The real threat here is to anything that processes security tokens (X.509 Certificates, DER keys, and CRLs) and this list includes all SSH & TLS enabled products (including mail clients and servers, browsers, web servers, ftp clients and servers, ssh clients and servers, PGP, GPG, and several other product families).

This is not a big surprise, considering that the lowly buffer overflow bug is the most detected security "hole" in the majority of CERT advisories.

The big question is how many ASN.1 compilers generate tight code that drops "bad" ASN.1 and how many need to be hardened and what downstream products that change will affect.

I expect to see more cracking in this area, especially against products with a very large installed base.

I think it is VERY important not to criticize the ASN.1 protocol, which has been very stable and around for 30 years now. The problem is in the ASN.1 compilers. Similar bugs have been found in C compilers over the years, but without the possible "Public" exposure (and certainly without the press!).

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/474/13101#13101