Vulnerability Details

OpenSSL Default Installation Paths Vulnerability (CVE-2019-1552) (Windows)

Published: 2019-08-14 06:03:58
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:L/AC:M/Au:N/C:N/I:P/A:N

Detection Type:
Remote Banner Unreliable

Solution Type:
Vendor Patch

Summary:
OpenSSL on Windows is prone to an insecure path defaults vulnerability.

Technical Details:
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix.

Affected Versions:
OpenSSL versions 1.0.2 through 1.0.2s, 1.1.0 through 1.1.0k and 1.1.1 through 1.1.1c on Windows.

Recommendations:
Apply the provided patches or update to a newer version.

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2019-1552

References:

https://www.openssl.org/news/secadv/20190730.txt
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9

Search
Severity
Low
CVSS Score
1.9

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.