OpenSSL CRL bypass and ECDH DoS vulnerability

Two vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to bypass certain security restrictions and cause a Denial of Service, according to Secunia.

1. An error within OpenSSL’s internal certificate verification can lead to OpenSSL accepting CRL (Certificate Revocation Lists) with a “nextUpdate” field set to a date in the past.

2. An error within the implementation of ephemeral ECDH ciphersuites can be exploited to crash a vulnerable server by sending handshake messages within an invalid order.

Successful exploitation of this vulnerability requires that the server enabled and supports the ECDH ciphersuites.

NOTE: Additionally, the ECDH implementation is not thread safe.

The vulnerabilities are reported in versions 1.0.0 through 1.0.0d.

Solution: Update to version 1.0.0e.

Don't miss