Advisory #1 consist of the following vulnerabilities:
1. The client master key in SSL2 could be oversized and overrun a buffer. This vulnerability was also independently discovered by consultants at Neohapsis (http://www.neohapsis.com/) who have also demonstrated that the vulerability is exploitable. Exploit code is not available at this time.
2. The session ID supplied to a client in SSL3 could be oversized and overrun a buffer.
3. The master key supplied to an SSL3 server could be oversized and overrun a stack-based buffer. This issues only affects OpenSSL 0.9.7 before 0.9.7-beta3 with Kerberos enabled.
4. Various buffers for ASCII representations of integers were too small on 64 bit platforms.
Advisory #2 says that the ASN1 parser can be confused by supplying it with certain invalid encodings.
Both advisories can be found in the mentioned OpenSSL Security Advisory available over here:
CERT Advisory CA-2002-23 - Multiple Vulnerabilities In OpenSSL
* OpenSSL prior to 0.9.6e, up to and including pre-release 0.9.7-beta2
* OpenSSL pre-release 0.9.7-beta2 and prior with Kerberos enabled
* SSLeay library
Vendor security advisories:
Red Hat Security Advisory - Updated openssl packages fix remote vulnerabilities
EnGarde Secure Linux Advisory - Several vulnerabilities in the openssl library
Debian Security Advisory - Multiple OpenSSL problems
SuSE Security Announcement - openssl
Mandrake Linux Security Advisory - openssl
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.