-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2010-002 ================================= Topic: OpenSSL TLS renegotiation man in the middle vulnerability Version: NetBSD-current: affected prior to 2009-12-04 NetBSD 5.0: affected NetBSD 4.0.*: affected NetBSD 4.0: affected pkgsrc: openssl package prior to 0.9.8l Severity: Information disclosure Fixed: NetBSD-current: Dec 03, 2009 NetBSD-5-0 branch: Jan 12, 2010 NetBSD-5 branch: Jan 12, 2010 NetBSD-4-0 branch: Jan 12, 2010 NetBSD-4 branch: Jan 12, 2010 pkgsrc 2009Q4: openssl-0.9.8l corrects this issue Please note that NetBSD releases prior to 4.0 are no longer supported. It is recommended that all users upgrade to a supported release. Abstract ======== An error in the OpenSSL TLS session renegotiation allows a remote attacker to intercept communication and conduct a Man-in-the-Middle attack on TLS sessions. This vulnerability has been assigned CVE-2009-3555 and CERT Vulnerability Note VU#120541. Technical Details ================= A design problem exists in the renegotiation feature for TLS sessions as implemented by the version of OpenSSL shipped with NetBSD. As session renegotiation handshakes are not properly associated with an existing connection, an unauthenticated attacker can initiate a renegotiation in order to allow a man-in-the-middle attack, which may allow the attacker to inject plaintext into the communication. Solutions and Workarounds ========================= The solution to this problem is to disable TLS session renegotiation for now by applying the provided patches or updating NetBSD to a version including the fix. The following instructions describe how to upgrade your OpenSSL binaries by updating your source tree and rebuilding and installing a new version of OpenSSL. * NetBSD-current: Systems running NetBSD-current dated from before 2009-12-04 should be upgraded to NetBSD-current dated 2009-12-04 or later. The following files/directories need to be updated from the netbsd-current CVS branch (aka HEAD): crypto/external/bsd/openssl/dist/ssl/s3_lib.c crypto/external/bsd/openssl/dist/ssl/s3_pkt.c crypto/external/bsd/openssl/dist/ssl/s3_srvr.c crypto/external/bsd/openssl/dist/ssl/ssl_locl.h To update from CVS, re-build, and re-install OpenSSL: # cd src # cvs update -d -P crypto/external/bsd/openssl/dist/ssl # cd lib/libcrypt # make USETOOLS=no cleandir dependall # make USETOOLS=no install # cd ../../crypto/external/bsd/openssl/lib/libcrypto # make USETOOLS=no cleandir dependall # make USETOOLS=no install # cd ../libssl # make USETOOLS=no cleandir dependall # make USETOOLS=no install * NetBSD 5.*: Systems running NetBSD 5.* sources dated from before 2010-01-12 09:30 UTC should be upgraded from NetBSD 5.* sources dated 2010-01-12 09:30 UTC or later. The following files/directories need to be updated from the netbsd-5 or netbsd-5-0 branches: crypto/dist/openssl/ssl/s3_lib.c crypto/dist/openssl/ssl/s3_pkt.c crypto/dist/openssl/ssl/s3_srvr.c crypto/dist/openssl/ssl/ssl_locl.h To update from CVS, re-build, and re-install OpenSSL: # cd src # cvs update -r -d -P crypto/dist/openssl/ssl # cd lib/libcrypt # make USETOOLS=no cleandir dependall # make USETOOLS=no install # cd ../libcrypto # make USETOOLS=no cleandir dependall # make USETOOLS=no install # cd ../libssl # make USETOOLS=no cleandir dependall # make USETOOLS=no install * NetBSD 4.*: Systems running NetBSD 4.* sources dated from before 2010-01-12 09:30 UTC should be upgraded from NetBSD 4.* sources dated 2010-01-12 09:30 UTC or later. The following files/directories need to be updated from the netbsd-4 or netbsd-4-0 branches: crypto/dist/openssl/ssl/s3_lib.c crypto/dist/openssl/ssl/s3_pkt.c crypto/dist/openssl/ssl/s3_srvr.c crypto/dist/openssl/ssl/ssl_locl.h To update from CVS, re-build, and re-install OpenSSL: # cd src # cvs update -r -d -P crypto/dist/openssl/ssl # cd lib/libcrypt # make USETOOLS=no cleandir dependall # make USETOOLS=no install # cd ../libcrypto # make USETOOLS=no cleandir dependall # make USETOOLS=no install # cd ../libssl # make USETOOLS=no cleandir dependall # make USETOOLS=no install Thanks To ========= Marsh Ray, PhoneFactor and Martin Rex for discovering and reporting the issue, and Christos Zoulas for fixing it. Revision History ================ 2010-01-12 Initial release 2010-01-15 Fixed build instructions 2010-01-23 Fixed build instructions for HEAD again More Information ================ Advisories may be updated as new information becomes available. The most recent version of this advisory (PGP signed) can be found at http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2010-002.txt.asc Information about NetBSD and NetBSD security can be found at http://www.NetBSD.org/ and http://www.NetBSD.org/Security/. Copyright 2010, The NetBSD Foundation, Inc. All Rights Reserved. Redistribution permitted only in full, unmodified form. $NetBSD: NetBSD-SA2010-002.txt,v 1.4 2010/01/23 14:43:50 tonnerre Exp $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (NetBSD) iQIcBAEBAgAGBQJLWw3iAAoJEAZJc6xMSnBuCeMP/RrlI7CXqffUkYmMvzeae9Nw PxGIuh+mUOQNqZFH9Nk3jGbnu/XbSLI+zzEXfpQq9yhIQoX4CWLthezfzH/DG/nj GndTlk3rzw90FXqKVgefZaO+rAAgiliNyld9/eCRldop3jy+18vfyToFtAO7gSNi UTcL/2WDLSK8+TLjBiGHTftDolKNKRfIu0Eo5V5AP0UrkpZ7EyV6GQPLRy4896Ub ThIXM5xgFDv4PzCwIpkfLVZdgrHVwN6nzRnC8eoGLPkV4zFbOT5CZ/wXg7GbQChA 4PCFgc0FC4m2jdNuqUMXLa3THlPlWrXE+uXBKjnO1JKyitAgrn5bEPDY/BVr9L5n 5IJdanNZmQQljtCx3G4MsP8ozqFXTP20f4XiaEnJg3uJ76RzLK58Bt+G41lEXDuf 5ZBFkpSqiv9oPoz/AYZU4qOcSoQLW5BAV4nW4lDRUEYUBILPFhyt2HXnxoBfJpjk VBeqMKRx90jC/vkRuv7QA9sIeMCJjwvaA1DwhAw9P+gLpSPxjp/inOE0P/1wFhq3 JIMjRZnBihCwQVH+Jn3gJ5u9zYheFrRUZarxvsyUHEyeObmP5Up0TaUGG1SU4yoE iLLh32CxTAhXcwDcbMvx06jgS0K93eJk44fUoVmZ4LlxVC0bVWsfbiw3fSWdBhEP xgD+Oxw9QYi9pci5dDcO =gbh2 -----END PGP SIGNATURE-----