Note: This is an archival copy of Security Sun Alert 201247 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000931.1. |
Category Security Release Phase Resolved Solaris 9 Operating System Solaris 10 Operating System Bug Id 6467218 Date of Workaround Release 08-DEC-2006 Date of Resolved Release 08-NOV-2007 Impact A security vulnerability in the RSA signature verification implementation in the OpenSSL product may incorrectly verify data signed with a forged signature. This will affect applications which make use of OpenSSL to verify RSA signatures. The direct impact to these applications will depend on the way in which this signed data is used. OpenSSL is shipped with Solaris 10 (see openssl(5)). This library is not shipped with Solaris 9, however, a number of Solaris 9 applications statically link against this library and may be affected by these vulnerabilities. This Sun Alert provides details about the individual patches which should be installed to update the OpenSSL product on Solaris 10 and all potentially impacted Solaris 9 applications. This issue is also described in the following documents:
Note: The issue described in this Sun Alert is specific to the OpenSSL shipped with Solaris. Multiple Sun products are affected by this issue. For more details please see Sun Alert 102648. Contributing Factors These issues can occur with the OpenSSL included in the following applications and releases: SPARC Platform
x86 Platform
Note 1: Solaris 8 is not impacted by this issue. Note 2: Solaris 9 does not ship with OpenSSL libraries which can be used for application linking. Note 3: The Solaris 9 SSH patches listed above update the OpenSSL library used by SSH to a version that is not impacted by this issue. However, this fix is not required for Solaris 9 systems which have the following patches installed, as the SSH that is contained in those patches does not make use of the impacted code from the OpenSSL library:
Note 4: This issue is only exploitable in cases where keys with certain properties are used. Tools such as openssl(1) (which is shipped with Solaris 10, Solaris 9 does not include a tool which can be used for this purpose) can be used to get the needed properties: $ openssl x509 -pubkey -in server.crt -text If the output contains the following lines, then signatures of this key can be forged: Public Key Algorithm: rsaEncryption Exponent: 3 (0x3) For more information about displaying public keys and certificate signature verification, see the openssl(1) manual page on Solaris 10. As an example of an affected application, Solaris 10 is distributed with the Apache web server. This server can be configured to accept connections with the HTTPS protocol. Since Apache uses OpenSSL for cryptographic operations it may be impacted by this vulnerability under certain circumstances. To verify that a system running the Apache web server is configured to accept HTTPS connections a command such as the following can be used: $ svcprop -p httpd/ssl svc:network/http:apache2 If the above command reports "true" then Apache is configured to accept HTTPS connections. The following command can be used to check whether a system that is configured to accept HTTPS connections uses certificates for client authentication: $ grep SSLVerifyClient /etc/apache2/ssl.conf If the output contains the following line, then the system is vulnerable: SSLVerifyClient require In such cases, an unprivileged remote user could gain access to restricted documents served by the Apache server. This depends on the type of certificates in use, as described above. Symptoms There are no predictable symptoms that would indicate the described issue has been exploited to forge a signature for trusted application data. Workaround Until patches can be applied, sites may wish to disable the verification of RSA signatures or only enable the verification of RSA signatures created with RSA keys that have an exponent other than 3. Please see the application documentation for instructions on how to disable verification of certificates containing keys with the above mentioned properties. Resolution These issues are addressed in the following releases: SPARC Platform
x86 Platform
Modification History Date: 08-NOV-2007
Date: 13-NOV-2007
References121229-02121230-02 113273-14 114356-11 113713-24 114357-10 114858-11 114568-23 Attachments This solution has no attachment |
|