what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-1064-1

Ubuntu Security Notice USN-1064-1
Posted Feb 15, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1064-1 - Neel Mehta discovered that incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. This could allow a remote attacker to cause a crash and denial of service by triggering invalid memory accesses.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-0014
SHA-256 | 0363a4620aad3ba274e0d561fa4343dcb277629a86069b3850aa4b9eed29fc1c
Download | Favorite | View

Ubuntu Security Notice USN-1064-1

Change Mirror Download
===========================================================
Ubuntu Security Notice USN-1064-1         February 15, 2011
openssl vulnerability
CVE-2011-0014
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 10.04 LTS
Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.04 LTS:
  libssl0.9.8                     0.9.8k-7ubuntu8.6

Ubuntu 10.10:
  libssl0.9.8                     0.9.8o-1ubuntu4.4

After a standard system update you need to reboot your computer to make
all the necessary changes.

Details follow:

Neel Mehta discovered that incorrectly formatted ClientHello handshake
messages could cause OpenSSL to parse past the end of the message.
This could allow a remote attacker to cause a crash and denial of
service by triggering invalid memory accesses.


Updated packages for Ubuntu 10.04 LTS:

  Source archives:

    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.6.diff.gz
      Size/MD5:   113947 666d4d39c8d15495574b3e8cde84d14b
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.6.dsc
      Size/MD5:     2097 a9aee866b987128cbb53018bb4c3e076
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8k.orig.tar.gz
      Size/MD5:  3852259 e555c6d58d276aec7fdc53363e338ab3

  Architecture independent packages:

    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl-doc_0.9.8k-7ubuntu8.6_all.deb
      Size/MD5:   640766 4410bba4b493067940d740ba0bfd9e36

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.6_amd64.udeb
      Size/MD5:   630236 4e57f2683a2fd11379ef834de483e92a
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.6_amd64.deb
      Size/MD5:  2143716 b73b8e9eca5d99faf5bba7b3ad885d0d
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8k-7ubuntu8.6_amd64.deb
      Size/MD5:  1650734 15024c4129edb6729aadd42a3c6625d9
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8k-7ubuntu8.6_amd64.udeb
      Size/MD5:   136136 c691630136d1888d9818afcbef5b3376
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8k-7ubuntu8.6_amd64.deb
      Size/MD5:   979838 e410fcc0f092be5bdf0dd48866030de6
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.6_amd64.deb
      Size/MD5:   406380 45ae705310a650701711237bc24834fa

  i386 architecture (x86 compatible Intel/AMD):

    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.6_i386.udeb
      Size/MD5:   582632 605d20a6d46358bb020263b589628bc7
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.6_i386.deb
      Size/MD5:  2006542 2651ca8bad5a1274f8ac9eb3c9928f10
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8k-7ubuntu8.6_i386.deb
      Size/MD5:  5806564 99755b3eed448fd0bedaf6c90c760222
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8k-7ubuntu8.6_i386.udeb
      Size/MD5:   129782 08548187135f8ef21f91c1206231c46c
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8k-7ubuntu8.6_i386.deb
      Size/MD5:  3015290 d32c63182c7b0eb4ef8eb8427d89ec65
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.6_i386.deb
      Size/MD5:   400386 0a10c201d957f574524d98d9e4b87df3

  armel architecture (ARM Architecture):

    https://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.6_armel.udeb
      Size/MD5:   532308 0532b6933c19ecb8ddf0cf502acdbef7
    https://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.6_armel.deb
      Size/MD5:  1935434 3b86a27ba4064993fa641b7a57700947
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8k-7ubuntu8.6_armel.deb
      Size/MD5:  1624860 cc66be850879a7506c83199a8307c0a8
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8k-7ubuntu8.6_armel.udeb
      Size/MD5:   115646 5f09e1585b7d8213a34c326e878d2855
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8k-7ubuntu8.6_armel.deb
      Size/MD5:   849808 fe1a2c9bb7fa58309897e2c74428565c
    https://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.6_armel.deb
      Size/MD5:   394134 6dae0590575a5d6cca5ec37bee48c3d0

  powerpc architecture (Apple Macintosh G3/G4/G5):

    https://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.6_powerpc.udeb
      Size/MD5:   627048 9cc7f8c9c8e834804f6b8ad9d4f038e1
    https://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.6_powerpc.deb
      Size/MD5:  2147450 1fa01d48576c59ece29b15e52067a061
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8k-7ubuntu8.6_powerpc.deb
      Size/MD5:  1718982 d8af42edbf4b9e0cd4e8a49db65d6c34
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8k-7ubuntu8.6_powerpc.udeb
      Size/MD5:   135572 9ceece261ebb15a1e736ea5a87936e29
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8k-7ubuntu8.6_powerpc.deb
      Size/MD5:   969796 9f000a8d471e6779147746d85bd672e2
    https://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.6_powerpc.deb
      Size/MD5:   402854 37d4422ee00a9fe04c6edb02d79652ae

  sparc architecture (Sun SPARC/UltraSPARC):

    https://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.6_sparc.udeb
      Size/MD5:   597970 be4c632244422acea148a8b46c6bd2d4
    https://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.6_sparc.deb
      Size/MD5:  2065588 5dcc87c24f3582085dd0c27a2dc6ca38
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8k-7ubuntu8.6_sparc.deb
      Size/MD5:  4094532 59af6b8697affcf4ee54d266f824c419
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8k-7ubuntu8.6_sparc.udeb
      Size/MD5:   125888 5bf540180404fc36f0ff593f26bbb4af
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8k-7ubuntu8.6_sparc.deb
      Size/MD5:  2354154 bfa9eab34e57f6066df484565a83ca62
    https://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.6_sparc.deb
      Size/MD5:   419326 a339be63d8d5721fb821278fc73917f8

Updated packages for Ubuntu 10.10:

  Source archives:

    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8o-1ubuntu4.4.debian.tar.gz
      Size/MD5:    93256 d842e047afa927d7b45707e5662299b4
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8o-1ubuntu4.4.dsc
      Size/MD5:     2113 a2453418b5f65205b4100fca4bbab478
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8o.orig.tar.gz
      Size/MD5:  3772542 63ddc5116488985e820075e65fbe6aa4

  Architecture independent packages:

    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl-doc_0.9.8o-1ubuntu4.4_all.deb
      Size/MD5:   645856 b87766f110e4001b91e52d831932293c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8o-1ubuntu4.4_amd64.udeb
      Size/MD5:   620310 4b921a5507e0d43d49f0959a40b6e698
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8o-1ubuntu4.4_amd64.deb
      Size/MD5:  2149904 1789acf946fa5fb29210c573e1c454a3
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8o-1ubuntu4.4_amd64.deb
      Size/MD5:  1550490 8890e9c5294c00c538bf8c33838e7223
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8o-1ubuntu4.4_amd64.udeb
      Size/MD5:   137390 46a1a45ee4b23451f504e80acf1f3e06
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8o-1ubuntu4.4_amd64.deb
      Size/MD5:   923110 2443af9e7f04a89766956a1897ef3109
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8o-1ubuntu4.4_amd64.deb
      Size/MD5:   406004 35ab88b06cc50111ee30876069e62618

  i386 architecture (x86 compatible Intel/AMD):

    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8o-1ubuntu4.4_i386.udeb
      Size/MD5:   570726 64d9207ff0f9808cdd1fd5f67a3a41b2
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8o-1ubuntu4.4_i386.deb
      Size/MD5:  2012646 e036571cd83edf3a270a6875edeb7b1d
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8o-1ubuntu4.4_i386.deb
      Size/MD5:  1553820 4351ce2cf1de859743b84302ea216adc
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8o-1ubuntu4.4_i386.udeb
      Size/MD5:   130530 a49a036f44e0e5144063c447099957b7
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8o-1ubuntu4.4_i386.deb
      Size/MD5:   866474 f7ce89e52baa2d29bf56303ef4ceb7fa
    https://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8o-1ubuntu4.4_i386.deb
      Size/MD5:   400060 96e4e0a0c894e0509f7b5b0834b7f76e

  armel architecture (ARM Architecture):

    https://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8o-1ubuntu4.4_armel.udeb
      Size/MD5:   566054 35f2b45ca48a64392522ec243d2e14aa
    https://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8o-1ubuntu4.4_armel.deb
      Size/MD5:  2014346 9b1bc7134c7e9b5c4c0fab38c3ccee17
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8o-1ubuntu4.4_armel.deb
      Size/MD5:  1542334 15db4641260fd3f9fc247b7e8be73f7c
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8o-1ubuntu4.4_armel.udeb
      Size/MD5:   120460 ac27441462cd80a6244c11475241c5fb
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8o-1ubuntu4.4_armel.deb
      Size/MD5:   850040 8b6242e95592404cfb5457b3a2fefb00
    https://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8o-1ubuntu4.4_armel.deb
      Size/MD5:   406494 697677cbc870e7c857246d14777573c1

  powerpc architecture (Apple Macintosh G3/G4/G5):

    https://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8o-1ubuntu4.4_powerpc.udeb
      Size/MD5:   616136 a3c28af9e2d1314e6486ce9c1aef1b59
    https://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8o-1ubuntu4.4_powerpc.deb
      Size/MD5:  2154734 f859e9290ca73eb92e34b160402c058f
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8o-1ubuntu4.4_powerpc.deb
      Size/MD5:  1618684 e729f6525a3b7180633d3b7f0ae78223
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8o-1ubuntu4.4_powerpc.udeb
      Size/MD5:   136090 f5ddcf671c6091f6bd42abf9cc5293d5
    https://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8o-1ubuntu4.4_powerpc.deb
      Size/MD5:   917686 f505d2f147fc42c1babb5767c0d89199
    https://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8o-1ubuntu4.4_powerpc.deb
      Size/MD5:   402036 45760e9ca5448f7e25696c90da53b244


Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close