The tests were made available to the OpenSSL team, and three specific vulnerabilities were found. These could result in denial of service, or theoretically allow execution of arbitrary code, when OpenSSL is presented with a malformed client certificate. The fixes for these problems are available in the latest versions (0.9.6k and 0.9.7c).
The table shows counts of OpenSSL versions found in October SSL server survey, restricted to cases where the server signature string appeared to include a valid OpenSSL description. The version numbers are grouped by the OpenSSL security advisories which apply to them (normally an advisory given against a later version will also apply to an earlier version, in addition to the specific advisory given for that earlier version).
In the notes on the effect of an attack, some exploits are described as practical on a LAN only, meaning that the attacking machine has to have a fast network connection to the target. However, people with hosted SSL sites should take note that any other machine in the same datacenter as their machine will have high speed network access to their site, and that attackers can often obtain fraudulent access to dedicated servers for a few days.
Just over half of all sites for which we are able to determine the OpenSSL version have banners indicating that they are still using software which is vulnerable to the most serious attack - the one described in the July 2002 advisory - as well as the more recently discovered problems. Sites using versions of OpenSSL up to 0.9.6d are open to remote execution of arbitrary code, running under the username of the process which invokes OpenSSL.
However, relying on version numbers to determine the number of vulnerable OpenSSL sites is flawed because vendors backport security patches. So a site using OpenSSL on a Red Hat 9 system will likely report itself as OpenSSL 0.9.7a even though it isn't vulnerable to any of the issues mentioned and the situation is similar for SuSE, Debian, Mandrake, and most of the Linux distributions. Additionally, many of the vendor distributions of Apache have recently started supressing all the extra module information by default, so newer distributions (ones that are not vulnerable) are less likely to be listed.
This leads to a situation which is confusing and may make security amongst OpenSSL sites appear worse than it actually is. However, it is likely that many of the sites shown as running earlier, vulnerable versions of OpenSSL really are unpatched. This emphasises again that with SSL, although the transit of the information over the internet may be encrypted and secure, once the information reaches the server itself, absolutely nothing can be taken for granted.
Posted in Security
Your link here? Advertising on the Netcraft Blog