[sisyphus] OpenSSL overflow
Slava Dubrovskiy
slava на tangramltd.com
Пн Май 25 16:56:31 MSD 2009
Здравствуйте
Использую бранч 5.0
Банк требует прохождение сервером теста https://www.hackerguardian.com
При тестировании получаю:
Security hole found on port/service "https (443/tcp)"
Plugin "OpenSSL overflow (generic test)"
Category "Gain a shell remotely "
Priority "Medium Priority "The remote host seems to be using a
version of OpenSSL which is older than 0.9.6e or 0.9.7-beta3 This
version is vulnerable to a buffer overflow which, may allow an attacker
to obtain a shell on this host. *** Note that since safe checks are
enabled, this check *** might be fooled by non-openssl implementations
and *** produce a false positive. *** In doubt, re-execute the scan
without the safe checks
Solution : Upgrade to version 0.9.6e (0.9.7beta3) or newer
Risk factor : High
CVE: CVE-2002-0656
http://cgi.nessus.org/cve.php3?cve=CVE-2002-0656
CVE-2002-0655 http://cgi.nessus.org/cve.php3?cve=CVE-2002-0655
CVE-2002-0657 http://cgi.nessus.org/cve.php3?cve=CVE-2002-0657
CVE-2002-0659 http://cgi.nessus.org/cve.php3?cve=CVE-2002-0659
CVE-2001-1141 http://cgi.nessus.org/cve.php3?cve=CVE-2001-1141
BID : 3004, 5361, 5362, 5363, 5364, 5366 Other references :
IAVA:2002-a-0004, OSVDB:853, OSVDB:857, OSVDB:3940, OSVDB:3941,
OSVDB:3942, OSVDB:3943, SuSE:SUSE-SA:2002:033
Естественно что на сервере:
# rpm -qa | grep -i ssl
libssl7-0.9.8j-alt1
openssl-0.9.8j-alt1
Вопрос: Это ошибка теста, или эта уязвимость действительно существует?
Как проверить и доказать что уязвимости нет?
--
WBR,
Dubrovskiy Vyacheslav
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3262 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.altlinux.org/pipermail/sisyphus/attachments/20090525/bd742866/attachment.bin>
Подробная информация о списке рассылки Sisyphus