New OpenSSL Vulnerabilities (Aug 29, 2014)

By

The security industry starts putting more resources reviewing the source code of OpenSSL project when the infamous HeartBleed bug was disclosed. Since then several new vulnerabilities are discovered and OpenSSL has released patches for them. These operations would make the Internet more secure if everyone adopts the latest OpenSSL libraries as soon as they become available. Dell SonicWALL keeps monitoring OpenSSL related news and reacts immediately; following are some incidents:

CVE-2014-3470 The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.

Related signature(s):

  • 4790 OpenSSL Anonymous ECDH DoS 1
  • 4822 OpenSSL Anonymous ECDH DoS 2

CVE-2014-3506 d1_both.c in the DTLS implementation in OpenSSL allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.

Related signature(s):

  • 5210 OpenSSL DTLS handshake DoS

CVE-2014-3507 Memory leak in d1_both.c in the DTLS implementation in OpenSSL allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function.

Related signature(s):

  • 5127 OpenSSL DTLS Zero-Length Fragments DoS

CVE-2014-3512 Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.

Related signature(s):

  • 5211 OpenSSL Invalid SRP Parameters Buffer Overflow
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.