Security Alert (A16-05-01): Multiple Vulnerabilities in OpenSSL
04 May 2016
Multiple vulnerabilities are found in the OpenSSL library. The vulnerabilities are caused by padding oracle weakness, and memory corruption when applications parse and re-encode X.509 certificates, or verify RSA signatures on X.509 certificates. An attacker could use a padding oracle attack to decrypt certain traffic if an AES CBC cipher is used and the server supports AES-NI, or send a specially crafted X.509 certificate to exploit the vulnerabilities.
OpenSSL versions prior to 1.0.1t, 1.0.2h
Any systems such as operating systems, web servers, VPN gateways or appliances using affected OpenSSL libraries
Successful exploitation could lead to denial of service, remote code execution or information disclosure.
Related vulnerabilities are fixed in OpenSSL 1.0.1t and 1.0.2h. Users with systems such as HTTPS protected websites or SSL-VPN gateways using OpenSSL to encrypt network traffic should check with their product vendors if the vulnerable OpenSSL versions are used and if so, upgrade to the fixed versions or follow the recommendations provided by the product vendors to mitigate the risk.
The OpenSSL Software Foundation announced that support for OpenSSL 1.0.1 will be ceased after 31 Dec 2016, no security updates will be provided after that. Moreover, support for versions 0.9.8 and 1.0.0 was already ended on 31 Dec 2015. Users should consider upgrading to the latest versions, or contact their product vendors for support.