National Vulnerability Database (NVD) National Vulnerability Database (CVE-2009-3245)

National Cyber Awareness System

Vulnerability Summary for CVE-2009-3245

Original release date:03/05/2010

Last revised:08/27/2011

Source: US-CERT/NIST

Overview

OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:10.0 (HIGH) (AV:N/AC:L/Au:N/C:C/I:C/A:C) (legend)

Impact Subscore: 10.0

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

**NOTE: Access Complexity scored Low due to insufficient information

Authentication: Not required to exploit

Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

Vendor Statements (disclaimer)

Official Statement from Red Hat (03/25/2010)

Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-3245 This issue was fixed in openssl packages in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2010-0162.html This issue was fixed in openssl096b packages in Red Hat Enterprise Linux 3 and 4 via: https://rhn.redhat.com/errata/RHSA-2010-0173.html The Red Hat Security Response Team has rated this issue as having low security impact on openssl packages in Red Hat Enterprise Linux 3 and 4, a future update may address this flaw.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: MLIST

Name: [openssl-cvs] 20100223 OpenSSL: OpenSSL_0_9_8-stable: openssl/ CHANGES openssl/crypto/b...

Type: Patch Information

Hyperlink:http://marc.info/?l=openssl-cvs&m=126692180606861&w=2

External Source: MLIST

Name: [openssl-cvs] 20100223 OpenSSL: openssl/crypto/bn/ bn_div.c bn_gf2m.c openssl/crypto/ec...

Type: Patch Information

Hyperlink:http://marc.info/?l=openssl-cvs&m=126692170906712&w=2

External Source: MLIST

Name: [openssl-cvs] 20100223 OpenSSL: OpenSSL_1_0_0-stable: openssl/crypto/bn/ bn_div.c bn_gf...

Type: Patch Information

Hyperlink:http://marc.info/?l=openssl-cvs&m=126692159706582&w=2

External Source: MLIST

Name: [syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released

Hyperlink:https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html

External Source: MLIST

Name: [syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released

Hyperlink:https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html

External Source: CONFIRM

Name: https://kb.bluecoat.com/index?page=content&id=SA50

Hyperlink:https://kb.bluecoat.com/index?page=content&id=SA50

External Source: VUPEN

Name: ADV-2010-1216

Hyperlink:http://www.vupen.com/english/advisories/2010/1216

External Source: VUPEN

Name: ADV-2010-0933

Hyperlink:http://www.vupen.com/english/advisories/2010/0933

External Source: VUPEN

Name: ADV-2010-0916

Hyperlink:http://www.vupen.com/english/advisories/2010/0916

External Source: VUPEN

Name: ADV-2010-0839

Hyperlink:http://www.vupen.com/english/advisories/2010/0839

External Source: UBUNTU

Name: USN-1003-1

Hyperlink:http://www.ubuntu.com/usn/USN-1003-1

External Source: BID

Name: 38562

Hyperlink:http://www.securityfocus.com/bid/38562

External Source: REDHAT

Name: RHSA-2011:0896

Hyperlink:http://www.redhat.com/support/errata/RHSA-2011-0896.html

External Source: REDHAT

Name: RHSA-2010:0977

Hyperlink:http://www.redhat.com/support/errata/RHSA-2010-0977.html

External Source: MANDRIVA

Name: MDVSA-2010:076

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2010:076

External Source: CONFIRM

Name: http://support.apple.com/kb/HT4723

Hyperlink:http://support.apple.com/kb/HT4723

External Source: SLACKWARE

Name: SSA:2010-060-02

Hyperlink:http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049

External Source: SECUNIA

Name: 42733

Hyperlink:http://secunia.com/advisories/42733

External Source: SECUNIA

Name: 42724

Hyperlink:http://secunia.com/advisories/42724

External Source: SECUNIA

Name: 39932

Hyperlink:http://secunia.com/advisories/39932

External Source: SECUNIA

Name: 39461

Hyperlink:http://secunia.com/advisories/39461

External Source: SECUNIA

Name: 38761

Type: Advisory

Hyperlink:http://secunia.com/advisories/38761

External Source: OVAL

Name: oval:org.mitre.oval:def:9790

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9790

External Source: OVAL

Name: oval:org.mitre.oval:def:6640

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6640

External Source: OVAL

Name: oval:org.mitre.oval:def:11738

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11738

External Source: SUSE

Name: SUSE-SR:2010:013

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

External Source: FEDORA

Name: FEDORA-2010-5357

Hyperlink:http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html

External Source: FEDORA

Name: FEDORA-2010-5744

Hyperlink:http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html

External Source: APPLE

Name: APPLE-SA-2011-06-23-1

Hyperlink:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html

External Source: CONFIRM

Name: http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc

Hyperlink:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc

References to Check Content

Identifier:oval:org.mitre.oval:def:9790

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9790

Identifier:oval:org.mitre.oval:def:11738

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11738

Identifier:oval:org.mitre.oval:def:6640

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:6640

Vulnerable software and versions

Configuration 1

* cpe:/a:openssl:openssl:0.9.8l and previous versions

* cpe:/a:openssl:openssl:0.9.8k

* cpe:/a:openssl:openssl:0.9.8j

* cpe:/a:openssl:openssl:0.9.8i

* cpe:/a:openssl:openssl:0.9.8h

* cpe:/a:openssl:openssl:0.9.8g

* cpe:/a:openssl:openssl:0.9.8f

* cpe:/a:openssl:openssl:0.9.8e

* cpe:/a:openssl:openssl:0.9.8d

* cpe:/a:openssl:openssl:0.9.8c

* cpe:/a:openssl:openssl:0.9.8b

* cpe:/a:openssl:openssl:0.9.8a

* cpe:/a:openssl:openssl:0.9.8

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Input Validation (CWE-20)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245