FortiClient Vulnerability

OpenSSL CVE-2017-3737 Out of Bounds Read Vulnerability

Description

Severity: ModerateOpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state"mechanism. The intent was that if a fatal error occurred during a handshake thenOpenSSL would move into the error state and would immediately fail if youattempted to continue the handshake. This works as designed for the explicithandshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()),however due to a bug it does not work correctly if SSL_read() or SSL_write() iscalled directly. In that scenario, if the handshake fails then a fatal errorwill be returned in the initial function call. If SSL_read()/SSL_write() issubsequently called by the application for the same SSL object then it willsucceed and the data is passed without being decrypted/encrypted directly fromthe SSL/TLS record layer.In order to exploit this issue an application bug would have to be present thatresulted in a call to SSL_read()/SSL_write() being issued after having alreadyreceived a fatal error.This issue does not affect OpenSSL 1.1.0.OpenSSL 1.0.2 users should upgrade to 1.0.2nThis issue was reported to OpenSSL on 10th November 2017 by David Benjaminof the OpenSSL development team.