[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[RHSA-2003:290-01] Stronghold 4: New release fixes OpenSSL and mod_ssl issues

Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Stronghold 4: New release fixes OpenSSL and mod_ssl issues
Advisory ID:       RHSA-2003:290-01
Issue date:        2003-09-22
Updated on:        2003-09-30
Product:           Stronghold Cross Platform
Keywords:          Enterprise SH XP
Cross references:  
CVE Names:         CAN-2003-0543 CAN-2003-0544 CAN-2003-0192
- ---------------------------------------------------------------------

1. Topic:

Updated versions of Stronghold 4 cross-platform are available to fix
several security issues that affect OpenSSL and mod_ssl.  A number of bug
fixes and new features are also included.

2. Problem description:

Stronghold 4 contains a number of open source technologies, including
OpenSSL 0.9.6 and mod_ssl.

NISCC testing of implementations of the SSL protocol uncovered two bugs in
OpenSSL 0.9.6.  The parsing of unusual ASN.1 tag values can cause OpenSSL
to crash.  A remote attacker could trigger this bug by sending a carefully
crafted SSL client certificate to the Stronghold Web server, which would
cause the server child process handling the request to terminate.  The
effects of such an attack would be limited as Apache is designed to handle
this situation.  In most cases, an attack would simply cause increased
server load which would only last as long as an attacker continues to make
malicious connections.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the names CAN-2003-0543 and CAN-2003-0544 to
this issue.  

Ben Laurie found a bug in the optional renegotiation code in mod_ssl
which can cause cipher suite restrictions to be ignored. This is triggered
if optional renegotiation is used (SSLOptions +OptRenegotiate) along with
verification of client certificates and a change to the cipher suite over
the renegotiation.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0192 to this issue.

Users of Stronghold 4 cross-platform are advised to update to these errata
versions which contain backported security fixes and are not vulnerable to
these issues.

Red Hat would like to thank NISCC, Stephen Henson, and Ben Laurie for their
work on these vulnerabilities.

3. Solution:

Fixed Stronghold 4 packages are now available via the update agent service; run

$ bin/agent

from the Stronghold 4 install root to upgrade an existing Stronghold 4
installation to the new package versions. After upgrading Stronghold, the
server must be completely restarted by running the following commands from
the install root:

$ bin/stop-server
$ bin/start-server

For more information on how to upgrade between releases of Stronghold 4,
see http://stronghold.redhat.com/support/upgrade-sh4

4. References:


5. Contact:

The Red Hat security contact is <secalert redhat com>.  More contact
details at https://www.redhat.com/solutions/security/news/contact.html

Copyright 2003 Red Hat, Inc.
Version: GnuPG v1.0.7 (GNU/Linux)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]