From: Slava Dubrovskiy <slava@tangramltd.com>
To: Sisyphus@lists.altlinux.org
Subject: [sisyphus] OpenSSL overflow
Date: Mon, 25 May 2009 15:56:31 +0300
Message-ID: <4A1A957F.9080206@tangramltd.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 1828 bytes --]
Здравствуйте
Использую бранч 5.0
Банк требует прохождение сервером теста https://www.hackerguardian.com
При тестировании получаю:
Security hole found on port/service "https (443/tcp)"
Plugin "OpenSSL overflow (generic test)"
Category "Gain a shell remotely "
Priority "Medium Priority "The remote host seems to be using a
version of OpenSSL which is older than 0.9.6e or 0.9.7-beta3 This
version is vulnerable to a buffer overflow which, may allow an attacker
to obtain a shell on this host. *** Note that since safe checks are
enabled, this check *** might be fooled by non-openssl implementations
and *** produce a false positive. *** In doubt, re-execute the scan
without the safe checks
Solution : Upgrade to version 0.9.6e (0.9.7beta3) or newer
Risk factor : High
CVE: CVE-2002-0656
http://cgi.nessus.org/cve.php3?cve=CVE-2002-0656
CVE-2002-0655 http://cgi.nessus.org/cve.php3?cve=CVE-2002-0655
CVE-2002-0657 http://cgi.nessus.org/cve.php3?cve=CVE-2002-0657
CVE-2002-0659 http://cgi.nessus.org/cve.php3?cve=CVE-2002-0659
CVE-2001-1141 http://cgi.nessus.org/cve.php3?cve=CVE-2001-1141
BID : 3004, 5361, 5362, 5363, 5364, 5366 Other references :
IAVA:2002-a-0004, OSVDB:853, OSVDB:857, OSVDB:3940, OSVDB:3941,
OSVDB:3942, OSVDB:3943, SuSE:SUSE-SA:2002:033
Естественно что на сервере:
# rpm -qa | grep -i ssl
libssl7-0.9.8j-alt1
openssl-0.9.8j-alt1
Вопрос: Это ошибка теста, или эта уязвимость действительно существует?
Как проверить и доказать что уязвимости нет?
--
WBR,
Dubrovskiy Vyacheslav
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 3262 bytes --]
next reply other threads:[~2009-05-25 12:56 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-25 12:56 Slava Dubrovskiy [this message]
2009-05-25 13:02 ` Max Ivanov
2009-05-25 13:30 ` Slava Dubrovskiy
2009-05-25 17:59 ` Slava Dubrovskiy
2009-05-25 13:36 ` Vladimir Lettiev
2009-05-25 14:24 ` Evgeny Sinelnikov
2009-05-25 14:24 ` Evgeny Sinelnikov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A1A957F.9080206@tangramltd.com \
--to=slava@tangramltd.com \
--cc=Sisyphus@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Sisyphus discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sisyphus/0 sisyphus/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sisyphus sisyphus/ http://lore.altlinux.org/sisyphus \
sisyphus@altlinux.ru sisyphus@altlinux.org sisyphus@lists.altlinux.org sisyphus@lists.altlinux.ru sisyphus@lists.altlinux.com sisyphus@linuxteam.iplabs.ru sisyphus@list.linux-os.ru
public-inbox-index sisyphus
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sisyphus
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git