socat security advisory 7, MSVR-1499: created new 2048bit DH modulus

This commit is contained in:
Gerhard Rieger 2016-01-29 11:32:36 +01:00
parent 2dee720b89
commit 20f5963f13
3 changed files with 46 additions and 18 deletions

23
CHANGES
View file

@ -1,8 +1,24 @@
security:
Socat security advisory 7
MSVR-1499
In the OpenSSL address implementation the hard coded 1024 bit DH p
parameter was not prime. The effective cryptographic strength of a key
exchange using these parameters was weaker than the one one could get by
using a prime p. Moreover, since there is no indication of how these
parameters were chosen, the existence of a trapdoor that makes possible
for an eavesdropper to recover the shared secret from a key exchange
that uses them cannot be ruled out.
Futhermore, 1024bit is not considered sufficiently secure.
Fix: generated a new 2048bit prime.
Thanks to Santiago Zanella-Beguelin and Microsoft Vulnerability
Research (MSVR) for finding and reporting this issue.
####################### V 2.0.0-b8: ####################### V 2.0.0-b8:
security: security:
CVE-2015-1379 Socat security advisory 6
CVE-2015-1379: Possible DoS with fork
Fixed problems with signal handling caused by use of not async signal Fixed problems with signal handling caused by use of not async signal
safe functions in signal handlers that could freeze socat, allowing safe functions in signal handlers that could freeze socat, allowing
denial of service attacks. denial of service attacks.
@ -418,6 +434,7 @@ testing:
####################### V 2.0.0-b7: ####################### V 2.0.0-b7:
security: security:
Socat security advisory 5
CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer
overflow with data from command line (see socat-secadv5.txt) overflow with data from command line (see socat-secadv5.txt)
Credits to Florian Weimer of the Red Hat Product Security Team Credits to Florian Weimer of the Red Hat Product Security Team
@ -425,6 +442,7 @@ security:
####################### V 2.0.0-b6: ####################### V 2.0.0-b6:
security: security:
Socat security advisory 4
CVE-2013-3571: CVE-2013-3571:
after refusing a client connection due to bad source address or source after refusing a client connection due to bad source address or source
port socat shutdown() the socket but did not close() it, resulting in port socat shutdown() the socket but did not close() it, resulting in
@ -436,6 +454,7 @@ security:
####################### V 2.0.0-b5: ####################### V 2.0.0-b5:
security: security:
Socat security advisory 3
CVE-2012-0219: CVE-2012-0219:
fixed a possible heap buffer overflow in the readline address. This bug fixed a possible heap buffer overflow in the readline address. This bug
could be exploited when all of the following conditions were met: could be exploited when all of the following conditions were met:
@ -450,6 +469,7 @@ security:
####################### V 2.0.0-b4: ####################### V 2.0.0-b4:
security: security:
Socat security advisory 2
CVE-2010-2799: CVE-2010-2799:
fixed a stack overflow vulnerability that occurred when command fixed a stack overflow vulnerability that occurred when command
line arguments (whole addresses, host names, file names) were longer line arguments (whole addresses, host names, file names) were longer
@ -935,6 +955,7 @@ further corrections:
####################### V 1.4.0.3: ####################### V 1.4.0.3:
security: security:
Socat security advisory 1
CVE-2004-1484: CVE-2004-1484:
fix to a syslog() based format string vulnerability that can lead to fix to a syslog() based format string vulnerability that can lead to
remote code execution. See advisory socat-adv-1.txt remote code execution. See advisory socat-adv-1.txt

View file

@ -2289,8 +2289,8 @@ gentestdsacert () {
#set -vx #set -vx
local name="$1" local name="$1"
if [ -s $name.key -a -s $name.crt -a -s $name.pem ]; then return; fi if [ -s $name.key -a -s $name.crt -a -s $name.pem ]; then return; fi
openssl dsaparam -out $name-dsa.pem 512 >/dev/null 2>&1 openssl dsaparam -out $name-dsa.pem 1024 >/dev/null 2>&1
openssl dhparam -dsaparam -out $name-dh.pem 512 >/dev/null 2>&1 openssl dhparam -dsaparam -out $name-dh.pem 1024 >/dev/null 2>&1
openssl req -newkey dsa:$name-dsa.pem -keyout $name.key -nodes -x509 -days 3653 -config $TESTCERT_CONF -out $name.crt >/dev/null 2>&1 openssl req -newkey dsa:$name-dsa.pem -keyout $name.key -nodes -x509 -days 3653 -config $TESTCERT_CONF -out $name.crt >/dev/null 2>&1
cat $name-dsa.pem $name-dh.pem $name.key $name.crt >$name.pem cat $name-dsa.pem $name-dh.pem $name.key $name.crt >$name.pem
} }

View file

@ -1045,20 +1045,27 @@ int
} }
{ {
static unsigned char dh1024_p[] = { static unsigned char dh2048_p[] = {
0xCC,0x17,0xF2,0xDC,0x96,0xDF,0x59,0xA4,0x46,0xC5,0x3E,0x0E, 0x00,0xdc,0x21,0x64,0x56,0xbd,0x9c,0xb2,0xac,0xbe,0xc9,0x98,0xef,0x95,0x3e,
0xB8,0x26,0x55,0x0C,0xE3,0x88,0xC1,0xCE,0xA7,0xBC,0xB3,0xBF, 0x26,0xfa,0xb5,0x57,0xbc,0xd9,0xe6,0x75,0xc0,0x43,0xa2,0x1c,0x7a,0x85,0xdf,
0x16,0x94,0xD8,0xA9,0x45,0xA2,0xCE,0xA9,0x5B,0x22,0x25,0x5F, 0x34,0xab,0x57,0xa8,0xf6,0xbc,0xf6,0x84,0x7d,0x05,0x69,0x04,0x83,0x4c,0xd5,
0x92,0x59,0x94,0x1C,0x22,0xBF,0xCB,0xC8,0xC8,0x57,0xCB,0xBF, 0x56,0xd3,0x85,0x09,0x0a,0x08,0xff,0xb5,0x37,0xa1,0xa3,0x8a,0x37,0x04,0x46,
0xBC,0x0E,0xE8,0x40,0xF9,0x87,0x03,0xBF,0x60,0x9B,0x08,0xC6, 0xd2,0x93,0x31,0x96,0xf4,0xe4,0x0d,0x9f,0xbd,0x3e,0x7f,0x9e,0x4d,0xaf,0x08,
0x8E,0x99,0xC6,0x05,0xFC,0x00,0xD6,0x6D,0x90,0xA8,0xF5,0xF8, 0xe2,0xe8,0x03,0x94,0x73,0xc4,0xdc,0x06,0x87,0xbb,0x6d,0xae,0x66,0x2d,0x18,
0xD3,0x8D,0x43,0xC8,0x8F,0x7A,0xBD,0xBB,0x28,0xAC,0x04,0x69, 0x1f,0xd8,0x47,0x06,0x5c,0xcf,0x8a,0xb5,0x00,0x51,0x57,0x9b,0xea,0x1e,0xd8,
0x4A,0x0B,0x86,0x73,0x37,0xF0,0x6D,0x4F,0x04,0xF6,0xF5,0xAF, 0xdb,0x8e,0x3c,0x1f,0xd3,0x2f,0xba,0x1f,0x5f,0x3d,0x15,0xc1,0x3b,0x2c,0x82,
0xBF,0xAB,0x8E,0xCE,0x75,0x53,0x4D,0x7F,0x7D,0x17,0x78,0x0E, 0x42,0xc8,0x8c,0x87,0x79,0x5b,0x38,0x86,0x3a,0xeb,0xfd,0x81,0xa9,0xba,0xf7,
0x12,0x46,0x4A,0xAF,0x95,0x99,0xEF,0xBC,0xA6,0xC5,0x41,0x77, 0x26,0x5b,0x93,0xc5,0x3e,0x03,0x30,0x4b,0x00,0x5c,0xb6,0x23,0x3e,0xea,0x94,
0x43,0x7A,0xB9,0xEC,0x8E,0x07,0x3C,0x6D, 0xc3,0xb4,0x71,0xc7,0x6e,0x64,0x3b,0xf8,0x92,0x65,0xad,0x60,0x6c,0xd4,0x7b,
0xa9,0x67,0x26,0x04,0xa8,0x0a,0xb2,0x06,0xeb,0xe0,0x7d,0x90,0xdd,0xdd,0xf5,
0xcf,0xb4,0x11,0x7c,0xab,0xc1,0xa3,0x84,0xbe,0x27,0x77,0xc7,0xde,0x20,0x57,
0x66,0x47,0xa7,0x35,0xfe,0x0d,0x6a,0x1c,0x52,0xb8,0x58,0xbf,0x26,0x33,0x81,
0x5e,0xb7,0xa9,0xc0,0xee,0x58,0x11,0x74,0x86,0x19,0x08,0x89,0x1c,0x37,0x0d,
0x52,0x47,0x70,0x75,0x8b,0xa8,0x8b,0x30,0x11,0x71,0x36,0x62,0xf0,0x73,0x41,
0xee,0x34,0x9d,0x0a,0x2b,0x67,0x4e,0x6a,0xa3,0xe2,0x99,0x92,0x1b,0xf5,0x32,
0x73,0x63
}; };
static unsigned char dh1024_g[] = { static unsigned char dh2048_g[] = {
0x02, 0x02,
}; };
DH *dh; DH *dh;
@ -1071,8 +1078,8 @@ int
} }
Error("DH_new() failed"); Error("DH_new() failed");
} else { } else {
dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); dh->p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); dh->g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
if ((dh->p == NULL) || (dh->g == NULL)) { if ((dh->p == NULL) || (dh->g == NULL)) {
while (err = ERR_get_error()) { while (err = ERR_get_error()) {
Warn1("BN_bin2bn(): %s", Warn1("BN_bin2bn(): %s",