Hey guys this is TheToySec back again with another Post. In this post we will know about the recent vulnerabilities which has been discovered by OpenSSL in their system and also we will discuss about countermeasures to prevent this attack.
So recently, OpenSSL has been released 2 high severity vulnerabilities CVE-2022-3602 and CVE-2022-3786 related to buffer overflow.
OpenSSL at the start rated CVE-2022-3602 as critical, however upon additional investigation, it absolutely was reduced to high severity.
What is OpenSSL?
OpenSSL is a software library for applications that used for secure communications. It is commonly used by internet servers and also including majority of the HTTPS websites.
What is Buffer overflow?
A buffer overflow is a specific sort of runtime issue that enables a program to write past the end of a buffer or array and corrupt nearby memory. Therefore the name overflow. A buffer overflow doesn’t seem during each program execution, like most issues do. Instead, specific conditions, like unexpected user input, are needed to activate the vulnerability.
Both of the high severity vulnerabilities are exploited by name constraint checking throughout X.509 certificate verification.
X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602)
X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
The vulnerability are often triggered in a TLS client by connecting to a rogue server. It could also be triggered on a TLS server if a malicious client joins once the server requests client authentication.
OpenSSL version 3.0.7 was released as an open source toolkit for SSL/TLS. Any OpenSSL 3.0 program should be considered as insecure and exploitable by attackers if it checks X.509 certificates obtained from unreliable sources.
TLS client authentication should be disabled on clients and servers till the upgrade has been applied.
The affected versions of OpenSSL versions from 3.0.0 to 3.0.6 are vulnerable to this issue and the unaffected versions of OpenSSL are 1.1.1, 1.1.0, 1.0.2, 1.0.1, 1.0.0, 0.9.x and fips which are not vulnerable to this issue.
What are the Impacts of these Vulnerabilities?
The impacts of these vulnerabilities are Denial of Service and Remote Code Execution
Countermeasures
Well the countermeasures are simple. If you are using OpenSSL version 3.0.0 to 3.0.6 then it should be upgrade to OpenSSL version 3.0.7 and enable the Stack overflow protections.
For more information visit: OpenSSL Vulnerability 2022 News
If you really like this post then give your reaction and don’t forget to share with others. Till then we will meet again in another interesting topic.
Thank you for reading this and have a nice stay there!