitrary code on a vulnerable client or server.<\/p>\n<p>Only applications using OpenSSL as a DTLS client or server affected.<\/p>\n<p>OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za<br \/>\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m.<br \/>\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.<\/p>\n<p>Thanks to J\u00fcri Aedla for reporting this issue. This issue was<br \/>\nreported to OpenSSL on 23rd April 2014 via HP ZDI.<\/p>\n<p>The fix was developed by Stephen Henson of the OpenSSL core team.<\/p>\n<p>SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)<br \/>\n=================================================================<\/p>\n<p>A flaw in the do_ssl3_write function can allow remote attackers to<br \/>\ncause a denial of service via a NULL pointer dereference. This flaw<br \/>\nonly affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is<br \/>\nenabled, which is not the default and not common.<\/p>\n<p>OpenSSL 1.0.0 users should upgrade to 1.0.0m.<br \/>\nOpenSSL 1.0.1 users should upgrade to 1.0.1h.<\/p>\n<p>This issue was reported in public. The fix was developed by<br \/>\nMatt Caswell of the OpenSSL development team.<\/p>\n<p>SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)<br \/>\n===============================================================================<\/p>\n<p>A race condition in the ssl3_read_bytes function can allow remote<br \/>\nattackers to inject data across sessions or cause a denial of service.<br \/>\nThis flaw only affects multithreaded applications using OpenSSL 1.0.0<br \/>\nand 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the<br \/>\ndefault and not common.<\/p>\n<p>OpenSSL 1.0.0 users should upgrade to 1.0.0m.<br \/>\nOpenSSL 1.0.1 users should upgrade to 1.0.1h.<\/p>\n<p>This issue was reported in public.<\/p>\n<p>Anonymous ECDH denial of service (CVE-2014-3470)<br \/>\n================================================<\/p>\n<p>OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a<br \/>\ndenial of service attack.<\/p>\n<p>OpenSSL 0.9.8 users should upgrade to 0.9.8za<br \/>\nOpenSSL 1.0.0 users should upgrade to 1.0.0m.<br \/>\nOpenSSL 1.0.1 users should upgrade to 1.0.1h.<\/p>\n<p>Thanks to Felix Gr\u00f6bert and Ivan Fratri\u0107 at Google for discovering this<br \/>\nissue. This issue was reported to OpenSSL on 28th May 2014.<\/p>\n<p>The fix was developed by Stephen Henson of the OpenSSL core team.<\/p>\n<p>Other issues<br \/>\n============<\/p>\n<p>OpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for<br \/>\nCVE-2014-0076: Fix for the attack described in the paper &#8220;Recovering<br \/>\nOpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack&#8221;<br \/>\nReported by Yuval Yarom and Naomi Benger. This issue was previously<br \/>\nfixed in OpenSSL 1.0.1g.<\/p>\n<p>References<br \/>\n==========<\/p>\n<p>URL for this Security Advisory:<br \/>\nhttp:\/\/www.openssl.org\/news\/secadv_20140605.txt<\/p>\n<p>Note: the online version of the advisory may be updated with additional<br \/>\ndetails over time.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>OpenSSL\u9879\u76ee\u62ab\u9732\u4e86\u591a\u4e2a\u65b0\u5b89\u5168\u6f0f\u6d1e\uff0c\u5305\u62ec\u5141\u8bb8\u4e2d\u95f4\u4eba\u653b\u51fb\u7684\u6f0f\u6d1e\u548c\u5141\u8bb8\u6267\u884c\u4ee3\u7801\u7684\u6f0f\u6d1e\u3002\u5176\u4e2d\u4e2d\u95f4\u4eba\u653b\u51fb\u6f0f\u6d1e\u4e0eCh <a href='https:\/\/www.icocean.com\/blog\/?p=4151' class='excerpt-more'>[&#8230;]<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[1389,1757],"class_list":["post-4151","post","type-post","status-publish","format-standard","hentry","category-4","tag-openssl","tag-ssl","category-4-id","post-seq-1","post-parity-odd","meta-position-corners","fix"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4151","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4151"}],"version-history":[{"count":1,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4151\/revisions"}],"predecessor-version":[{"id":4152,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4151\/revisions\/4152"}],"wp:attachment":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4151"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4151"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4151"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}