Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2009.1078
XML signature HMAC truncation authentication bypass
20 July 2009
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: XMLDsig
Publisher: US-CERT
Operating System: UNIX variants (UNIX, Linux, OSX)
Network Appliance
Windows
Impact/Access: Provide Misleading Information -- Remote/Unauthenticated
Resolution: Patch
CVE Names: CVE-2009-0217
Reference: ASB-2009.1013
Original Bulletin:
http://www.kb.cert.org/vuls/id/466161
- --------------------------BEGIN INCLUDED TEXT--------------------
US-CERT Vulnerability Note VU#466161
XML signature HMAC truncation authentication bypass
Overview
The XML Signature specification allows for HMAC truncation, which may
allow a remote attacker to bypass authentication.
I. Description
XML Signature Syntax and Processing (XMLDsig) is a W3C recommendation for
providing integrity, message authentication, and/or signer authentication
services for data. XMLDsig is commonly used by web services such as SOAP.
The XMLDsig recommendation includes support for HMAC truncation, as
specified in RFC2104. However, the XMLDsig specification does not follow
the RFC2104 recommendation to not allow truncation to less than half of
the length of the hash output or less than 80 bits. When HMAC truncation
is under the control of an attacker this can result in an effective
authentication bypass. For example, by specifying an HMACOutputLength of
1, only one bit of the signature is verified. This can allow an attacker
to forge an XML signature that will be accepted as valid.
II. Impact
This vulnerability can allow an attacker to bypass the authentication
mechanism provided by the XML Signature specification.
III. Solution
Apply an update
Please check with your vendor for available updates. Erratum E03 for the
XMLDsig recommendation has been added, which specifies minimum values for
HMAC truncation.
Systems Affected
Vendor Status Date Notified Date Updated
3com, Inc. Unknown 2009-07-09 2009-07-09
ACCESS Unknown 2009-07-09 2009-07-09
Alcatel-Lucent Unknown 2009-07-09 2009-07-09
Apache XML Security Vulnerable 2009-07-14
Apple Inc. Vulnerable 2009-07-09 2009-07-10
AT&T Unknown 2009-07-09 2009-07-09
Avaya, Inc. Unknown 2009-07-09 2009-07-09
Barracuda Networks Unknown 2009-07-09 2009-07-09
Belkin, Inc. Unknown 2009-07-09 2009-07-09
Borderware Technologies Unknown 2009-07-09 2009-07-09
CERT-Bund Unknown 2009-06-22 2009-06-22
Certicom Unknown 2009-02-18 2009-02-18
Charlotte's Web NetworksUnknown 2009-07-09 2009-07-09
Check Point Software Unknown 2009-07-09 2009-07-09
Cisco Systems, Inc. Unknown 2009-07-09 2009-07-09
Clavister Unknown 2009-07-09 2009-07-09
Computer Associates Unknown 2009-07-09 2009-07-09
Computer Associates
eTrust Security
Management Unknown 2009-07-09 2009-07-09
Conectiva Inc. Unknown 2009-07-09 2009-07-09
Cray Inc. Unknown 2009-07-09 2009-07-09
D-Link Systems, Inc. Unknown 2009-07-09 2009-07-09
Debian GNU/Linux Vulnerable 2009-07-09 2009-07-14
DragonFly BSD Project Unknown 2009-07-09 2009-07-09
EMC Corporation Unknown 2009-07-09 2009-07-09
Engarde Secure Linux Unknown 2009-07-09 2009-07-09
Enterasys Networks Unknown 2009-07-09 2009-07-09
Ericsson Unknown 2009-07-09 2009-07-09
eSoft, Inc. Unknown 2009-07-09 2009-07-09
Extreme Networks Unknown 2009-07-09 2009-07-09
F5 Networks, Inc. Unknown 2009-07-09 2009-07-09
Fedora Project Unknown 2009-07-09 2009-07-09
Force10 Networks, Inc. Not Vulnerable 2009-07-09 2009-07-14
Fortinet, Inc. Unknown 2009-07-09 2009-07-09
Foundry Networks, Inc. Unknown 2009-07-09 2009-07-09
FreeBSD, Inc. Unknown 2009-07-09 2009-07-09
Fujitsu Unknown 2009-07-09 2009-07-09
Gentoo Linux Unknown 2009-07-09 2009-07-09
Global Technology
Associates Unknown 2009-07-09 2009-07-09
Hewlett-Packard Company Unknown 2009-07-09 2009-07-09
Hitachi Unknown 2009-07-09 2009-07-09
IBM Corporation Vulnerable 2009-07-09 2009-07-14
IBM eServer Unknown 2009-07-09 2009-07-09
Infoblox Unknown 2009-07-09 2009-07-09
Intel Corporation Unknown 2009-07-09 2009-07-09
Internet Security
Systems, Inc. Unknown 2009-07-09 2009-07-09
Intoto Unknown 2009-07-09 2009-07-09
IP Filter Unknown 2009-07-09 2009-07-09
IP Infusion, Inc. Unknown 2009-07-09 2009-07-09
Juniper Networks, Inc. Unknown 2009-07-09 2009-07-09
Luminous Networks Unknown 2009-07-09 2009-07-09
m0n0wall Not Vulnerable 2009-07-09 2009-07-10
Mandriva S. A. Unknown 2009-07-09 2009-07-09
McAfee Unknown 2009-07-09 2009-07-09
Microsoft Corporation Unknown 2009-07-09 2009-07-09
Mono-Project Vulnerable 2009-07-10
MontaVista Software,
Inc. Unknown 2009-07-09 2009-07-09
Multitech, Inc. Unknown 2009-07-09 2009-07-09
NEC Corporation Unknown 2009-07-09 2009-07-09
NetApp Unknown 2009-07-09 2009-07-09
NetBSD Unknown 2009-07-09 2009-07-09
netfilter Unknown 2009-07-09 2009-07-09
Nokia Unknown 2009-07-09 2009-07-09
Nortel Networks, Inc. Unknown 2009-07-09 2009-07-09
Novell, Inc. Unknown 2009-07-09 2009-07-09
Openwall GNU/*/Linux Unknown 2009-07-09 2009-07-09
Oracle Corporation Vulnerable 2009-07-13
PePLink Unknown 2009-07-09 2009-07-09
Process Software Unknown 2009-07-09 2009-07-09
Q1 Labs Not Vulnerable 2009-07-09 2009-07-10
QNX, Software Systems,
Inc. Unknown 2009-07-09 2009-07-09
Quagga Unknown 2009-07-09 2009-07-09
RadWare, Inc. Unknown 2009-07-09 2009-07-09
Red Hat, Inc. Unknown 2009-07-09 2009-07-09
Redback Networks, Inc. Unknown 2009-07-09 2009-07-09
RSA Security, Inc. Vulnerable 2009-07-14
SafeNet Unknown 2009-07-09 2009-07-09
Secureworx, Inc. Unknown 2009-07-09 2009-07-09
Silicon Graphics, Inc. Unknown 2009-07-09 2009-07-09
Slackware Linux Inc. Unknown 2009-07-09 2009-07-09
SmoothWall Unknown 2009-07-09 2009-07-09
Snort Unknown 2009-07-09 2009-07-09
Soapstone Networks Unknown 2009-07-09 2009-07-09
Sony Corporation Unknown 2009-07-09 2009-07-09
Sourcefire Unknown 2009-07-09 2009-07-09
Stonesoft Unknown 2009-07-09 2009-07-09
Sun Microsystems, Inc. Vulnerable 2009-07-09 2009-07-14
SUSE Linux Unknown 2009-07-09 2009-07-09
Symantec Unknown 2009-07-09 2009-07-09
The SCO Group Not Vulnerable 2009-07-09 2009-07-13
TippingPoint,
Technologies, Inc. Unknown 2009-07-09 2009-07-09
Turbolinux Unknown 2009-07-09 2009-07-09
U4EA Technologies, Inc. Unknown 2009-07-09 2009-07-09
Ubuntu Unknown 2009-07-09 2009-07-09
Unisys Unknown 2009-07-09 2009-07-09
VMware Not Vulnerable 2009-07-09 2009-07-14
Vyatta Unknown 2009-07-09 2009-07-09
Watchguard Technologies,
Inc. Unknown 2009-07-09 2009-07-09
Wind River Systems,
Inc. Not Vulnerable 2009-07-09 2009-07-13
XML Security Library Vulnerable 2009-07-10
ZyXEL Unknown 2009-07-09 2009-07-09
References
http://www.w3.org/2008/06/xmldsigcore-errata.html#e03
http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html
http://www.rsa.com/blog/blog_entry.aspx?id=1492
http://www.w3.org/TR/xmldsig-core/
http://www.w3.org/TR/xmldsig-core/#sec-HMAC
http://tools.ietf.org/html/rfc2104#section-5
http://www.oasis-open.org/specs/index.php#wss
http://www.w3.org/2000/xp/Group/
http://msdn.microsoft.com/en-us/library/ms996502.aspx
http://www.ibm.com/support/docview.wss?rs=180&uid=swg21384925
http://santuario.apache.org/download.html
http://www.mono-project.com/Vulnerabilities
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2009.html
http://www.aleksey.com/xmlsec/downloads.html
Credit
Thanks to Thomas Roessler of the W3C for reporting this vulnerability.
This document was written by Will Dormann.
Other Information
Date Public: 2009-07-14
Date First Published: 2009-07-14
Date Last Updated: 2009-07-16
CERT Advisory:
CVE-ID(s): CVE-2009-0217
NVD-ID(s): CVE-2009-0217
US-CERT Technical Alerts:
Metric: 8.16
Document Revision: 22
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFKZBQ6NVH5XJJInbgRAv3UAKCIJeuive/d8zckMFiNJivdO/s2pwCeKhER
Gb2UtsFzyEpA5ncQd5yozWA=
=Jygq
-----END PGP SIGNATURE-----