You are here

U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code

September 13, 2012 - 6:00am

Addthis

PROBLEM:

RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code

PLATFORM:

RSA BSAFE SSL-C prior to 2.8.6

ABSTRACT:

RSA BSAFE SSL-C Multiple Vulnerabilities

reference LINKS:

Secunia Advisory  SA50601 
SecurityTracker Alert ID:  1027514
SecurityTracker Alert ID:  1027513
CVE-2011-3389
CVE-2012-2110
CVE-2012-2131

IMPACT ASSESSMENT:

High

Discussion:

EMC has acknowledged a weakness and a vulnerability in RSA BSAFE, which can be exploited by malicious people to disclose sensitive information, hijack a user's session, and potentially compromise an application using the library.

A remote user with the ability to conduct a man-in-the-middle attack can decrypt SSL/TLS sessions [CVE-2011-3389].

A remote user can send specially crafted data to the target application using BSAFE SSL-C to potentially trigger a heap overflow in the asn1_d2i_read_bio() function and execute arbitrary code on the target system [CVE-2012-2110, CVE-2012-2131]. The code will run with the privileges of the target application.

Impact:

A remote user with the ability to conduct a man-in-the-middle attack can decrypt SSL/TLS sessions.

A remote user can execute arbitrary code on the target system.

Solution:

The vendor has issued a fix (BSAFE SSL-C 2.8.6).

Original Advisory

 

Addthis