SB2016092602 - Two vulnerabilities in OpenSSL

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Use after free error (CVE-ID: CVE-2016-6309)

A remote attacker can execute arbitrary code on the target system.

The vulnerability exists due to incorrect implementation of patch for vulnerability CVE-2016-6307. A remote attacker can send a specially crafted message larger than 16 kilobytes and reallocated the buffer, intended to store the message, and then use the dangling pointer to control execution flaw.

Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code on the target system.

2) Missing CRL sanity check (CVE-ID: CVE-2016-7052)

The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to incorrect implementation of CRL sanity check in version 1.0.2i. Any attempt to use CRLs results in null pointe exception and crashes the process.

Remediation

Install update from vendor's website.

References

• https://www.openssl.org/news/secadv/20160926.txt
• http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html