Advisory #1 consist of the following vulnerabilities:
1. The client master key in SSL2 could be oversized and overrun a buffer. This vulnerability was also independently discovered by consultants at Neohapsis (http://www.neohapsis.com/) who have also demonstrated that the vulerability is exploitable. Exploit code is not available at this time.
2. The session ID supplied to a client in SSL3 could be oversized and overrun a buffer.
3. The master key supplied to an SSL3 server could be oversized and overrun a stack-based buffer. This issues only affects OpenSSL 0.9.7 before 0.9.7-beta3 with Kerberos enabled.
4. Various buffers for ASCII representations of integers were too small on 64 bit platforms.
Advisory #2 says that the ASN1 parser can be confused by supplying it with certain invalid encodings.
Both advisories can be found in the mentioned OpenSSL Security Advisory available over here:
CERT Advisory CA-2002-23 - Multiple Vulnerabilities In OpenSSL
* OpenSSL prior to 0.9.6e, up to and including pre-release 0.9.7-beta2
* OpenSSL pre-release 0.9.7-beta2 and prior with Kerberos enabled
* SSLeay library
Vendor security advisories:
Red Hat Security Advisory - Updated openssl packages fix remote vulnerabilities
EnGarde Secure Linux Advisory - Several vulnerabilities in the openssl library
Debian Security Advisory - Multiple OpenSSL problems
SuSE Security Announcement - openssl
Mandrake Linux Security Advisory - openssl
OpenSSL 0.9.6e is now available, including important bugfixes
2232012 Jul 30 13:16:45 2002 openssl-engine-0.9.6e.tar.gz [LATEST]
2158566 Jul 30 13:07:56 2002 openssl-0.9.6e.tar.gz [LATEST
Combined patches for OpenSSL 0.9.6d:
Combined patches for OpenSSL 0.9.7 beta 2: