Six OpenSSL holes plugged

By on
Six OpenSSL holes plugged

Padding Oracle Attack squashed.

OpenSSL has fixed vulnerabilities in its implementation of the Datagram Transport Layer Security (DTLS) protocol that allowed secure communications to be decrypted.

The fix was one of six others contained in the latest versions of the OpenSSL library released this week.

The DTLS hole, detailed (pdf) by Kenny Paterson and Nadhem Alfardan under the 'Padding Oracle Attack'  allowed an attacker to view encrypted data in plain text.

Timing differences in the cipher-block chaining process allowed dependenices between blocks of ciphertext to be overcome.

Other fixed vulnerabilities include three denial of service bugs, a double-free, and an Uninitialized SSL 3.0 Padding flaw.

The latter flaw was limited in scope and meant that in each record up to 15 bytes of uninitialized memory could be sent, encrypted, to SSL peers.

It arose because OpenSSL failed to clear the bytes used as block cipher padding in SSL 3.0 records. It did not affect TLS.

Copyright © SC Magazine, Australia


Most Read Articles

Log In

|  Forgot your password?