Weak encryption in OpenBSD - #VU637
Published: September 23, 2016 / Updated: September 23, 2016
Vulnerability identifier: #VU637
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-310
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: OpenBSD
Affected software:
OpenBSD
OpenBSD
Detailed vulnerability description
A remote attacker can gain access to potentially sensitive information.
The vulnerability exists in SSL_set_SSL_CTX() function in lib/libssl/src/ssl/ssl_lib.c. A remote attacker can force the encrypted connection to fall back to weak digest for (EC)DH when using SNI with libssl.
Successful exploitation of the vulnerability will allow an attacker to gain access to potentially sensitive data.
Remediation
Install the following patch:
http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/028_libssl.patch.sig
http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/028_libssl.patch.sig