OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Ed Moyle (emoylescsnet.csc.com)
Date: Mon Feb 25 2002 - 10:28:58 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Howdy.

    I am currently in the process of writing this up, and I'd like a second opinion on exploitability (modssl team fixed w/ Sat's release):

    (mod_ssl < 2.8.7) (www.modssl.org)

    ssl_util_ssl.h:

    > #define SSL_SESSION_MAX_DER 1024*10

    ssl_scache_dbm.c:

    > BOOL ssl_scache_dbm_store(server_rec *s, UCHAR *id, int idlen, time_t expiry, SS
    > L_SESSION *sess) {

    <snip>

    > UCHAR ucaData[SSL_SESSION_MAX_DER];

    <snip>

    > ucp = ucaData;
    > nData = i2d_SSL_SESSION(sess, &ucp);

    relevant openssl docs (from http://www.openssl.org/docs/ssl/d2i_SSL_SESSION.html):

    > When using i2d_SSL_SESSION(), the memory location pointed to by pp must be large enough to hold the
    > binary representation of the session. There is no known limit on the size of the created ASN1
    > representation, so the necessary amount of space should be obtained by first calling
    > i2d_SSL_SESSION() with pp=NULL, and obtain the size needed, then allocate the memory and call
    > i2d_SSL_SESSION() again.

    I contend that the only way to exploit this is to generate a trusted client cert that has embedded shell code in it (a difficult task at best). Can anybody out there in the vast wide ether provide other opinions on exploitability scenarios?

    -E