Overview
The OpenSSL FIPS Module fails to perform auto-seeding, which may allow an attacker to predict pseudo-randomly generated data.
Description
OpenSSL is a toolkit that provides SSL and TLS protocols as well as a general purpose cryptography library. The OpenSSL FIPS Object Module provides an API for invoking FIPS-approved cryptographic functions. The OpenSSL FIPS Module fails to properly perform auto-seeding during the FIPS self-test. This causes the PRNG key and seed to correspond to the last self-test. The FIPS PRNG gets additional seed data from the date-time information only. |
Impact
An attacker may be able to predict pseudo-randomly generated data from OpenSSL. This can weaken the protection provided by OpenSSL's cryptography. |
Solution
Wait for an approved patched distribution This vulnerability is described in OpenSSL Security Advisory [29-Nov-2007]. This advisory describes the patches that demonstrate two different fixes for the vulnerability. However, FIPS 140-2 validation must be performed before the fixes can be incorporated into a validated module. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://www.openssl.org/news/secadv_20071129.txt
- http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#733
- http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf
- http://csrc.nist.gov/publications/fips/
- http://secunia.com/advisories/27859/
- http://www.securityfocus.com/bid/26652
- http://www.frsirt.com/english/advisories/2007/4044
- http://www.securitytracker.com/id?1019029
Acknowledgements
This vulnerability was reported by Geoff Lowe of Secure Computing Corporation.
This document was written by Will Dormann.
Other Information
| CVE IDs: | CVE-2007-5502 |
| Severity Metric: | 0.50 |
| Date Public: | 2007-11-30 |
| Date First Published: | 2008-01-03 |
| Date Last Updated: | 2008-01-03 16:27 UTC |
| Document Revision: | 5 |