PROBLEM:
RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code
PLATFORM:
RSA BSAFE SSL-C prior to 2.8.6
ABSTRACT:
RSA BSAFE SSL-C Multiple Vulnerabilities
reference LINKS:
Secunia Advisory SA50601
SecurityTracker Alert ID: 1027514
SecurityTracker Alert ID: 1027513
CVE-2011-3389
CVE-2012-2110
CVE-2012-2131
IMPACT ASSESSMENT:
High
Discussion:
EMC has acknowledged a weakness and a vulnerability in RSA BSAFE, which can be exploited by malicious people to disclose sensitive information, hijack a user's session, and potentially compromise an application using the library.
A remote user with the ability to conduct a man-in-the-middle attack can decrypt SSL/TLS sessions [CVE-2011-3389].
A remote user can send specially crafted data to the target application using BSAFE SSL-C to potentially trigger a heap overflow in the asn1_d2i_read_bio() function and execute arbitrary code on the target system [CVE-2012-2110, CVE-2012-2131]. The code will run with the privileges of the target application.
Impact:
A remote user with the ability to conduct a man-in-the-middle attack can decrypt SSL/TLS sessions.
A remote user can execute arbitrary code on the target system.
Solution:
The vendor has issued a fix (BSAFE SSL-C 2.8.6).