Vulnerability fixed in OpenSSL
A vulnerability discovered in OpenSSL could enable a remote attacker to bypass signature checks and launch spoofing attacks.The flaw, though, was patched Wednesday in OpenSSL 0.9.8j.
The problem was that several functions inside OpenSSL, an open-source implementation of the Secure Sockets Layer protocol, did not check signatures correctly, according to an advisory. The issue involves signature checks on Digital Signature Algorithm (DSA) and the Elliptic Curve Digital Signature Algorithm (ECDSA) keys used with SSL/TLS, the advisory said.
The application incorrectly verifies the return value of the EVP_VerifyFinal function, resulting in “malformed” signatures being treated as a good rather than as an error. The vulnerability affects versions of OpenSSL released prior to 0.9.8j.
The flaw could be exploited by a remote attacker in control of a malicious server or with a "man in the middle" attack, in which a malformed SSL/TLS signature from a certificate chain is presented to a vulnerable client, bypassing validation, according to the advisory.
Users are being advised by US-CERT and OpenSSL to update to version 0.9.8j. The Open Source Computer Emergency Response Team (oCERT) also issued an advisory, noting the bug affects a number of packages that use OpenSSL EVP_VerifyFinal function and incorrectly check the return code.
