—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Liebe Kolleginnen und Kollegen,
soeben erreichte uns nachfolgendes Sun Security Advisory. Wir geben
diese Informationen unveraendert an Sie weiter.
Bitte beachten Sie, dass dies ein Update des Advisories ist, das die
folgenden Aenderungen betrifft:
Mit diesem Update gibt Sun die Verfuegbarkeit von Patches fuer Solaris
10 bekannt.
CVE-2009-2404 / MFSA 2009-42 – Heap Overflow im Regex Parser der NSS
Bibliothek
Im Parser fuer regulaere Ausdruecke des Netscape Security Services (NSS)
Bibliothek laesst sich ein Heap Overflow durch entsprechend aufgebaute
Comon Names (CN) in X.509 Zertifikaten ausloesen. Ein Angreifer kann
diese Schwachstelle dazu ausnutzen, beliebigen Code mit den Rechten
des Benutzers auszufuehren, wenn dessen Anwendung ein entsprechendes
Zertifikat auswertet und dafuer die NSS Bibliothek verwendet.
CVE-2009-2408 / MFSA 2009-43 – Fehler bei der Auswertung von
Zertifikaten mit NULL Bytes in der NSS Bibliothek
Die Netscape Security Services Bibliothek (NSS) akzeptiert NULL
Zeichen im Domain Namen des CN-Felds eines Zertifikats. Ein Angreifer
kann diese Schwachstelle dazu ausnutzen, ein Zertifkat mit NULL
Zeichen zu konstruieren und damit vorgeben, dass sein Zertifikat zu
einer anderen Site gehoert. Allerdings muss er dazu sein Zertifikat von
einer vertrauenswuerdigen CA signieren lassen. Auf diese Weise kann er
Man-in-the-Middle Angriffe durchfuehren und an vertrauliche Daten des
Benutzers gelangen.
Betroffen sind die folgenden Software Pakete und Plattformen:
Mozilla Thunderbird
SPARC Plattform
* Solaris 10 vor Patch 125541-06
* OpenSolaris basierend auf den Builds snv_48 bis snv_124
x86 Plattform
* Solaris 10 vor Patch 125542-06
* OpenSolaris basierend auf den Builds snv_48 bis snv_124
Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.
Hersteller Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269468-1
(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.
Mit freundlichen Gruessen,
Klaus Moeller, DFN-CERT
– —
Dipl. Inform. Klaus Moeller (Incident Response Team)
Phone: +49 40 808077-555, Fax: +49 40 808077-556
DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrase 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski
17. DFN Workshop “Sicherheit in vernetzten Systemen” 09./10.02.2010
Informationen unter https://www.dfn-cert.de/veranstaltungen/workshop.html
Alert URL: http://sunsolve.sun.com/search/document.do?assetkey=1-66-269468-1
Sun Security Alert: 269468
Security Vulnerability in Mozilla Thunderbird Related to SSL
Certificates May Cause Arbitrary Code Execution
__________________________________________________________________
Category : Security
Release Phase : Resolved
Bug Id : 6880677, 6899624
Product : Solaris 10 Operating System
OpenSolaris
Date of Resolved Release : 16-Dec-2009
Security Vulnerability in Mozilla Thunderbird Related to SSL Certificates:
1. Impact
Security vulnerabilities in thunderbird(1) related to handling of SSL
server certificates
may allow remote SSL servers with crafted server certificates to
compromise an encrypted
communication or cause arbitrary code execution with the privileges of
a Thunderbird user.
The following Mozilla advisories describe the vulnerabilities:
http://www.mozilla.org/security/announce/2009/mfsa2009-42.html
http://www.mozilla.org/security/announce/2009/mfsa2009-43.html
Additional references:
CVE-2009-2404 at
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404
CVE-2009-2408 at
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408
2. Contributing Factors
These issues can occur in the following releases:
SPARC platform
* Solaris 10 without patch 125541-06
* OpenSolaris based upon builds snv_48 through snv_124
x86 Platform
* Solaris 10 without patch 125542-06
* OpenSolaris based upon builds snv_48 through snv_124
Note 1: Solaris 8 and Solaris 9 do not ship Thunderbird and therefore
are not affected by these issues.
Note 2: Thunderbird first shipped with Solaris 10 Update 4 (8/07) in
the SUNWthunderbird package.
Systems are only impacted by this issue if SUNWthunderbird is installed
on the system.
To determine if SUNWthunderbird is installed use :
$ pkginfo SUNWthunderbird
Note 3: OpenSolaris distributions may include additional bug fixes
above and beyond the build
from which it was derived. The base build can be derived as follows:
$uname -a
SunOS hostname 5.11 snv_86 i86pc i386 i86pc
3. Symptoms
There are no predictable symptoms that would indicate the described
issues have been exploited.
4. Workaround
There are no workarounds for this issue. Please refer to resolution
section below.
5. Resolution
These issues are addressed in the following releases:
SPARC platform
* Solaris 10 with patch 125541-06 or later
*
OpenSolaris based upon builds snv_125 or later
x86 Platform
* Solaris 10 with patch 125542-06 or later
*
OpenSolaris based upon builds snv_125 or later
For more information on Security Sun Alerts, see Technical Instruction
ID 213557:
http://sunsolve.sun.com/search/document.do?assetkey=1-61-213557-1
This Sun Alert notification is being provided to you on an “AS IS”
basis. This Sun Alert notification may contain information provided by
third parties. The issues described in this Sun Alert notification may
or may not impact your system(s). Sun makes no representations,
warranties, or guarantees as to the information contained herein. ANY
AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU
ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT
OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This
Sun Alert notification contains Sun proprietary and confidential
information. It is being provided to you pursuant to the provisions of
your agreement to purchase services from Sun, or, if you do not have
such an agreement, the Sun.com Terms of Use. This Sun Alert
notification may only be used for the purposes contemplated by these
agreements.
Copyright 2000-2009 Sun Microsystems, Inc., 4150 Network Circle, Santa
Clara, CA 95054 U.S.A. All rights reserved.
Modification History
26-Oct-2009: Updated Contributing Factors and Resolution sections. Now Resolved
.
27-Oct-2008: removed yesterday’s updates. Resolution patch not available.
01-Dec-2009: Updated BugID field.
16-Dec-2009: Updated Contributing Factors and Resolution sections. Resolved.
Attachments
This solution has no attachment
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFLMNLyk0kIxZMiiQ8RAigLAJ46seqYOhE/VARqJDq5ndFRSBgsxQCfRfzJ
a0knGLXHJT156vLvVfK69Qo=
=iQ1Y
—–END PGP SIGNATURE—–
