-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.1858
                  OpenSSL Security Advisory [15 Oct 2014]
                              16 October 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           OpenSSL
Publisher:         OpenSSL
Operating System:  UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Denial of Service        -- Remote/Unauthenticated      
                   Access Confidential Data -- Remote with User Interaction
                   Reduced Security         -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-3568 CVE-2014-3567 CVE-2014-3566
                   CVE-2014-3513  

Reference:         ASB-2014.0122
                   ESB-2014.1857
                   ESB-2014.1849

Original Bulletin: 
   https://www.openssl.org/news/secadv_20141015.txt

- --------------------------BEGIN INCLUDED TEXT--------------------

OpenSSL Security Advisory [15 Oct 2014]
=======================================

SRTP Memory Leak (CVE-2014-3513)
================================

Severity: High

A flaw in the DTLS SRTP extension parsing code allows an attacker, who
sends a carefully crafted handshake message, to cause OpenSSL to fail
to free up to 64k of memory causing a memory leak. This could be
exploited in a Denial Of Service attack. This issue affects OpenSSL
1.0.1 server implementations for both SSL/TLS and DTLS regardless of
whether SRTP is used or configured. Implementations of OpenSSL that
have been compiled with OPENSSL_NO_SRTP defined are not affected.

OpenSSL 1.0.1 users should upgrade to 1.0.1j.

This issue was reported to OpenSSL on 26th September 2014, based on an original
issue and patch developed by the LibreSSL project. Further analysis of the issue
was performed by the OpenSSL team.

The fix was developed by the OpenSSL team.


Session Ticket Memory Leak (CVE-2014-3567)
==========================================

Severity: Medium

When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
integrity of that ticket is first verified. In the event of a session
ticket integrity check failing, OpenSSL will fail to free memory
causing a memory leak. By sending a large number of invalid session
tickets an attacker could exploit this issue in a Denial Of Service
attack.

OpenSSL 1.0.1 users should upgrade to 1.0.1j.
OpenSSL 1.0.0 users should upgrade to 1.0.0o.
OpenSSL 0.9.8 users should upgrade to 0.9.8zc. 

This issue was reported to OpenSSL on 8th October 2014.

The fix was developed by Stephen Henson of the OpenSSL core team.


SSL 3.0 Fallback protection
===========================

Severity: Medium

OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications
to block the ability for a MITM attacker to force a protocol
downgrade.

Some client applications (such as browsers) will reconnect using a
downgraded protocol to work around interoperability bugs in older
servers. This could be exploited by an active man-in-the-middle to
downgrade connections to SSL 3.0 even if both sides of the connection
support higher protocols. SSL 3.0 contains a number of weaknesses
including POODLE (CVE-2014-3566).

OpenSSL 1.0.1 users should upgrade to 1.0.1j.
OpenSSL 1.0.0 users should upgrade to 1.0.0o.
OpenSSL 0.9.8 users should upgrade to 0.9.8zc. 

https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00
https://www.openssl.org/~bodo/ssl-poodle.pdf

Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller.


Build option no-ssl3 is incomplete (CVE-2014-3568)
==================================================

Severity: Low

When OpenSSL is configured with "no-ssl3" as a build option, servers
could accept and complete a SSL 3.0 handshake, and clients could be
configured to send them.

OpenSSL 1.0.1 users should upgrade to 1.0.1j.
OpenSSL 1.0.0 users should upgrade to 1.0.0o.
OpenSSL 0.9.8 users should upgrade to 0.9.8zc. 

This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014.

The fix was developed by Akamai and the OpenSSL team.


References
==========

URL for this Security Advisory:
https://www.openssl.org/news/secadv_20141015.txt

Note: the online version of the advisory may be updated with additional
details over time.

For details of OpenSSL severity classifications please see:
https://www.openssl.org/about/secpolicy.html

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVD8rBhLndAQH1ShLAQL18g//T3PMDyPbef38fTZfJZzUp3wQsiC3bP2D
2Vdz0rm6VAAMIkjMfMRxo9dAnm1A+mM9LMkMNqfowda9J8TPIdNGcdNaVOBZePJg
yTtbr3RwLvaks2cgzfH9DIMt6HF6soZjqV6WajD7aO5fI/XboQOfscHFnHGqBGOY
vfDAy5ZEFxFNI9J3wh73TMRrY0Ub/ib4cuPbBT8UtpQl3ClmtczEDnIs/QvVAaCq
8GfM4abByQKXwleWzVHDjaqdnnA0X9bbufeMcx6h1F+z4HyNcrpyaLipEfuq5/GM
jSlurBhG5AB+zAjWvuYcNKJdrFh1Stht+oxZYUdNMpQ2lwjYisr14osSzsISS6JV
gwZFQDbEHvrFA0UngJ+Eh3sex8TsluVOlQk+GehHG0ryrXfydyLn6XEMUPafkV5L
BPDJbHWrNa4c5/wbHxsCRJIf2Iq3t1bIjdDiaRgTC2tIQqo/ng4yB6CLbhkY16hW
vRQ6Ot+vwJSLzOO7sYAbFasLDgKrSAmx4C5krk2IbRyNdCE5xmoVsCm3RJ3P2mRe
A2Qmgigo+WHVDwPsrt+BP97CvIUYRW/UFJqiv1Jk0b/GtUejiIrKQ0FzKwlfhB66
PXcVjJZhqKpP7RkV+OgwiiNxS7k1xDGIcbwoKAAmLj4ySe0PZHVN1qqAiZr4sgIN
NaqJURHEp7o=
=S6KI
-----END PGP SIGNATURE-----