Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Multiple vulnerabilities in OpenSSL

0

0

Article ID: JSA10305 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 5.0
Legacy Advisory Id:
PSN-2003-09-012
Product Affected:
All releases of JUNOS Internet Software built prior to October 1, 2003, and all Releases 2.x and 3.x of the SDX provisioning software are affected.
Problem:
Several vulnerabilities have been identified in OpenSSL software. The following details are provided by the OpenSSL Project:
  • Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure, corrupting the stack. This vulnerability can be exploited to generate a denial-of-service attack. Currently, it is not known whether this can be exploited to run arbitrary code on the router or server.
  • Under certain circumstances, unusual ASN.1 tag values can cause an out of bounds read, resulting in a DoS vulnerability.
  • If the certificate verification code is set to ignore public key decoding errors, a malformed key in a certificate can cause the code to exit abnormally. Public key decoding errors are not normally ignored, except for debugging purposes, so this issue should not affect production code. Exploitation of an affected application would result in a denial of service vulnerability.
  • Because of an error in the SSL/TLS protocol handling, a server will process the contents of a certificate contained in a client's response, even if a certificate was not specifically requested by the server. While this is not, strictly speaking, a vulnerability, it does mean that all SSL/TLS servers that use OpenSSL can be attacked by exploiting the three vulnerabilities listed above even if they don't enable client authentication.
The OpenSSL code included in domestic versions of JUNOS Internet Software that runs on all M-series and T-series routers is susceptible to these vulnerabilities. The SSL library included in Releases 2.x and 3.x of SDX provisioning software for E-series routers is susceptible to these vulnerabilities.
Solution:
Corrected OpenSSL code provided by OpenSSL.org has been incorporated into the JUNOS and SDX source code repositories. All JUNOS and SDX software releases built on or after October 2, 2003, include the corrections.
Implementation:
Corrections for all the above vulnerabilities are included in all versions of JUNOS built on or after October 2, 2003. Customers can download corrected software from the Juniper Networks web site.

SDX software built on or after October 2, 2003, contains SSL libraries with corrected code. Contact JTAC for instructions on obtaining and installing the corrected code.
Severity Level:
High
Severity Assessment:
There are currently no known exploits for these vulnerabilites. If an exploit were developed, it would be possible to launch a denial-of-service (DoS) attack against an M-series or T-series router, or a server running the SDX software. It is possible that an attack could use these vulnerabilities to execute arbitrary code on the router or server.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search