FortiClient Vulnerability

OpenSSL CVE-2016-0798 Denial of Service Vulnerability

Description

Severity: LowThe SRP user database lookup method SRP_VBASE_get_by_user hadconfusing memory management semantics; the returned pointer was sometimes newlyallocated, and sometimes owned by the callee. The calling code has no way ofdistinguishing these two cases.Specifically, SRP servers that configure a secret seed to hide validlogin information are vulnerable to a memory leak: an attackerconnecting with an invalid username can cause a memory leak of around300 bytes per connection. Servers that do not configure SRP, orconfigure SRP but do not configure a seed are not vulnerable.In Apache, the seed directive is known as SSLSRPUnknownUserSeed.To mitigate the memory leak, the seed handling inSRP_VBASE_get_by_user is now disabled even if the user has configureda seed. Applications are advised to migrate toSRP_VBASE_get1_by_user. However, note that OpenSSL makes no strongguarantees about the indistinguishability of valid and invalidlogins. In particular, computations are currently not carried out inconstant time.This issue affects OpenSSL versions 1.0.2 and 1.0.1.OpenSSL 1.0.2 users should upgrade to 1.0.2gOpenSSL 1.0.1 users should upgrade to 1.0.1sThis issue was discovered on February 23rd 2016 by Emilia Ksper ofthe OpenSSL development team. Emilia Ksper also developed the fix.