Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2009.1078 XML signature HMAC truncation authentication bypass 20 July 2009 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: XMLDsig Publisher: US-CERT Operating System: UNIX variants (UNIX, Linux, OSX) Network Appliance Windows Impact/Access: Provide Misleading Information -- Remote/Unauthenticated Resolution: Patch CVE Names: CVE-2009-0217 Reference: ASB-2009.1013 Original Bulletin: http://www.kb.cert.org/vuls/id/466161 - --------------------------BEGIN INCLUDED TEXT-------------------- US-CERT Vulnerability Note VU#466161 XML signature HMAC truncation authentication bypass Overview The XML Signature specification allows for HMAC truncation, which may allow a remote attacker to bypass authentication. I. Description XML Signature Syntax and Processing (XMLDsig) is a W3C recommendation for providing integrity, message authentication, and/or signer authentication services for data. XMLDsig is commonly used by web services such as SOAP. The XMLDsig recommendation includes support for HMAC truncation, as specified in RFC2104. However, the XMLDsig specification does not follow the RFC2104 recommendation to not allow truncation to less than half of the length of the hash output or less than 80 bits. When HMAC truncation is under the control of an attacker this can result in an effective authentication bypass. For example, by specifying an HMACOutputLength of 1, only one bit of the signature is verified. This can allow an attacker to forge an XML signature that will be accepted as valid. II. Impact This vulnerability can allow an attacker to bypass the authentication mechanism provided by the XML Signature specification. III. Solution Apply an update Please check with your vendor for available updates. Erratum E03 for the XMLDsig recommendation has been added, which specifies minimum values for HMAC truncation. Systems Affected Vendor Status Date Notified Date Updated 3com, Inc. Unknown 2009-07-09 2009-07-09 ACCESS Unknown 2009-07-09 2009-07-09 Alcatel-Lucent Unknown 2009-07-09 2009-07-09 Apache XML Security Vulnerable 2009-07-14 Apple Inc. Vulnerable 2009-07-09 2009-07-10 AT&T Unknown 2009-07-09 2009-07-09 Avaya, Inc. Unknown 2009-07-09 2009-07-09 Barracuda Networks Unknown 2009-07-09 2009-07-09 Belkin, Inc. Unknown 2009-07-09 2009-07-09 Borderware Technologies Unknown 2009-07-09 2009-07-09 CERT-Bund Unknown 2009-06-22 2009-06-22 Certicom Unknown 2009-02-18 2009-02-18 Charlotte's Web NetworksUnknown 2009-07-09 2009-07-09 Check Point Software Unknown 2009-07-09 2009-07-09 Cisco Systems, Inc. Unknown 2009-07-09 2009-07-09 Clavister Unknown 2009-07-09 2009-07-09 Computer Associates Unknown 2009-07-09 2009-07-09 Computer Associates eTrust Security Management Unknown 2009-07-09 2009-07-09 Conectiva Inc. Unknown 2009-07-09 2009-07-09 Cray Inc. Unknown 2009-07-09 2009-07-09 D-Link Systems, Inc. Unknown 2009-07-09 2009-07-09 Debian GNU/Linux Vulnerable 2009-07-09 2009-07-14 DragonFly BSD Project Unknown 2009-07-09 2009-07-09 EMC Corporation Unknown 2009-07-09 2009-07-09 Engarde Secure Linux Unknown 2009-07-09 2009-07-09 Enterasys Networks Unknown 2009-07-09 2009-07-09 Ericsson Unknown 2009-07-09 2009-07-09 eSoft, Inc. Unknown 2009-07-09 2009-07-09 Extreme Networks Unknown 2009-07-09 2009-07-09 F5 Networks, Inc. Unknown 2009-07-09 2009-07-09 Fedora Project Unknown 2009-07-09 2009-07-09 Force10 Networks, Inc. Not Vulnerable 2009-07-09 2009-07-14 Fortinet, Inc. Unknown 2009-07-09 2009-07-09 Foundry Networks, Inc. Unknown 2009-07-09 2009-07-09 FreeBSD, Inc. Unknown 2009-07-09 2009-07-09 Fujitsu Unknown 2009-07-09 2009-07-09 Gentoo Linux Unknown 2009-07-09 2009-07-09 Global Technology Associates Unknown 2009-07-09 2009-07-09 Hewlett-Packard Company Unknown 2009-07-09 2009-07-09 Hitachi Unknown 2009-07-09 2009-07-09 IBM Corporation Vulnerable 2009-07-09 2009-07-14 IBM eServer Unknown 2009-07-09 2009-07-09 Infoblox Unknown 2009-07-09 2009-07-09 Intel Corporation Unknown 2009-07-09 2009-07-09 Internet Security Systems, Inc. Unknown 2009-07-09 2009-07-09 Intoto Unknown 2009-07-09 2009-07-09 IP Filter Unknown 2009-07-09 2009-07-09 IP Infusion, Inc. Unknown 2009-07-09 2009-07-09 Juniper Networks, Inc. Unknown 2009-07-09 2009-07-09 Luminous Networks Unknown 2009-07-09 2009-07-09 m0n0wall Not Vulnerable 2009-07-09 2009-07-10 Mandriva S. A. Unknown 2009-07-09 2009-07-09 McAfee Unknown 2009-07-09 2009-07-09 Microsoft Corporation Unknown 2009-07-09 2009-07-09 Mono-Project Vulnerable 2009-07-10 MontaVista Software, Inc. Unknown 2009-07-09 2009-07-09 Multitech, Inc. Unknown 2009-07-09 2009-07-09 NEC Corporation Unknown 2009-07-09 2009-07-09 NetApp Unknown 2009-07-09 2009-07-09 NetBSD Unknown 2009-07-09 2009-07-09 netfilter Unknown 2009-07-09 2009-07-09 Nokia Unknown 2009-07-09 2009-07-09 Nortel Networks, Inc. Unknown 2009-07-09 2009-07-09 Novell, Inc. Unknown 2009-07-09 2009-07-09 Openwall GNU/*/Linux Unknown 2009-07-09 2009-07-09 Oracle Corporation Vulnerable 2009-07-13 PePLink Unknown 2009-07-09 2009-07-09 Process Software Unknown 2009-07-09 2009-07-09 Q1 Labs Not Vulnerable 2009-07-09 2009-07-10 QNX, Software Systems, Inc. Unknown 2009-07-09 2009-07-09 Quagga Unknown 2009-07-09 2009-07-09 RadWare, Inc. Unknown 2009-07-09 2009-07-09 Red Hat, Inc. Unknown 2009-07-09 2009-07-09 Redback Networks, Inc. Unknown 2009-07-09 2009-07-09 RSA Security, Inc. Vulnerable 2009-07-14 SafeNet Unknown 2009-07-09 2009-07-09 Secureworx, Inc. Unknown 2009-07-09 2009-07-09 Silicon Graphics, Inc. Unknown 2009-07-09 2009-07-09 Slackware Linux Inc. Unknown 2009-07-09 2009-07-09 SmoothWall Unknown 2009-07-09 2009-07-09 Snort Unknown 2009-07-09 2009-07-09 Soapstone Networks Unknown 2009-07-09 2009-07-09 Sony Corporation Unknown 2009-07-09 2009-07-09 Sourcefire Unknown 2009-07-09 2009-07-09 Stonesoft Unknown 2009-07-09 2009-07-09 Sun Microsystems, Inc. Vulnerable 2009-07-09 2009-07-14 SUSE Linux Unknown 2009-07-09 2009-07-09 Symantec Unknown 2009-07-09 2009-07-09 The SCO Group Not Vulnerable 2009-07-09 2009-07-13 TippingPoint, Technologies, Inc. Unknown 2009-07-09 2009-07-09 Turbolinux Unknown 2009-07-09 2009-07-09 U4EA Technologies, Inc. Unknown 2009-07-09 2009-07-09 Ubuntu Unknown 2009-07-09 2009-07-09 Unisys Unknown 2009-07-09 2009-07-09 VMware Not Vulnerable 2009-07-09 2009-07-14 Vyatta Unknown 2009-07-09 2009-07-09 Watchguard Technologies, Inc. Unknown 2009-07-09 2009-07-09 Wind River Systems, Inc. Not Vulnerable 2009-07-09 2009-07-13 XML Security Library Vulnerable 2009-07-10 ZyXEL Unknown 2009-07-09 2009-07-09 References http://www.w3.org/2008/06/xmldsigcore-errata.html#e03 http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html http://www.rsa.com/blog/blog_entry.aspx?id=1492 http://www.w3.org/TR/xmldsig-core/ http://www.w3.org/TR/xmldsig-core/#sec-HMAC http://tools.ietf.org/html/rfc2104#section-5 http://www.oasis-open.org/specs/index.php#wss http://www.w3.org/2000/xp/Group/ http://msdn.microsoft.com/en-us/library/ms996502.aspx http://www.ibm.com/support/docview.wss?rs=180&uid=swg21384925 http://santuario.apache.org/download.html http://www.mono-project.com/Vulnerabilities http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2009.html http://www.aleksey.com/xmlsec/downloads.html Credit Thanks to Thomas Roessler of the W3C for reporting this vulnerability. This document was written by Will Dormann. Other Information Date Public: 2009-07-14 Date First Published: 2009-07-14 Date Last Updated: 2009-07-16 CERT Advisory: CVE-ID(s): CVE-2009-0217 NVD-ID(s): CVE-2009-0217 US-CERT Technical Alerts: Metric: 8.16 Document Revision: 22 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iD8DBQFKZBQ6NVH5XJJInbgRAv3UAKCIJeuive/d8zckMFiNJivdO/s2pwCeKhER Gb2UtsFzyEpA5ncQd5yozWA= =Jygq -----END PGP SIGNATURE-----