HTTP: OpenSSL c_rehash Script Command Injection
This signature detects attempts to exploit a known vulnerability against Openssl. A successful attack can lead to command injection and arbitrary code execution
Extended Description
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).
Affected Products
Fedoraproject fedora
References
CVE: CVE-2022-2068
Short Name
HTTP:CTS:OPENSSL-REHASH-CMD-INJ
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2022-1292 CVE-2022-2068 Command Injection OpenSSL Script c_rehash
Release Date
06/21/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3655
False Positive
Unknown
Vendors
Oracle
Fedoraproject
Netapp
Openssl
Debian