|
| |
|
Security Intelligence Operations
Transport Layer Security Renegotiation Remote Man-in-the-Middle Attack Vulnerability |
| |
| Vulnerability Alert | Powered by  |
|
|
| Threat Type: | Exploit Host or Network Trust: Exploit System Trust |
|
| IntelliShield ID: | 19361 |
| Version: | 12 |
| First Published: | November 05, 2009 02:53 PM EST |
| Last Published: | November 24, 2009 10:51 AM EST |
| Vector: | Network |
| Authentication: | None |
| Exploit: | Proof-of-Concept |
| Port: |
Not Available
|
| CVE: | CVE-2009-3555 |
| BugTraq ID: | 36935 |
| |
| Urgency: |
Unlikely Use
|  |
| Credibility: |
Confirmed
|  |
| Severity: |
Mild Damage
|  |
| CVSS Base: | 4.3 |
CVSS Calculator
CVSS Version 2
|
| CVSS Temporal: | 3.4 |
|
|
| |
| Version Summary: | Sun has re-released an alert notification with Interim Security Relief to address the Transport Layer Security renegotiation remote man-in-the-middle attack vulnerability. MontaVista has also released a security alert and updated software to address this vulnerability. |
| |
| |
| Description |
|
Multiple TLS implementations contain a vulnerability when renegotiating a Transport Layer Security (TLS) session that could allow an unauthenticated, remote attacker to conduct a man-in-the-middle attack.
The vulnerability exists during a TLS renegotiation process. If an attacker can intercept traffic from a client to a TLS server, the attacker could stage a rogue TLS server to intercept that traffic and appear to authenticate the client to what the client thinks is the desired TLS server. The attacker is then able to authenticate to the legitimate TLS server and thus stage a man-in-the-middle attack. However, the attacker would not be able to view the contents of the session and would only be able to inject data or requests into it.
Proof-of-concept code that exploits this vulnerability is publicly available.
OpenSSL has confirmed this vulnerability in a changelog and released updated software. |
| |
| Warning Indicators |
|
The following implementations are vulnerable:
OpenSSL versions prior to version 0.9.8l
GnuTLS versions 2.8.5 and prior |
| |
| IntelliShield Analysis |
|
To exploit this vulnerability, the attacker must be able to intercept traffic from a TLS client to a TLS server. In many cases, this may require the attacker to have access to a network that is adjacent to the targeted user's system. Another possibility would be for the attacker to have access to a network that is adjacent to a legitimate TLS server.
This vulnerability is likely to affect multiple implementations of TLS. |
| |
 Vendor Announcements |
|
Cisco has re-released a security advisory at the following link: cisco-sa-20091109-tls. This advisory contains associated bug ID numbers; however, these numbers are likely to change as products are confirmed vulnerable or not vulnerable.
Citrix has released security advisories at the following link: CTX123359
MontaVista Software has released a security alert for registered users on November 20, 2009, at the following link: MontaVista Security Fixes
Red Hat has released security advisories at the following links: RHSA-2009:1579 and RHSA-2009:1580
Sun has re-released an alert notification at the following link: 273029
US-CERT has released a vulnerability note at the following link: VU#120541 |
|
| |
| Impact |
|
An unauthenticated, remote attacker could exploit this vulnerability to stage a man-in-the-middle attack. This could allow the attacker to obtain sensitive information, such as authentication credentials, from the targeted user. |
| |
| Technical Information |
|
By intercepting client traffic during a TLS renegotiation event, an unauthenticated, remote attacker could cause a TLS client to connect to a rogue TLS server rather than the legitimate one. The attacker can then connect to the legitimate TLS server using an anonymous TLS connection. After the rogue TLS server connects to the legitimate one, the attacker has staged a man-in-the-middle attack. However, the attacker could not view the information in the session, but would be limited to adding data or requests to it. |
| |
| Safeguards |
|
Administrators are advised to apply the appropriate updates.
Administrators are advised to physically secure internal networks and use switches rather than hubs to route the data.
Administrators are advised to run both firewall and antivirus applications to minimize the potential of inbound and outbound threats. |
| |
| Patches/Software |
|
OpenSSL has released updated software at the following link: openssl-0.9.8l.tar.gz
Apache has released a patch at the following link: CVE-2009-3555-2.2.patch
CentOS packages can be updated using the up2date or yum command.
MontaVista has released updated software at the following link:
PRO 5.0
Red Hat packages can be updated using the up2date or yum command.
Sun has released Interim Security Relief (ISR) at the following links:
SPARC
Solaris 10 IDR141981-01
Intel
Solaris 10 IDR141982-01 |
|
| |
| Alert History |
| |
Version 11, November 20, 2009, 3:13 PM: Sun has released an alert notification to address the Transport Layer Security renegotiation remote man-in-the-middle attack vulnerability.
Version 10, November 19, 2009, 6:23 PM: Cisco has re-released a security advisory to address additional products that are affected by the Transport Layer Security renegotiation remote man-in-the-middle attack vulnerability.
Version 9, November 17, 2009, 4:06 PM: Cisco has re-released a security advisory to address additional products that are affected by the Transport Layer Security renegotiation remote man-in-the-middle attack vulnerability.
Version 8, November 16, 2009, 10:01 AM: CentOS has released additional updated packages to address the Transport Layer Security renegotiation remote man-in-the-middle attack vulnerability.
Version 7, November 13, 2009, 10:57 AM: CentOS has released updated packages to address the Transport Layer Security renegotiation remote man-in-the-middle attack vulnerability.
Version 6, November 12, 2009, 8:18 AM: Red Hat has released additional security advisories and updated packages to address the Transport Layer Security renegotiation remote man-in-the-middle attack vulnerability.
Version 5, November 11, 2009, 2:54 PM: Apache has confirmed that it is affected by the Transport Layer Security renegotiation remote man-in-the-middle attack vulnerability. Citrix has released a security advisory for this vulnerability.
Version 4, November 9, 2009, 12:44 PM: Cisco Systems has released a security advisory regarding the Transport Layer Security renegotiation remote man-in-the-middle attack vulnerability.
Version 3, November 6, 2009, 8:43 AM: Proof-of-concept code that exploits the Transport Layer Security renegotiation remote man-in-the-middle attack vulnerability is publicly available.
Version 2, November 5, 2009, 4:33 PM: Multiple TLS implementations are affected by the Transport Layer Security renegotiation remote man-in-the-middle attack vulnerability. Additional technical information is also available.
Version 1, November 5, 2009, 2:53 PM: OpenSSL contains a vulnerability when renegotiating a Transport Layer Security session that could allow an unauthenticated, remote attacker to conduct a man-in-the-middle attack. Updates are available. |
|
Product Sets |
| |
The security vulnerability applies to the following combinations of products.
| Associated Products: |
| Apache Software Foundation | Apache HTTP Server | 1.3.30 Base | 1.3.31 Base | 1.3.32 Base | 1.3.33 Base | 1.3.34 Base | 1.3.35 Base | 1.3.36 Base | 1.3.37 Base | 1.3.39 Base | 1.3.41 Base | 2.0.45 Base | 2.0.46 Base | 2.0.47 Base | 2.0.48 Base | 2.0.49 Base | 2.0.50 Base | 2.0.51 Base | 2.0.52 Base | 2.0.53 Base | 2.0.54 Base | 2.0.55 Base | 2.0.56 Base | 2.0.57 Base | 2.0.58 Base | 2.0.59 Base | 2.0.61 Base | 2.0.63 Base | 2.2 .0, .1, .10, .11, .2, .3, .4, .6, .7, .8, .9 |
| CentOS Project | CentOS | 3 .0 i386, .0 x86_64 | 4 .0 i386, .0 x86_64, .1 i386, .1 x86_64, .2 i386, .2 x86_64, .3 i386, .3 x86_64, .4 i386, .4 x86_64, .5 i386, .5 x86_64, .6 i386, .6 x86_64, .7 i386, .7 x86_64 | 5 .0 i386, .0 x86_64, .1 i386, .1 x86_64, .2 i386, .2 x86_64 |
| Cisco | Adaptive Security Appliances Firmware (ASA) | 7.0 .1, .1.4, .2, .3, .4, .4.2, .5, .6, .7, .7.1, .8, Base | 7.1 .2, .2.61, .2.81 | 7.2 .1, .2, .2.34, .3, .3.1, .4, .4.27, .4.30 | 8.0 .1.2, .2, .2.11, .3, .4, .4.25, .4.28, .4.32, .4.33 | 8.1 .1, .2, .2.15, .2.16, .2.19, .2.23, .2.24, Base | 8.2 .0.45 |
| Cisco | Application Velocity System (AVS) | 4.0 Base | 5.0 .1, .2, .2-13, .3-8, Base | 6.0 .2, .3, Base |
| Cisco | Cisco ACE 4700 Series Application Control Engine A | 3.0(0) A1(7a), A1(7b), A1(8.0), A1(8.0a), A3(0.0.84), A3(0.0.90), A3(1.0), A3(2.1) |
| Cisco | Cisco ACE 4700 Series Application Control Engine M | 3.0(0) A1(2), A2(1.0), A2(1.1), A2(1.2), A2(1.3) |
| Cisco | Cisco Global Site Selector (GSS) | 1.0 .1, Base | 1.1 .1, Base | 1.2 .1, .2, Base | 1.3 .0, .1, .2, .3 | 2.0 .0, .1, .2, .2.1, .3, .3.0.31, .4 | 3.0 .0, .1, .2 |
| Cisco | Cisco NX-OS | 4.0 (1), (1a), Base |
| Cisco | Cisco Secure Access Control Server (ACS) | 2.4 Base | 2.6.3.2 Base | 2.6.4.4 Base | 3.0 Base | 3.0.1.40 Base | 3.0.3.6 Base | 3.1 .2, Base | 3.1.1 Base | 3.2 Base | 3.2.1 Base | 3.2.2 Base | 3.2.3 Base | 3.2 (1.20) Base | 3.2 (1) Base | 3.2 (2) Base | 3.2 (3) Base | 3.3 Base | 3.3.1 .16, Base | 3.3.2 .2, Base | 3.3.3 .11 | 3.3 (1) Base | 4.0 .1.27, .1.42, .1.44, .1.49, Base | 4.1 .1.1, .1.23, .1.23.3, .3.12, .4.13, .4.13.1, .4.13.10 | 4.2 .0.124 | Original Release Base |
| Cisco | Cisco Telepresence | 1.1 .1 | 1.2 .0, .1, .2 |
| Cisco | Cisco Wireless Control System Software (WCS) | 1.0 Base | 2.0 44.14, 44.24, Base | 2.2 .0, .111.0 | 3.0 .101.0 , .105.0, Base | 3.1 .20.0, .33.0, .35.0, Base | 3.2 .23.0, .25.0, .40.0, .51.0, .64.0, Base | 4.0 .1.0, .43.0, .66.0, .81.0, .87.0, .96.0, .97.0, Base | 4.1 .83.0, .91.0, Base | 4.2 .62.0, .62.11, Base |
| Cisco | Cisco Wireless LAN Controller | 3.0 Base | 3.1 .105.0, .111.0, .59.24 | 3.2 .116.21, .150.10, .150.6, .171.5, .171.6, .185.0, .193.5, .195.10, .78.0 | 4.0 .108, .155.0, .155.5, .179.11, .179.8, .196, .206.0, .217.0, .219.0 | 4.1 .171.0, .181.0, .185.0, Base | 4.2 .112.0, .117.0, .130.0, .173.0, .174.0, .176.0, .182.0, .61.0, .99.0, Base | 5.0 .148.0, .148.2 | 5.1 .151.0, .152.0, .160.0 | 5.2 .157.0, .169.0 |
| Cisco | CiscoWorks Common Services (CWCS) | 1.0 Base | 2.2 Base | 2.3 Base | 3.0 .3, .4, .5, .6, Base | 3.1 .1, Base | 3.2 Base |
| Cisco | CiscoWorks Wireless LAN Solution Engine (WLSE) | 1.0 Base | 1.1 Base | 1.3 Base | 2.0 .2, Base | 2.11 Base | 2.12 Base | 2.13 Base | 2.14 Base | 2.15 Base | 2.5 Base | 2.7 .1, Base | 2.9 .1a, Base | 3.0 Base |
| Cisco | Content Services Switch (CSS) | 11500 5.0, 6.10, 7.1, 7.2, 7.3, 7.4, 7.5, 8.10, Base |
| Cisco | Firewall Services Module (FWSM) | 1.1 .2, .3, .4 | 2.1 .1, Base | 2.2 .1, Base | 2.3 .1, .2, .3, .3(2), .4, .4(7) | 3.1 .1, .1(2), .1(3), .1(4), .1(5), .1(6), .1(7), .10, .11, .12, .13, .2, .3, .3(1), .3(11), .3(18), .3(3), .4, .5, .6, .7, .8, .9, Base | 3.2 .1, .10, .2, .3, .4, .5, .6, .7, .8, .9, Base | 4.0 .1, .2, .3 |
| Cisco | IOS | 12 Base | 12.0 Base | 12.0D Base | 12.0DA Base | 12.0DB Base | 12.0DC Base | 12.0S Base | 12.0SC Base | 12.0SL Base | 12.0SP Base | 12.0ST Base | 12.0SV Base | 12.0SW Base | 12.0SX Base | 12.0SY Base | 12.0SYA Base | 12.0SZ Base | 12.0T Base | 12.0W Base | 12.0W5 Base | 12.0WC Base | 12.0WT Base | 12.0WX Base | 12.0X Base | 12.0XA Base | 12.0XB Base | 12.0XC Base | 12.0XD Base | 12.0XE Base | 12.0XF Base | 12.0XG Base | 12.0XH Base | 12.0XI Base | 12.0XJ Base | 12.0XK Base | 12.0XL Base | 12.0XM Base | 12.0XN Base | 12.0XP Base | 12.0XQ Base | 12.0XR Base | 12.0XS Base | 12.0XT Base | 12.0XU Base | 12.0XV Base | 12.0XW Base | 12.1 Base | 12.1.0 Base | 12.1.0.0 Base | 12.1A Base | 12.1AA Base | 12.1AX Base | 12.1AY Base | 12.1AZ Base | 12.1CX Base | 12.1D Base | 12.1DA Base | 12.1DB Base | 12.1DC Base | 12.1E Base | 12.1EA Base | 12.1EB Base | 12.1EC Base | 12.1EO Base | 12.1EU Base | 12.1EV Base | 12.1EW Base | 12.1EX Base | 12.1EY Base | 12.1EZ Base | 12.1GA Base | 12.1GB Base | 12.1OS Base | 12.1T Base | 12.1X Base | 12.1XA Base | 12.1XB Base | 12.1XC Base | 12.1XD Base | 12.1XE Base | 12.1XF Base | 12.1XG Base | 12.1XH Base | 12.1XI Base | 12.1XJ Base | 12.1XK Base | 12.1XL Base | 12.1XM Base | 12.1XN Base | 12.1XO Base | 12.1XP Base | 12.1XQ Base | 12.1XR Base | 12.1XS Base | 12.1XT Base | 12.1XU Base | 12.1XV Base | 12.1XW Base | 12.1XX Base | 12.1XY Base | 12.1XZ Base | 12.1Y Base | 12.1YA Base | 12.1YB Base | 12.1YC Base | 12.1YD Base | 12.1YE Base | 12.1YF Base | 12.1YH Base | 12.1YI Base | 12.1YJ Base | 12.2 Base, Base | 12.2B Base | 12.2BC Base | 12.2BW Base | 12.2BX Base | 12.2BY Base | 12.2BZ Base | 12.2C Base | 12.2CX Base | 12.2CY Base | 12.2CZ Base | 12.2D Base | 12.2DA Base | 12.2DD Base | 12.2DX Base | 12.2E Base | 12.2EU Base | 12.2EW Base | 12.2EWA Base | 12.2EX Base | 12.2EY Base | 12.2EZ Base | 12.2F Base | 12.2FX Base | 12.2FY Base | 12.2FZ Base | 12.2IRA Base | 12.2IRB Base | 12.2IXA Base | 12.2IXB Base | 12.2IXC Base | 12.2IXD Base | 12.2IXE Base | 12.2IXF Base | 12.2IXG Base | 12.2J Base | 12.2JA Base | 12.2JK Base | 12.2M Base | 12.2MB Base | 12.2MC Base | 12.2MX Base | 12.2S Base | 12.2SB Base | 12.2SBA Base | 12.2SBB Base | 12.2SBC Base | 12.2SCA Base | 12.2SCB Base | 12.2SE Base | 12.2SEA Base | 12.2SEB Base | 12.2SEC Base | 12.2SED Base | 12.2SEE Base | 12.2SEF Base | 12.2SEG Base | 12.2SG Base | 12.2SGA Base | 12.2SH Base | 12.2SL Base | 12.2SM Base | 12.2SO Base | 12.2SQ Base | 12.2SRA Base | 12.2SRB Base | 12.2SRC Base | 12.2SRD Base | 12.2STE Base | 12.2SU Base | 12.2SV Base | 12.2SVA Base | 12.2SVC Base | 12.2SVD Base | 12.2SVE Base | 12.2SW Base | 12.2SX Base | 12.2SXA Base | 12.2SXB Base | 12.2SXD Base | 12.2SXE Base | 12.2SXF Base | 12.2SXH Base | 12.2SXI Base | 12.2SY Base | 12.2SZ Base | 12.2T Base | 12.2T6 Base | 12.2tpc Base | 12.2UZ Base | 12.2V Base | 12.2VZ Base | 12.2X Base | 12.2XA Base | 12.2XB Base | 12.2XC Base | 12.2XD Base | 12.2XE Base | 12.2XF Base | 12.2XG Base | 12.2XH Base | 12.2XI Base | 12.2XJ Base | 12.2XK Base | 12.2XL Base | 12.2XM Base | 12.2XN Base | 12.2XNA Base | 12.2XNB Base | 12.2XNC Base | 12.2XND Base | 12.2XO Base | 12.2XQ Base | 12.2XR Base | 12.2XS Base | 12.2XT Base | 12.2XU Base | 12.2XV Base | 12.2XW Base | 12.2XZ Base | 12.2Y Base | 12.2YA Base | 12.2YB Base | 12.2YC Base | 12.2YD Base | 12.2YE Base | 12.2YF Base | 12.2YG Base | 12.2YH Base | 12.2YJ Base | 12.2YK Base | 12.2YL Base | 12.2YM Base | 12.2YN Base | 12.2YO Base | 12.2YP Base | 12.2YQ Base | 12.2YR Base | 12.2YS Base | 12.2YT Base | 12.2YU Base | 12.2YV Base | 12.2YW Base | 12.2YX Base | 12.2YY Base | 12.2YZ Base | 12.2Z Base | 12.2ZA Base | 12.2ZB Base | 12.2ZC Base | 12.2ZD Base | 12.2ZE Base | 12.2ZF Base | 12.2ZG Base | 12.2ZH Base | 12.2ZI Base | 12.2ZJ Base | 12.2ZJ3 Base | 12.2ZK Base | 12.2ZL Base | 12.2ZN Base | 12.2ZO Base | 12.2ZP Base | 12.2ZR Base | 12.2ZT Base | 12.2ZU Base | 12.2ZV Base | 12.2ZW Base | 12.2ZX Base | 12.2ZY Base | 12.2ZYA Base | 12.3 Base, T | 12.3B Base | 12.3BC Base | 12.3BW Base | 12.3JA Base | 12.3JEA Base | 12.3JEB Base | 12.3JEC Base | 12.3JK Base | 12.3JL Base | 12.3JX Base | 12.3T Base | 12.3T4 Base | 12.3T6 Base | 12.3TPC Base | 12.3VA Base | 12.3X Base | 12.3XA Base | 12.3XB Base | 12.3XC Base | 12.3XD Base | 12.3XE Base | 12.3XF Base | 12.3XG Base | 12.3XH Base | 12.3XI Base | 12.3XJ Base | 12.3XK Base | 12.3XL Base | 12.3XM Base | 12.3XN Base | 12.3XQ Base | 12.3XR Base | 12.3XS Base | 12.3XT Base | 12.3XU Base | 12.3XV Base | 12.3XW Base | 12.3XX Base | 12.3XY Base | 12.3XZ Base | 12.3YA Base | 12.3YB Base | 12.3YC Base | 12.3YD Base | 12.3YE Base | 12.3YF Base | 12.3YG Base | 12.3YH Base | 12.3YI Base | 12.3YJ Base | 12.3YK Base | 12.3YL Base | 12.3YM Base | 12.3YN Base | 12.3YQ Base | 12.3YR Base | 12.3YS Base | 12.3YT Base | 12.3YU Base | 12.3YW Base | 12.3YX Base | 12.3YZ Base | 12.3ZA Base | 12.3ZB Base | 12.4 Base | 12.4EB Base | 12.4JA Base | 12.4JDA Base | 12.4JK Base | 12.4JL Base | 12.4JMA Base | 12.4JMB Base | 12.4JX Base | 12.4JY Base | 12.4MC Base | 12.4MD Base | 12.4MR Base | 12.4SW Base | 12.4T Base | 12.4X Base | 12.4XA Base | 12.4XB Base | 12.4XC Base | 12.4XD Base | 12.4XE Base | 12.4XF Base | 12.4XG Base | 12.4XJ Base | 12.4XK Base | 12.4XL Base | 12.4XM Base | 12.4XN Base | 12.4XP Base | 12.4XQ Base | 12.4XR Base | 12.4XT Base | 12.4XV Base | 12.4XW Base | 12.4XY Base | 12.4XZ Base | 12.4YA Base | 12.9T Base |
| Cisco | IOS XE | 2.3 Base | 2.4 Base |
| Cisco | Wireless Location Appliance | 1.1 .87.0 | 1.2 .17.0 | 2.0 .31.0, .42.0, .42.2, .48.0 | 2.1 .34.0, .39.0 |
| MontaVista | MontaVista Linux | Professional 5.0 |
| Ralf S. Engelschall | mod_ssl | 2.8.10-1.3.26 Base | 2.8.11-1.3.27 Base | 2.8.12-1.3.27 Base | 2.8.13-1.3.27 Base | 2.8.14-1.3.27 Base | 2.8.15-1.3.28 Base | 2.8.16-1.3.29 Base | 2.8.17-1.3.31 Base | 2.8.18-1.3.31 Base | 2.8.19-1.3.31 Base | 2.8.20-1.3.31 Base | 2.8.21-1.3.32 Base | 2.8.22-1.3.33 Base | 2.8.23-1.3.33 Base |
| Red Hat, Inc. | Red Hat Desktop | 3 i386, x86_64 | 4 IA-32, x86_64 |
| Red Hat, Inc. | Red Hat Enterprise Linux | 5 IA-32, IA-64, PPC, ppc64, s390, s390x, x86_64 |
| Red Hat, Inc. | Red Hat Enterprise Linux Advanced Server | 4 IA-32, IA-64, PPC, ppc64, s390, s390x, x86_64 | 4.8.z IA-32, IA-64, PPC, ppc64, s390, s390x, x86_64 |
| Red Hat, Inc. | Red Hat Enterprise Linux Desktop | 5 IA-32, x86_64 |
| Red Hat, Inc. | Red Hat Enterprise Linux Desktop Workstation | 5 IA-32, x86-64 |
| Red Hat, Inc. | Red Hat Enterprise Linux Enterprise Server | 3 amd64 (x86_64), i386, ia64 | 4 IA-32, IA-64, x86_64 | 4.8.z IA-32, IA-64, x86_64 |
| Red Hat, Inc. | Red Hat Enterprise Linux Workstation | 3 amd64 (x86_64), i386, ia64 | 4 IA-32, IA-64, x86_64 |
| Sun Microsystems, Inc. | Solaris | 10 sparc, x64/x86 |
|
|
LEGAL DISCLAIMER
The urgency and severity ratings of this alert are not tailored to individual users; users may value alerts differently based upon their network configurations and circumstances. THE ALERT, AND INFORMATION CONTAINED THEREIN, ARE PROVIDED ON AN "AS IS" BASIS AND DO NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE ALERT, AND INFORMATION CONTAINED THEREIN, OR MATERIALS LINKED FROM THE ALERT, IS AT YOUR OWN RISK. INFORMATION IN THIS ALERT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME. |
|
|
| |
