# assessing impact of December 2015 OpenSSL vulnerabilities

## c00l.wave

Yesterday, OpenSSL released updates to some vulnerabilities which are rated "moderate" (currently used levels are: critical, high, moderate, low).

https://www.openssl.org/news/secadv/20151203.txt

As I'm not very deep into encryption/SSL, can anyone shed some light on what type of applications/use cases should be expected to be vulnerable? I read the security advisory multiple times but I'm still not sure which of our systems are immediately affected and should be updated with priority (I know that all should be updated mid-term but I can only update a handful of servers in short term).

BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)

SA reads like this weakens encryption but is hard to attack (read: governmental institutions, so what - I guess they are holding back plenty more weaknesses to attack OpenSSL).

Certificate verify crash with missing PSS parameter (CVE-2015-3194)

The signature verification routines [...] if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. Since these routines are used to verify certificate signature algorithms [...]. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication.

So, is it only applications that authenticate via certificates or is it any application which verifies certificate chains?! What is with applications which are generally capable of doing so but aren't supposed to do it (like Apache with no VHosts configs explicitely enabling client certificates, can it still be exploited)? What about mail servers (by default verifying certificate chains, plus we have some servers which identify clients by certificates)?

X509_ATTRIBUTE memory leak (CVE-2015-3195)

When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected.

So it only affects CLI or tools which use OpenSSL API for things other than just establishing connections via SSL/TLS? How can I be sure a client/server application is unaffected (e.g. what about OpenVPN, tinc, ...)?

----------

