Blog
Informativ, aktuell und spannend - der Oneconsult Cybersecurity Blog.
#OprahSSL Vulnerability – Oneconsult Security Advisory

Eine neue OpenSSL Verwundbarkeit namens #OprahSSL ermöglicht es jedem gültigen Zertifikat als Intermediate CA zu fungieren. Vollständiger Artikel auf Englisch:

A new OpenSSL vulnerability named #OprahSSL has recently surfaced, allowing any valid certificate to act as an intermediate CA and sign other (faked) certificates.

Impact
Due to the nature of the issue and the fact, that only the two most recent OpenSSL versions (1.0.1n, 1.0.1o, 1.0.2b & 1.0.2c), dating back only one month (the release of 1.0.1n and 1.0.2b was on 11 June, 2015), are affected, only a very limited number of systems seem to be impacted:

  • All 4 major browsers (Chrome, Firefox, IE & Safari) and smartphone operating systems do not use OpenSSL for their default connections and are therefore not affected
  • Server services are only affected if they use client certificates
  • The affected versions can currently only be found in test or pre-release versions like Ubuntu 15.10 alpha or rolling release distributions like Gentoo

Therefore most systems should be safe. The impact of the #OprahSSL vulnerability could have been a lot larger, but luckily the issue was discovered before it could become wide-spread.

Mitigation recommendation
If a system is affected, the OpenSSL library should be updated to version 1.0.1p or 1.0.2d.

This article was produced by our research team who analyzes and engineers new exploits and attack scenarios. Oneconsult AG has one of the largest teams of salaried and certified penetration testers in Switzerland. As a result of over 850 sophisticated penetration tests, we discover several dozen zero-day vulnerabilities per year.

Publiziert am: 10.07.2015

Teilen

Nie mehr Aktuelles über Cyber-Security-Themen verpassen? Dann abonnieren Sie jetzt unseren Newsletter

Autor

Keine Beschreibung verfügbar.

Nichts verpassen! Melden Sie sich für unseren kostenlosen Newsletter an.

Ihre Sicherheit hat höchste Priorität – unsere Spezialisten unterstützen Sie kompetent.

Erreichbarkeit von Montag bis Freitag 08.00 – 18.00 Uhr (Ausnahme: Kunden mit SLA – Bitte über die 24/7 IRR-Notfallnummer anrufen).

Privatpersonen wenden sich bitte an Ihren IT-Dienstleister des Vertrauens oder die lokale Polizeidienststelle.

Weitere Informationen zu unseren DFIR-Services finden Sie hier:

QR_CSIRT_2022@2x
CSIRT zu den Kontakten hinzufügen