发布日期：2006-09-05
更新日期：2006-11-29

受影响系统：

OpenSSL Project OpenSSL < 0.9.8b
OpenSSL Project OpenSSL < 0.9.7j

不受影响系统：

OpenSSL Project OpenSSL 0.9.8c
OpenSSL Project OpenSSL 0.9.7k

描述：

---

BUGTRAQ  ID: 19849
CVE(CAN) ID: CVE-2006-4339,CVE-2006-4340,CVE-2006-5462

OpenSSL是一种开放源码的SSL实现，用来实现网络通信的高强度加密，现在被广泛地用于各种网络应用程序中。

OpenSSL在验证PKCS #1 v1.5签名时存在错误，攻击者可能利用此漏洞伪造签名。

如果使用了有指数3的RSA密钥的话，攻击者就可以伪造由该密钥签发的PKCS #1 v1.5签名。如果没有检查签名的RSA幂运算结果中的额外数据的话，这种实现就可能错误的验证证书，导致建立非授权的信任关系。

<*来源：Daniel Bleichenbacher
  
  链接：http://secunia.com/advisories/21709/
        http://www.openssl.org/news/secadv_20060905.txt
        http://www.mozilla.org/security/announce/2006/mfsa2006-60.html
        http://secunia.com/advisories/22671/
        http://marc.theaimsgroup.com/?l=bind-announce&m=116253119512445&w=2
        http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
        http://secunia.com/advisories/22758/
        http://secunia.com/advisories/22799/
        http://docs.info.apple.com/article.html?artnum=304829
        http://secunia.com/advisories/23155/
        http://secunia.com/advisories/25399/
        https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html
        http://security.gentoo.org/glsa/glsa-200609-05.xml
        http://www.debian.org/security/2006/dsa-1173
        http://lwn.net/Alerts/198829/?format=printable
        http://lwn.net/Alerts/199693/?format=printable
        http://lwn.net/Alerts/199691
        http://lwn.net/Alerts/199692
        http://www.us-cert.gov/cas/techalerts/TA06-333A.html
        http://www.debian.org/security/2006/dsa-1174
        ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:19.openssl.asc
        http://security.gentoo.org/glsa/glsa-200609-18.xml
        http://security.gentoo.org/glsa/glsa-200610-06.xml
        http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00794048
        ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
        http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102648-1
        http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102657-1
        http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102656-1
        http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102696-1
        http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102686-1
        http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102722-1
*>

建议：

---

厂商补丁：

Debian
------
Debian已经为此发布了一个安全公告（DSA-1174-1）以及相应补丁:
DSA-1174-1：New openssl096 packages fix RSA signature forgery cryptographic weakness
链接：http://www.debian.org/security/2005/dsa-1174

补丁下载：
Source archives:

http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.dsc
Size/MD5 checksum:      617 018a88ab90403cb04c62fb3e30b74447
http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.diff.gz
Size/MD5 checksum:    19110 ebf3d65348f1a0e2b09543b02f1752ff
http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m.orig.tar.gz
Size/MD5 checksum:  2184918 1b63bfdca1c37837dddde9f1623498f9

Alpha architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_alpha.deb
Size/MD5 checksum:  1965098 f321c9d2831643d65718730f8ff81f16

AMD64 architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_amd64.deb
Size/MD5 checksum:   578014 b47b9fb2acd8c6e22aac6812c7ad4dda

ARM architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_arm.deb
Size/MD5 checksum:   518746 29a69a8d997445d4ae2a53c337678cc6

HP Precision architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_hppa.deb
Size/MD5 checksum:   587368 4291ac3835b28ae9acf555ec90242d26

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_i386.deb
Size/MD5 checksum:  1755640 d9fb8d8383c96d0d4ebe4af8cb5e9a3a

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_ia64.deb
Size/MD5 checksum:   814966 1a366b00181bba9bd04b2312f4ae8f42

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_m68k.deb
Size/MD5 checksum:   476722 2002d9eeb9b36d329855042466c9dfc1

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mips.deb
Size/MD5 checksum:   576764 2001e7d3f5d72e0328b8d46f83bb0b4d

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mipsel.deb
Size/MD5 checksum:   568756 3b25b7c66ff42626c8f458be9485f9bb

PowerPC architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_powerpc.deb
Size/MD5 checksum:   582402 e677ab4fd68d34affff58a9c7d2cd823

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_s390.deb
Size/MD5 checksum:   602334 674b58c6811c7e60ad2bb53ec7c1bcdc

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_sparc.deb
Size/MD5 checksum:  1458574 d9ab5370d48647780172587e58682297

补丁安装方法：

1. 手工安装补丁包：

  首先，使用下面的命令来下载补丁软件：
  # wget url  (url是补丁下载链接地址)

  然后，使用下面的命令来安装补丁：  
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包：

   首先，使用下面的命令更新内部数据库：
   # apt-get update
  
   然后，使用下面的命令安装更新软件包：
   # apt-get upgrade

FreeBSD
-------
FreeBSD已经为此发布了一个安全公告（FreeBSD-SA-06:19）以及相应补丁:
FreeBSD-SA-06:19：Incorrect PKCS#1 v1.5 padding validation in crypto(3)
链接：ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:19.openssl.asc

补丁下载：
执行以下步骤之一:

1) 将有漏洞的系统升级到4-STABLE, 5-STABLE或6-STABLE,或修改日期之后的RELENG_6_1,
RELENG_6_0, RELENG_5_5, RELENG_5_4, RELENG_5_3或RELENG_4_11安全版本.

2) 为当前系统打补丁:

以下补丁确认可应用于FreeBSD 4.11, 5.3, 5.4, 5.5, 6.0和6.1系统.

a) 从以下位置下载相关补丁,并使用PGP工具验证附带的PGP签名.

# fetch http://security.FreeBSD.org/patches/SA-06:19/openssl.patch
# fetch http://security.FreeBSD.org/patches/SA-06:19/openssl.patch.asc

b) 以root执行以下命令:

# cd /usr/src
# patch < /path/to/patch

c) 如<URL: http://www.freebsd.org/handbook/makeworld.html> 所述重新编译操作系统并重启.

注意: 必须重新编译所有链接到libcrypto(3)的第三方应用程序,包括从FreeBSD移植集安装的,以便使用修复的代码.

HP
--
HP已经为此发布了一个安全公告（HPSBUX02165）以及相应补丁:
HPSBUX02165：SSRT061266 rev.1 - HP-UX VirtualVault Remote Unauthorized Access
链接：http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00794048

OpenSSL Project
---------------
http://www.debian.org/security/2006/dsa-1174

RedHat
------
RedHat已经为此发布了安全公告（RHSA-2006:0675-01，RHSA-2006:0661-01，RHSA-2006:0676-01，RHSA-2006:0677-01）以及相应补丁:
RHSA-2006:0675-01：Critical: firefox security update
链接：http://lwn.net/Alerts/199691

RHSA-2006:0661-01：Important: openssl security update
链接：http://lwn.net/Alerts/198829/?format=printable

RHSA-2006:0676-01：Critical: seamonkey security update
链接：http://lwn.net/Alerts/199692

RHSA-2006:0677-01：Critical: thunderbird security update
链接：http://lwn.net/Alerts/199693/?format=printable

SGI
---
SGI已经为此发布了一个安全公告（20060901-01-P）以及相应补丁:
20060901-01-P：SGI Advanced Linux Environment 3 Security Update #63
链接：ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc

Sun
---
Sun已经为此发布了一个安全公告（Sun-Alert-102722）以及相应补丁:
Sun-Alert-102722：Security Vulnerability With RSA Signature Affects Solaris Applications Utilizing the libike Library
链接：http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102722-1

Gentoo
------
Gentoo已经为此发布了一个安全公告（GLSA-200610-06）以及相应补丁:
GLSA-200610-06：Mozilla Network Security Service (NSS): RSA signature
链接：http://security.gentoo.org/glsa/glsa-200610-06.xml

浏览次数：5309
严重程度：0（网友投票）