Note: This is an archival copy of Security Sun Alert 273029 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1021653.1.
Solaris 10 Operating System
Date of Workaround Release
Date of Resolved Release:
Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Involving Handshake Renegotiation Affects OpenSSL
A security vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) protocols in the handling of session renegotiations affects OpenSSL (see openssl(5)). This issue may allow a remote unauthenticated user with the ability to intercept and control network traffic to perform man-in-the-middle (MITM) attack to inject arbitrary plaintext at the beginning of the application protocol stream, thus compromising the integrity of the communication. This vulnerability does not allow one to decrypt the intercepted network communication.
The exact nature of the impact of compromised data integrity depends on the application making use of the OpenSSL libraries.
Sun acknowledges with thanks, Marsh Ray and Steve Dispensa of PhoneFactor for bringing this issue to our attention.
This issue is also referenced in the following documents:
CVE-2009-3555 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
US-CERT VU#120541 at http://www.kb.cert.org/vuls/id/120541
2. Contributing Factors
This issue can occur in the following releases:
1. Solaris 8 is not impacted by this issue.
2. Solaris 9 does not ship with OpenSSL libraries which can be used for application linking and is thus not impacted by this issue.
OpenSolaris distributions may include additional bug fixes above and beyond the build from which it was derived. The base build can be derived as follows:
$ uname -v3. Symptoms
There are no predictable symptoms that would indicate the described issue has occurred.
Solaris Kernel SSL proxy module, KSSL (see ksslcfg(1M)) does not support client renegotiation or rehandshake. Server applications which use the KSSL module are not affected by this issue. KSSL may be used to work around the described issue in such applications.
This issue is addressed for applications that do not depend on TLS session renegotiations in the following releases:
03-Dec-2009: Updated Contributing Factors and Resolution sections for OpenSolaris
22-Jun-2010: Updated Contributing Factors and Resolution sections for patch release; issue is Resolved
This solution has no attachment