FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- remotely exploitable crash in OpenSSL

Affected systems
6.3 <= FreeBSD < 6.3_10
6.4 <= FreeBSD < 6.4_4
7.0 <= FreeBSD < 7.0_12
7.1 <= FreeBSD < 7.1_5

Details

VuXML ID fbc8413f-2f7a-11de-9a3f-001b77d09812
Discovery 2009-03-25
Entry 2009-05-07
Modified 2009-05-13

Problem Description

The function ASN1_STRING_print_ex does not properly validate the lengths of BMPString or UniversalString objects before attempting to print them.

Impact

An application which attempts to print a BMPString or UniversalString which has an invalid length will crash as a result of OpenSSL accessing invalid memory locations. This could be used by an attacker to crash a remote application.

Workaround

No workaround is available, but applications which do not use the ASN1_STRING_print_ex function (either directly or indirectly) are not affected.

References

CVE Name CVE-2009-0590
FreeBSD Advisory SA-09:08.openssl