Now Patched: OpenSSL CCS Injection aka CVE-2014-0224
June 5, 2014 | Max ShubinWe just finished patching all over our servers running the vulnerable version of OpenSSL. Unlike Heartbleed this affects ALL versions of OpenSSL (yes even the ones that were patched to fix Heartbleed). Here is what the OpenSSL Foundation has said about this vulnerability: "An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. The attack can only be performed between a vulnerable client *and* server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution." The patch also fixes the following:
- DTLS invalid fragment vulnerability (CVE-2014-0195) — A buffer overrun, potentially exploitable to run arbitrary code on the system.
- DTLS recursion flaw (CVE-2014-0221) — Denial of service
- SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198) — Denial of service
- SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298) — Cross-section data injection or denial of service
- Anonymous ECDH denial of service (CVE-2014-3470) — Denial of service
- Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack (CVE-2014-0076) — Previously fixed in version 1.0.1g, this update fixes it in the 1.0.0 and 0.9.8 code branches.