Vigil@nce: NetBSD, denial of service via SHA2
August 2009 by Vigil@nce
Applications using the SHA-256/SHA-512 implementation of NetBSD
are potentially unstable.
Severity: 2/4
Consequences: privileged access/rights, denial of service of
service
Provenance: user shell
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 29/07/2009
IMPACTED PRODUCTS
– NetBSD
DESCRIPTION OF THE VULNERABILITY
The SHA-1 hash algorithm is progressively replaced by SHA-224,
SHA-256, SHA-384 and SHA-512.
The SHA256_Init() function (respectively SHA512_Init) initializes
the current state and the buffer storing blocks. However, the size
used by the memset() function is larger of 4 bytes (8 bytes). Null
bytes are thus written in the memory area located after the SHA
context.
Depending on the program, this error can stop the application, and
may lead to code execution. Applications using SHA-256/SHA-512
(SSH, audit, signed packages) are potentially vulnerable.
CHARACTERISTICS
Identifiers: BID-35853, NetBSD-SA2009-012, VIGILANCE-VUL-8900
http://vigilance.fr/vulnerability/NetBSD-denial-of-service-via-SHA2-8900