Stephen Henson

**Name of the Vulnerable Software and Affected Versions** OpenSSL versions prior to 1.0.2a **Description** The issue is related to the ASN.1 signature-verification implementation in the rsa item verify function. It allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash, via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature. The exploitation of this issue can lead to a service disruption. **Recommendations** For versions prior to 1.0.2a, update to version 1.0.2a or later to resolve the issue. As a temporary workaround, consider disabling the certificate-verification feature until a patch is available. Restrict access to the rsa item verify function to minimize the risk of exploitation. Avoid using crafted RSA PSS parameters in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** OpenSSL versions prior to 0.9.8zf OpenSSL versions prior to 1.0.0r OpenSSL versions prior to 1.0.1m OpenSSL versions prior to 1.0.2a Red Hat Enterprise Linux (affected versions not specified) **Description** The issue concerns multiple vulnerabilities in the OpenSSL package of Red Hat Enterprise Linux, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Specifically, the ASN1 TYPE cmp function in crypto/asn1/a type.c does not properly perform boolean-type comparisons, allowing remote attackers to cause a denial of service via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature. **Recommendations** For OpenSSL versions prior to 0.9.8zf, update to version 0.9.8zf or later. For OpenSSL versions prior to 1.0.0r, update to version 1.0.0r or later. For OpenSSL versions prior to 1.0.1m, update to version 1.0.1m or later. For OpenSSL versions prior to 1.0.2a, update to version 1.0.2a or later. For Red Hat Enterprise Linux, update the OpenSSL package to a version that contains the fix for this issue. As a temporary workaround, consider restricting access to endpoints that use the certificate-verification feature until a patch is available.

**Name of the Vulnerable Software and Affected Versions** OpenSSL versions prior to 0.9.8l-r2 OpenSSL version 1.0.0 Beta 2 **Description** The issue is related to a use-after-free vulnerability in the `dtls1 retrieve buffered fragment` function, which can be exploited by remote attackers via a crafted DTLS packet, potentially leading to a denial of service. Multiple vulnerabilities in the OpenSSL package may compromise the integrity and availability of protected information, with exploitation possible remotely. **Recommendations** For OpenSSL version 1.0.0 Beta 2, consider updating to a version that fixes the use-after-free vulnerability in the `dtls1 retrieve buffered fragment` function. For OpenSSL versions prior to 0.9.8l-r2, update to version 0.9.8l-r2 or later to address the multiple vulnerabilities. As a temporary workaround, consider restricting access to DTLS packets from untrusted sources to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OpenSSL versions 0.9.7a through 0.9.7c **Description** The issue is related to the SSL/TLS handshaking code in OpenSSL, which does not properly check the length of Kerberos tickets during a handshake when using Kerberos ciphersuites. This allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. The exploitation of this issue can lead to a disruption of confidentiality, integrity, and availability of protected information and can be performed remotely. **Recommendations** For OpenSSL versions 0.9.7a through 0.9.7c, consider disabling the use of Kerberos ciphersuites as a temporary workaround until a patch is available. Restrict access to the SSL/TLS handshake procedure to minimize the risk of exploitation. Avoid using the Kerberos tickets in the affected SSL/TLS handshake until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.