Bugtraq mailing list archives

RSAREF2 buffer overflow patch

From: core.lists.bugtraq () CORE-SDI COM (Gerardo Richarte)
Date: Fri, 10 Dec 1999 22:24:01 -0300


    While exchanging emails with CERT about the problem in RSAREF2 they
told me that somebody anonymous observed that there may be problem on
the
patch we released for RSAREF2. Together we produced a new version of
this
patch, which you can find in
ftp://www.core-sdi.com/pub/patches/rsaref2.patch
or at the end of this email.
    While we [Core SDI S.A.] and the CERT are not aware of any exploit
that bypasses
the checks performed by the previous version, this new version is more
strict than the
other, so we recommend you to use it.
    We still think that RSAREF's problem need to be solved a little
better that with a
patch, but still this is more than what we can legally do... while it's
obligatory to use
RSAREF [only] in the USA, nobody can legally alter its sources, so be
careful when
changing them.

    richie

PS: You must apply this new patch to the original version of rsa.c.

--------------------------------------- rsaref2.patch
*** rsa.original.c Fri Mar 26 14:01:48 1994
--- rsa.c Fri Dec 10 12:56:34 1999
***************
*** 33,38 ****
--- 33,41 ----
    unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN];
    unsigned int i, modulusLen;

+   if (publicKey->bits > MAX_RSA_MODULUS_BITS)
+     return (RE_LEN);
+
    modulusLen = (publicKey->bits + 7) / 8;
    if (inputLen + 11 > modulusLen)
      return (RE_LEN);
***************
*** 78,83 ****
--- 81,89 ----
    unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
    unsigned int i, modulusLen, pkcsBlockLen;

+   if (publicKey->bits > MAX_RSA_MODULUS_BITS)
+     return (RE_LEN);
+
    modulusLen = (publicKey->bits + 7) / 8;
    if (inputLen > modulusLen)
      return (RE_LEN);
***************
*** 128,133 ****
--- 134,142 ----
    int status;
    unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
    unsigned int i, modulusLen;
+
+   if (privateKey->bits > MAX_RSA_MODULUS_BITS)
+     return (RE_LEN);

    modulusLen = (privateKey->bits + 7) / 8;
    if (inputLen + 11 > modulusLen)
***************
*** 168,173 ****
--- 177,185 ----
    unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
    unsigned int i, modulusLen, pkcsBlockLen;

+   if (privateKey->bits > MAX_RSA_MODULUS_BITS)
+     return (RE_LEN);
+
    modulusLen = (privateKey->bits + 7) / 8;
    if (inputLen > modulusLen)
      return (RE_LEN);


--
A390 1BBA 2C58 D679 5A71 - 86F9 404F 4B53 3944 C2D0
Investigacion y Desarrollo - CoreLabs - Core SDI
http://www.core-sdi.com

--- For a personal reply use gera () core-sdi com

Current thread:

Solaris sadmind Buffer Overflow Vulnerability, (continued)
- - - Solaris sadmind Buffer Overflow Vulnerability Alfred Huger (Dec 10)
  - Re: FTP denial of service attack bert hubert (Dec 07)
    - Re: FTP denial of service attack antirez () INVECE ORG (Dec 09)
  - Re: FTP denial of service attack Henrik Nordstrom (Dec 07)
    - Re: FTP denial of service attack Darren Reed (Dec 07)
    - Re: FTP denial of service attack Henrik Nordstrom (Dec 07)
    - Re: FTP denial of service attack Darren Reed (Dec 07)
  - Re: FTP denial of service attack Theo de Raadt (Dec 07)
    - Re: FTP denial of service attack Darren Reed (Dec 07)
  - Re: FTP denial of service attack Gregory A Lundberg (Dec 10)
  - RSAREF2 buffer overflow patch Gerardo Richarte (Dec 10)
- Re: new IE5 remote exploit Shane Hird (Dec 07)
- NT WinLogon VM contains plaintext password visible in admin mode Robert Horvick (Dec 07)
  - Re: NT WinLogon VM contains plaintext password visible in admin mode Chris Paget (Dec 08)
- [Debian] New version of sendmail released Aleph One (Dec 07)
- The money: protocol in Internet Explorer Richard M. Smith (Dec 20)
  - Re: The money: protocol in Internet Explorer David Litchfield (Dec 21)
- Remote D.o.S Attack in DNS PRO v5.7 WinNT From FBLI Software Vulnerability Ussr Labs (Dec 20)