ssldump RSA key PreMasterSecret buffer overflow
| ssldump-rsa-premastersecret-bo (10086) |  High Risk |
Description:
The ssldump utility is vulnerable to a buffer overflow in the decryption of malformed RSA keys. By sending a malformed RSA key with a "PreMasterSecret" value of more than 48 bytes to a vulnerable system, a remote attacker could overflow a buffer and execute code on the victim's system, if the victim is running ssldump in "decryption" mode at the time of the attack.
Platforms Affected:
- Eric Rescorla, ssldump 0.9b2 and prior
- FreeBSD, FreeBSD
Remedy:
Upgrade to the latest version of ssldump (0.9b3 or later), available from the ssldump home page. See References.
Consequences:
Gain Access
References:
- BugTraq Mailing List, Wed Sep 11 2002 - 10:04:09 CDT , Buffer over/underflows in ssldump prior to 0.9b3 at http://archives.neohapsis.com/archives/bugtraq/2002-09/0101.html.
- ssldump home page, ssldump at http://www.rtfm.com/ssldump/.
- BID-5690: ssldump PreMasterSecret Buffer Overflow Vulnerability
- CVE-2002-2207: Buffer overflow in ssldump 0.9b2 and earlier, when running in decryption mode, allows remote attackers to execute arbitrary code via a long RSA PreMasterSecret.
Reported:
Sep 11, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.
For corrections or additions please email xforce@iss.net