Test ID:	1.3.6.1.4.1.25623.1.0.50993
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2003:102
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2003:102. OpenSSL is a commercial-grade, full-featured, open source toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, and provides a full-strength general purpose cryptography library. Researchers discovered a timing attack on RSA keys. Applications making use of OpenSSL are generally vulnerable to such an attack, unless RSA blinding has been turned on. OpenSSL does not use RSA blinding by default and most applications do not enable RSA blinding. A local or remote attacker could use this attack to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (Karatsuba and normal). In order for an attack to be sucessful, an attacker must have good network conditions that allow small changes in timing to be reliably observed. Additionally, the SSL and TLS components for OpenSSL allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack. This attack (also known as the Klima-Pokorny-Rosa attack) uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding to cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext. These erratum packages contain a patch provided by the OpenSSL group that enables RSA blinding by default, and protects against the Klima-Pokorny-Rosa attack. Because server applications are affected by these vulnerabilities, we advise users to restart all services that use OpenSSL functionality or, alternatively, reboot their systems after installing these updates. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2003-102.html http://crypto.stanford.edu/~ dabo/papers/ssl-timing.pdf http://eprint.iacr.org/2003/052/ Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0147 http://www.securityfocus.com/archive/1/316165/30/25370/threaded Bugtraq: 20030313 Vulnerability in OpenSSL (Google Search) http://marc.info/?l=bugtraq&m=104766550528628&w=2 Bugtraq: 20030317 [ADVISORY] Timing Attack on OpenSSL (Google Search) http://marc.info/?l=bugtraq&m=104792570615648&w=2 Bugtraq: 20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl) (Google Search) http://marc.info/?l=bugtraq&m=104819602408063&w=2 Bugtraq: 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL (Google Search) Bugtraq: 20030327 Immunix Secured OS 7+ openssl update (Google Search) http://www.securityfocus.com/archive/1/316577/30/25310/threaded Caldera Security Advisory: CSSA-2003-014.0 ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt CERT/CC vulnerability note: VU#997481 http://www.kb.cert.org/vuls/id/997481 Conectiva Linux advisory: CLA-2003:625 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625 Debian Security Information: DSA-288 (Google Search) http://www.debian.org/security/2003/dsa-288 En Garde Linux Advisory: ESA-20030320-010 FreeBSD Security Advisory: FreeBSD-SA-03:06 http://marc.info/?l=bugtraq&m=104829040921835&w=2 http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml http://marc.info/?l=bugtraq&m=104861762028637&w=2 Immunix Linux Advisory: IMNX-2003-7+-001-01 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035 http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466 http://www.redhat.com/support/errata/RHSA-2003-101.html http://www.redhat.com/support/errata/RHSA-2003-102.html RedHat Security Advisories: RHSA-2003:205 SGI Security Advisory: 20030501-01-I ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html Common Vulnerability Exposure (CVE) ID: CVE-2003-0131 BugTraq ID: 7148 http://www.securityfocus.com/bid/7148 Bugtraq: 20030319 [OpenSSL Advisory] Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding (Google Search) http://marc.info/?l=bugtraq&m=104811162730834&w=2 Bugtraq: 20030324 GLSA: openssl (200303-20) (Google Search) http://marc.info/?l=bugtraq&m=104852637112330&w=2 CERT/CC vulnerability note: VU#888801 http://www.kb.cert.org/vuls/id/888801 http://www.gentoo.org/security/en/glsa/glsa-200303-20.xml http://www.mandriva.com/security/advisories?name=MDKSA-2003:035 http://eprint.iacr.org/2003/052/ http://www.linuxsecurity.com/advisories/immunix_advisory-3066.html NETBSD Security Advisory: NetBSD-SA2003-007 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-007.txt.asc http://www.openpkg.org/security/OpenPKG-SA-2003.026-openssl.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A461 SuSE Security Announcement: SuSE-SA:2003:024 (Google Search) https://lists.opensuse.org/opensuse-security-announce/2003-04/msg00005.html http://marc.info/?l=bugtraq&m=104878215721135&w=2 XForce ISS Database: ssl-premaster-information-leak(11586) https://exchange.xforce.ibmcloud.com/vulnerabilities/11586
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.