Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-704-1: OpenSSL vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-704-1: OpenSSL vulnerability
# 1  
Old 01-07-2009
USN-704-1: OpenSSL vulnerability
Referenced CVEs:
CVE-2008-5077


Description:
===========================================================Ubuntu Security Notice USN-704-1 January 07, 2009openssl vulnerabilityCVE-2008-5077===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.10Ubuntu 8.04 LTSUbuntu 8.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libssl0.9.8 0.9.8a-7ubuntu0.6 openssl 0.9.8a-7ubuntu0.6Ubuntu 7.10: libssl0.9.8 0.9.8e-5ubuntu3.3 openssl 0.9.8e-5ubuntu3.3Ubuntu 8.04 LTS: libssl0.9.8 0.9.8g-4ubuntu3.4 openssl 0.9.8g-4ubuntu3.4Ubuntu 8.10: libssl0.9.8 0.9.8g-10.1ubuntu2.1 openssl 0.9.8g-10.1ubuntu2.1After a standard system upgrade you need to reboot your computer toeffect the necessary changes.Details follow:It was discovered that OpenSSL did not properly perform signature verificationon DSA and ECDSA keys. If user or automated system connected to a maliciousserver or a remote attacker were able to perform a man-in-the-middle attack,this flaw could be exploited to view sensitive information.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

ssl_set_fd

SSL_set_fd(3openssl)						      OpenSSL						      SSL_set_fd(3openssl)

NAME

       SSL_set_fd - connect the SSL object with a file descriptor

SYNOPSIS

	#include <openssl/ssl.h>

	int SSL_set_fd(SSL *ssl, int fd);
	int SSL_set_rfd(SSL *ssl, int fd);
	int SSL_set_wfd(SSL *ssl, int fd);

DESCRIPTION

       SSL_set_fd() sets the file descriptor fd as the input/output facility for the TLS/SSL (encrypted) side of ssl. fd will typically be the
       socket file descriptor of a network connection.

       When performing the operation, a socket BIO is automatically created to interface between the ssl and fd. The BIO and hence the SSL engine
       inherit the behaviour of fd. If fd is non-blocking, the ssl will also have non-blocking behaviour.

       If there was already a BIO connected to ssl, BIO_free() will be called (for both the reading and writing side, if different).

       SSL_set_rfd() and SSL_set_wfd() perform the respective action, but only for the read channel or the write channel, which can be set inde-
       pendently.

RETURN VALUES

       The following return values can occur:

       0   The operation failed. Check the error stack to find out why.

       1   The operation succeeded.

SEE ALSO

       SSL_get_fd(3), SSL_set_bio(3), SSL_connect(3), SSL_accept(3), SSL_shutdown(3), ssl(3) , bio(3)

OpenSSL-0.9.8							    Oct 11 2005 					      SSL_set_fd(3openssl)