ssldump SSLv2 "challenge" memory corruption
| ssldump-sslv2-memory-corruption (10087) |  High Risk |
Description:
The ssldump utility is vulnerable to a memory corruption condition, caused by improper bounds checking of the SSLv2 "challenge" value in SSLv2 messages. If a remote attacker sends an SSLv2 message with a "challenge" value that is less than 32 bytes, the attacker could corrupt buffer memory and execute arbitrary code on the victim's system.
Consequences:
Gain Access
Remedy:
Upgrade to the latest version of ssldump (0.9b3 or later), available from the ssldump home page. See References.
References:
- BugTraq Mailing List, Wed Sep 11 2002 - 10:04:09 CDT: Buffer over/underflows in ssldump prior to 0.9b3 .
- ssldump home page: ssldump.
- BID-5693: ssldump SSLv2 Challenge Buffer Underflow Vulnerability
- CVE-2002-2227: Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value.
Platforms Affected:
- Eric Rescorla ssldump 0.9b2 and prior
- FreeBSD FreeBSD
Reported:
Sep 11, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net