ID

VAR-201605-0075

CVE

CVE-2016-2105

TITLE

OpenSSL of crypto/evp/encode.c of EVP_EncodeUpdate Integer overflow vulnerability in functions

DESCRIPTION

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. Security Fix(es): * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. After installing the updated packages, the httpd daemon will be restarted automatically. (CVE-2016-5387) * It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method. (CVE-2016-3110) * It was found that OpenSSL's BigNumber Squaring implementation could produce incorrect results under certain special conditions. Note that this issue occurred rarely and with a low probability, and there is currently no known way of exploiting it. The References section of this erratum contains a download link (you must log in to download the update). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201612-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack. Background ========== OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/openssl < 1.0.2j >= 1.0.2j Description =========== Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details. Additionally, a time based side-channel attack may allow a local attacker to recover a private DSA key. Workaround ========== There is no known workaround at this time. Resolution ========== All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j" References ========== [ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201612-16 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat JBoss Enterprise Application Platform 6.4.10 natives update on RHEL 6 Advisory ID: RHSA-2016:2055-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2055.html Issue date: 2016-10-12 CVE Names: CVE-2015-3183 CVE-2015-3195 CVE-2015-4000 CVE-2016-2105 CVE-2016-2106 CVE-2016-2108 CVE-2016-2109 CVE-2016-3110 CVE-2016-4459 ===================================================================== 1. Summary: Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.10 natives, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server - i386, noarch, ppc64, x86_64 3. Description: Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release includes bug fixes and enhancements, as well as a new release of OpenSSL that addresses a number of outstanding security flaws. For further information, see the knowledge base article linked to in the References section. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect. Security Fix(es): * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. (CVE-2016-2108) * Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) * A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) * A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites). An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2106) * It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP). (CVE-2016-3110) * A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data. (CVE-2016-2109) * It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash. (CVE-2016-4459) Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2105, and CVE-2016-2106 and Michal Karm Babacek for reporting CVE-2016-3110. The CVE-2016-4459 issue was discovered by Robert Bost (Red Hat). Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno BAPck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; and Guido Vranken as the original reporter of CVE-2016-2105 and CVE-2016-2106. 4. Solution: Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 5. Bugs fixed (https://bugzilla.redhat.com/): 1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks 1243887 - CVE-2015-3183 httpd: HTTP request smuggling attack against chunked request parser 1288322 - CVE-2015-3195 OpenSSL: X509_ATTRIBUTE memory leak 1326320 - CVE-2016-3110 mod_cluster: remotely Segfault Apache http server 1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data 1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder 1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow 1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow 1341583 - CVE-2016-4459 mod_cluster: Buffer overflow in mod_manager when sending request with long JVMRoute 1345987 - RHEL6 RPMs: Upgrade mod_cluster-native to 1.2.13.Final-redhat-1 1345991 - RHEL6 RPMs: Upgrade mod_jk to 1.2.41.redhat-1 1345995 - RHEL6 RPMs: Upgrade tomcat-native to 1.1.34 6. Package List: Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server: Source: hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.src.rpm httpd-2.2.26-54.ep6.el6.src.rpm jbcs-httpd24-openssl-1.0.2h-4.jbcs.el6.src.rpm mod_jk-1.2.41-2.redhat_4.ep6.el6.src.rpm tomcat-native-1.1.34-5.redhat_1.ep6.el6.src.rpm i386: hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.i386.rpm hornetq-native-debuginfo-2.3.25-4.SP11_redhat_1.ep6.el6.i386.rpm httpd-2.2.26-54.ep6.el6.i386.rpm httpd-debuginfo-2.2.26-54.ep6.el6.i386.rpm httpd-devel-2.2.26-54.ep6.el6.i386.rpm httpd-manual-2.2.26-54.ep6.el6.i386.rpm httpd-tools-2.2.26-54.ep6.el6.i386.rpm jbcs-httpd24-openssl-1.0.2h-4.jbcs.el6.i686.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-4.jbcs.el6.i686.rpm jbcs-httpd24-openssl-devel-1.0.2h-4.jbcs.el6.i686.rpm jbcs-httpd24-openssl-libs-1.0.2h-4.jbcs.el6.i686.rpm jbcs-httpd24-openssl-perl-1.0.2h-4.jbcs.el6.i686.rpm jbcs-httpd24-openssl-static-1.0.2h-4.jbcs.el6.i686.rpm jbossas-hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.i386.rpm jbossas-jbossweb-native-1.1.34-5.redhat_1.ep6.el6.i386.rpm mod_jk-ap22-1.2.41-2.redhat_4.ep6.el6.i386.rpm mod_jk-debuginfo-1.2.41-2.redhat_4.ep6.el6.i386.rpm mod_ldap-2.2.26-54.ep6.el6.i386.rpm mod_ssl-2.2.26-54.ep6.el6.i386.rpm tomcat-native-1.1.34-5.redhat_1.ep6.el6.i386.rpm tomcat-native-debuginfo-1.1.34-5.redhat_1.ep6.el6.i386.rpm noarch: jbcs-httpd24-1-3.jbcs.el6.noarch.rpm jbcs-httpd24-runtime-1-3.jbcs.el6.noarch.rpm ppc64: hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.ppc64.rpm hornetq-native-debuginfo-2.3.25-4.SP11_redhat_1.ep6.el6.ppc64.rpm httpd-2.2.26-54.ep6.el6.ppc64.rpm httpd-debuginfo-2.2.26-54.ep6.el6.ppc64.rpm httpd-devel-2.2.26-54.ep6.el6.ppc64.rpm httpd-manual-2.2.26-54.ep6.el6.ppc64.rpm httpd-tools-2.2.26-54.ep6.el6.ppc64.rpm jbcs-httpd24-openssl-1.0.2h-4.jbcs.el6.ppc64.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-4.jbcs.el6.ppc64.rpm jbcs-httpd24-openssl-devel-1.0.2h-4.jbcs.el6.ppc64.rpm jbcs-httpd24-openssl-libs-1.0.2h-4.jbcs.el6.ppc64.rpm jbcs-httpd24-openssl-perl-1.0.2h-4.jbcs.el6.ppc64.rpm jbcs-httpd24-openssl-static-1.0.2h-4.jbcs.el6.ppc64.rpm jbossas-hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.ppc64.rpm jbossas-jbossweb-native-1.1.34-5.redhat_1.ep6.el6.ppc64.rpm mod_jk-ap22-1.2.41-2.redhat_4.ep6.el6.ppc64.rpm mod_jk-debuginfo-1.2.41-2.redhat_4.ep6.el6.ppc64.rpm mod_ldap-2.2.26-54.ep6.el6.ppc64.rpm mod_ssl-2.2.26-54.ep6.el6.ppc64.rpm tomcat-native-1.1.34-5.redhat_1.ep6.el6.ppc64.rpm tomcat-native-debuginfo-1.1.34-5.redhat_1.ep6.el6.ppc64.rpm x86_64: hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.x86_64.rpm hornetq-native-debuginfo-2.3.25-4.SP11_redhat_1.ep6.el6.x86_64.rpm httpd-2.2.26-54.ep6.el6.x86_64.rpm httpd-debuginfo-2.2.26-54.ep6.el6.x86_64.rpm httpd-devel-2.2.26-54.ep6.el6.x86_64.rpm httpd-manual-2.2.26-54.ep6.el6.x86_64.rpm httpd-tools-2.2.26-54.ep6.el6.x86_64.rpm jbcs-httpd24-openssl-1.0.2h-4.jbcs.el6.x86_64.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-4.jbcs.el6.x86_64.rpm jbcs-httpd24-openssl-devel-1.0.2h-4.jbcs.el6.x86_64.rpm jbcs-httpd24-openssl-libs-1.0.2h-4.jbcs.el6.x86_64.rpm jbcs-httpd24-openssl-perl-1.0.2h-4.jbcs.el6.x86_64.rpm jbcs-httpd24-openssl-static-1.0.2h-4.jbcs.el6.x86_64.rpm jbossas-hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el6.x86_64.rpm jbossas-jbossweb-native-1.1.34-5.redhat_1.ep6.el6.x86_64.rpm mod_jk-ap22-1.2.41-2.redhat_4.ep6.el6.x86_64.rpm mod_jk-debuginfo-1.2.41-2.redhat_4.ep6.el6.x86_64.rpm mod_ldap-2.2.26-54.ep6.el6.x86_64.rpm mod_ssl-2.2.26-54.ep6.el6.x86_64.rpm tomcat-native-1.1.34-5.redhat_1.ep6.el6.x86_64.rpm tomcat-native-debuginfo-1.1.34-5.redhat_1.ep6.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-3183 https://access.redhat.com/security/cve/CVE-2015-3195 https://access.redhat.com/security/cve/CVE-2015-4000 https://access.redhat.com/security/cve/CVE-2016-2105 https://access.redhat.com/security/cve/CVE-2016-2106 https://access.redhat.com/security/cve/CVE-2016-2108 https://access.redhat.com/security/cve/CVE-2016-2109 https://access.redhat.com/security/cve/CVE-2016-3110 https://access.redhat.com/security/cve/CVE-2016-4459 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/2688611 https://access.redhat.com/solutions/222023 https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFX/nC3XlSAg2UNWIIRAl73AJwMWQGEz9iZUcT7H8h4DJigvv8JtgCdHdCf 4sZxcVqDWWAwzVeNvxo3kSk= =hA1L -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . This could lead to a heap corruption. This could lead to a heap corruption. CVE-2016-2107 Juraj Somorovsky discovered a padding oracle in the AES CBC cipher implementation based on the AES-NI instruction set. This could allow an attacker to decrypt TLS traffic encrypted with one of the cipher suites based on AES CBC. CVE-2016-2108 David Benjamin from Google discovered that two separate bugs in the ASN.1 encoder, related to handling of negative zero integer values and large universal tags, could lead to an out-of-bounds write. CVE-2016-2109 Brian Carpenter discovered that when ASN.1 data is read from a BIO using functions such as d2i_CMS_bio(), a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory. CVE-2016-2176 Guido Vranken discovered that ASN.1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. This could result in arbitrary stack data being returned in the buffer. Additional information about these issues can be found in the OpenSSL security advisory at https://www.openssl.org/news/secadv/20160503.txt For the stable distribution (jessie), these problems have been fixed in version 1.0.1k-3+deb8u5. For the unstable distribution (sid), these problems have been fixed in version 1.0.2h-1. We recommend that you upgrade your openssl packages

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

CONFIGURATIONS

EXPLOIT AVAILABILITY

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2026-04-18T21:54:19.239000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE