Bugzilla – Bug 866278
VUL-0: CVE-2014-0017: libssh: PRNG reseed vulnerability
Last modified: 2015-02-19 10:32:17 UTC
bugbot adjusting priority
is public now. Date: Wed, 05 Mar 2014 11:11:07 +0530 From: Huzaifa Sidhpurwala <huzaifas@redhat.com> Subject: [oss-security] libssh and stunnel PRNG flaws Hi All, Aris Adamantiadis reported the following to us: I have found a vulnerability in stunnel (fork mode) and libssh server (if implemented with fork) that is similar to problems found in postgresql [1]. When accepting a new connection, the server forks and the child process handles the request. The RAND_bytes() function of openssl doesn't reset its state after the fork, but simply adds the current process id (getpid) to the PRNG state, which is not guaranteed to be unique. stunnel uses libssl, which also seeds the PRNG with the output of time(NULL), which means that vulnerability has to be exploited under a second. I have exploit code that can reproduce the issue on OpenBSD 5.4 (thanks to random PIDs) but I think it may be exploitable on other unix systems as well. The following CVEs have been assigned: CVE-2014-0016 stunnel PRNG vulnerability CVE-2014-0017 libssh PRNG vulnerability Mitigations implemented into openssl-0.9.8j (2009) makes the vulnerability not exploitable in stock openssl. The signing code for ECDSA and DSA explicitly seeds the pool with the digest to sign. References: libssh: https://bugzilla.redhat.com/show_bug.cgi?id=1072191 http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/ http://git.libssh.org/projects/libssh.git/commit/?id=e99246246b4061f7e71463f8806b9dcad65affa0 stunnel: https://bugzilla.redhat.com/show_bug.cgi?id=1072180 There is no upstream patch yet
libssh 0.2 in SLE11 does seem to have server code? libssh-0.2/libssh/server.c libssh2_org does not seem to implement server code, neither in SLE11 nor in Factory.
This is an autogenerated message for OBS integration: This bug (866278) was mentioned in https://build.opensuse.org/request/show/224706 13.1 / libssh
(In reply to comment #11) > libssh 0.2 in SLE11 does seem to have server code? libssh-0.2/libssh/server.c > > libssh2_org does not seem to implement server code, neither in SLE11 nor in > Factory. libssh and libssh2(_org) are completely separate projects by different people. libssh2_org doesn't contain any server code.
This is an autogenerated message for OBS integration: This bug (866278) was mentioned in https://build.opensuse.org/request/show/224741 12.3 / libssh
The SWAMPID for this issue is 56551. This issue was rated as moderate. Please submit fixed packages until 2014-03-20. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
Affected packages: SLE-11-SP3: libssh SLE-11-SP2: libssh
i think needinfo is provided and everything submitted
openSUSE-SU-2014:0366-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 866278 CVE References: CVE-2014-0017 Sources used: openSUSE 13.1 (src): libssh-0.5.5-2.4.1 openSUSE 12.3 (src): libssh-0.5.3-2.4.1
openSUSE-SU-2014:0370-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 866278 CVE References: CVE-2014-0017 Sources used: openSUSE 11.4 (src): libssh-0.4.8-14.1
Update released for: libssh2 Products: SLE-DESKTOP 11-SP3 (i386, x86_64) SLE-SDK 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SUSE-SU-2014:0413-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 866278 CVE References: CVE-2014-0017 Sources used: SUSE Linux Enterprise Software Development Kit 11 SP3 (src): libssh-0.2-5.20.1 SUSE Linux Enterprise Desktop 11 SP3 (src): libssh-0.2-5.20.1