A vulnerability discovered in OpenSSL could enable a remote attacker to bypass signature checks and launch spoofing attacks.
The flaw, though, was patched Wednesday in OpenSSL 0.9.8j.
The problem was that several functions inside OpenSSL, an open-source implementation of the Secure Sockets Layer protocol, did not check signatures correctly, according to an advisory
. The issue involves signature checks on Digital Signature Algorithm (DSA) and the Elliptic Curve Digital Signature Algorithm (ECDSA) keys used with SSL/TLS, the advisory said.
The application incorrectly verifies the return value of the EVP_VerifyFinal function, resulting in “malformed” signatures being treated as a good rather than as an error. The vulnerability affects versions of OpenSSL released prior to 0.9.8j.
The flaw could be exploited by a remote attacker in control of a malicious server or with a "man in the middle" attack, in which a malformed SSL/TLS signature from a certificate chain is presented to a vulnerable client, bypassing validation, according to the advisory.
Users are being advised by US-CERT and OpenSSL to update to version 0.9.8j. The Open Source Computer Emergency Response Team (oCERT) also issued an advisory,
noting the bug affects a number of packages that use OpenSSL EVP_VerifyFinal function and incorrectly check the return code.