Multiple Transport Layer Security (TLS) implementations contain a vulnerability when renegotiating a TLS session that could allow an unauthenticated, remote attacker to conduct a man-in-the-middle attack. The vulnerability exists during a TLS renegotiation process. If an attacker can intercept traffic from a client to a TLS server, the attacker could stage a rogue TLS server to intercept that traffic and appear to authenticate the client to what the client thinks is the desired TLS server. The attacker is then able to authenticate to the legitimate TLS server and thus stage a man-in-the-middle attack. However, the attacker would not be able to view the contents of the session and would only be able to inject data or requests into it. Proof-of-concept code that exploits this vulnerability is publicly available. OpenSSL has confirmed this vulnerability in a changelog and released updated software. To exploit this vulnerability, the attacker must be able to intercept traffic from a TLS client to a TLS server. In many cases, this may require the attacker to have access to a network that is adjacent to the targeted user's system. Another possibility would be for the attacker to have access to a network that is adjacent to a legitimate TLS server. This vulnerability is likely to affect multiple implementations of TLS.
Mac OS X and Mac OS X Server 10.6.4
Security Update 2010-001 (Snow Leopard)
Java for Mac OS X 10.6 Update 3
Mac OS X and Mac OS X Server 10.5.8CentOS packages can be updated using the up2date or yum command.
Security Update 2010-001 Client (Leopard)
Security Update 2010-001 Server (Leopard)
Java for Mac OS X 10.5 Update 8
x86
HP System Management Homepage for Linux version 6.2
AMD64/EM64T
HP System Management Homepage for Linux version 6.2
x86/x64
HP System Management Homepage for Windows version 6.2
B.11.11 PA (32 and 64)
OpenSSL_A.00.09.08l.001
OpenSSL_A.00.09.08n.001_HP-UX_B.11.11_32+64.depot
Apache 2.0.59.13 PA-64-32-1111.depot
B.11.23 (PA and IA)IBM has released interim fixes at the following links: swg24025312 and swg24006386. IBM has released APARs at the following links: PK96157, PM12247, and PM10658. Users of the IBM JDK are advised to install JSSE APAR IZ65239. IBM has released updates at the following links: IBM developer kits, IBM DB2 version 9.1 Fix Pack 9, and IBM DB2 version 9.7 Fix Pack 2.
OpenSSL_A.00.09.08l.002
OpenSSL_A.00.09.08n.002_HP-UX_B.11.23_IA-PA.depot
Apache 2.0.59.13 IA-PA-32-1123.depot
Apache 2.0.59.13 IA-PA-64-1123.depot
B.11.31 (PA and IA)
OpenSSL_A.00.09.08l.003
OpenSSL_A.00.09.08n.003_HP-UX_B.11.31_IA-PA.depot
Apache 2.0.59.13 IA-PA-32-1131.depot
Apache 2.0.59.13 IA-PA-64-1131.depot
HP System Management Homepage
v6.1.0.102 or subsequent (for Windows)
v6.1.0-103 or subsequent (for Linux x86)
v6.1.0-103 or subsequent (for Linux AMD64/EM64T)
HP-UX B.11.31
JDK and JRE v6.0.07 or subsequent
JDK and JRE v5.0.20 or subsequent
SDK and JRE v1.4.2.25 or subsequent
JDK and JRE v6.0.09 or subsequent
JDK and JRE v5.0.21 or subsequent
HP-UX B.11.23
JDK and JRE v6.0.07 or subsequent
JDK and JRE v5.0.20 or subsequent
SDK and JRE v1.4.2.25 or subsequent
JDK and JRE v6.0.09 or subsequent
JDK and JRE v5.0.21 or subsequent
HP-UX B.11.11
JDK and JRE v6.0.07 or subsequent
JDK and JRE v5.0.20 or subsequent
SDK and JRE v1.4.2.25 or subsequent
JDK and JRE v6.0.09 or subsequent
JDK and JRE v5.0.21 or subsequent
HP Systems Insight Manager (SIM)
v6.1 or subsequent (for HP-UX, Linux, and Windows)
HP ProCurve Threat Management Services zl Module
Version ST.1.1.100430 or subsequent
CSWS_JAVA V3.2
HP has released updated software for registered users at the following link:
HP Onboard Administrator 3.50
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Version | Description | Section | Status | Date |
1.0 | Initial Release | NA | Final | 2009-Nov-05 |
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.