Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2015.0948.2
Security Bulletin: Vulnerability in RC4 stream cipher
affects IBM HTTP Server (CVE-2015-2808)
14 April 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM HTTP Server
Publisher: IBM
Operating System: AIX
HP-UX
Linux variants
Solaris
Windows
Impact/Access: Access Privileged Data -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2015-2808
Reference: ESB-2015.0947
ESB-2015.0946
ESB-2015.0944
Original Bulletin:
http://www-01.ibm.com/support/docview.wss?uid=swg21701072
Revision History: April 14 2015: Corrected Impact/Access
April 13 2015: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM HTTP Server
(CVE-2015-2808)
Security Bulletin
Document information
More support for:
IBM HTTP Server
SSL
Software version:
6.1, 7.0, 8.0, 8.5, 8.5.5
Operating system(s):
AIX, HP-UX, Linux, Solaris, Windows
Reference #:
1701072
Modified date:
2015-04-09
Summary
The RC4 "Bar Mitzvah" SSL/TLS may affect some configurations of the IBM HTTP
Server for WebSphere Application Server.
Vulnerability Details
CVEID: CVE-2015-2808
DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol,
could allow a remote attacker to obtain sensitive information. An attacker
could exploit this vulnerability to remotely expose account credentials
without requiring an active man-in-the-middle session. Successful exploitation
could allow an attacker to retrieve credit card data or other sensitive
information. This vulnerability is commonly referred to as "Bar Mitzvah
Attack".
CVSS Base Score: 5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/101851 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Affected Products and Versions
The following IBM HTTP Server (IHS) for WebSphere Application Server may be
affected:
Version 8.5.5
Version 8.5
Version 8.0
Version 7.0
Version 6.1
Remediation/Fixes
The recommended solutions is to apply the interim fix, Fix Pack or PTF
containing APAR PI34229 for each named product as soon as practical. APAR
PI34229 defaults to remove the RC4 ciphers from the default list that is used
if you do not specify any ciphers. NOTE: If you specify any ciphers, you will
also need to perform some of the steps in the mitigation section.
For affected IBM HTTP Server for WebSphere Application Server:
For V8.5.0.0 through 8.5.5.5 Full Profile:
Upgrade to a minimum of Fix Pack 8.5.5.2 or later then apply Interim Fix
PI34229
- --OR--
Apply Fix Pack 8.5.5.6 or later (targeted availability 26 June 2015).
For V8.0 through 8.0.0.10:
Upgrade to a minimum of Fix Pack 8.0.0.9 or later and then apply Interim Fix
PI34229
- --OR--
Apply Fix Pack 8.0.0.11 or later (targeted availability 17 August 2015).
For V7.0.0.0 through 7.0.0.37:
Upgrade to a minimum of Fix Pack 7.0.0.33 or later and then apply Interim Fix
PI34229
- --OR--
Apply Fix Pack 7.0.0.39 or later (targeted availability 26 October 2015).
You should verify applying this fix does not cause any compatibility issues.
The fix disables RC4 stream cipher by default. If you change this setting you
will expose yourself to the attack described above. IBM recommends that you
review your entire environment to identify other areas where you have enabled
the RC4 stream cipher and take appropriate mitigation and remediation actions.
For unsupported versions IBM recommends upgrading to a fixed support version
of the product.
Workarounds and Mitigations
IBM recommends disabling RC4 in IBM HTTP Server. To disable RC4, complete the
steps below:
For Version 8.0 and later:
A simple way to mitigate this issue is to turn on FIPS140-2 support which
will both disable RC4 by default and remove any RC4 ciphers added
inadvertently. To enable FIPS140-2, add 'SSLFIPSEnable' to each configuration
stanza with 'SSLEnable'
Note: On z/OS, SSLFIPSEnable is only available in 8.5.5.0 and later and is
set once globally instead of per-virtual host.
If you cannot enable FIPS140-2 support or if you run into a complication,
you must complete all of the following to disable RC4:
To remove RC4 from the defaults, add the following directives to
the end of each configuration stanza with 'SSLEnable' (VirtualHost or bottom
of httpd.conf if SSLEnable is set globally) This step is not needed if you
installed the Interim fix.
SSLCipherSpec ALL -SSL_RSA_WITH_RC4_128_SHA
-SSL_RSA_WITH_RC4_128_MD5
Remove any 'SSLCipherSpec' explicitly enabling RC4 as illustrated
below:
# All of these must be removed to disable RC4
SSLCipherSpec SSL_RSA_WITH_RC4_128_SHA
SSLCipherSpec SSL_RSA_WITH_RC4_128_MD5
SSLCipherSpec 34
SSLCipherSpec 35
Review the current configuration for SSL ciphers configured via
SSLCipherSpec directives with at least two arguments each that add an
RC4-based cipher.
Search for either "RC4" or the numbers "34" and "35" within
SSLCipherSpec directives and remove the corresponding ciphers.
# For example if a configuration contains:
SSLCipherSpec TLSv1 +SSL_RSA_WITH_RC4_SHA
+TLS_RSA_WITH_AES_128_CBC_SHA
# Remove the RC4 cipher, changing the directive to:
SSLCipherSpec TLSv1 +TLS_RSA_WITH_AES_128_CVC_SHA
Do this for all the 'SSLCipherSpec' directives.
For Versions 6.0, 6.1, or 7.0:
One way to mitigate this issue is to turn on FIPS140-2 support which will
both disable RC4 by default and result in a startup error if RC4 is
inadvertently enabled.
For each existing 'SSLEnable' in your IHS configuration, add
'SSLFIPSEnable'
If you do not wish to enable FIPS140-2 support or if you run into a
complication, you may do all of the following, whichever applies to your
configuration:
If any of the following 'SSLCipherSpec' directives are contained in
the configuration, remove them and make sure at least 1 other SSLCipherSpec
specifies a SSLv3/TLSv1 cipher. See the following bullet for an example of
strong non-RC4 ciphers.
SSLCipherSpec SSL_RSA_WITH_RC4_128_SHA
SSLCipherSpec SSL_RSA_WITH_RC4_128_MD5
SSLCipherSpec 34
SSLCipherSpec 35
If 'SSLEnable' is configured, but no 'SSLCipherSpec' is specified,
explicitly select strong ciphers (excluding RC4) with the following
recommended ciphers: This step is not needed if you installed the interim fix.
SSLCipherSpec TLS_RSA_WITH_AES_128_CBC_SHA
SSLCipherSpec TLS_RSA_WITH_AES_256_CBC_SHA
SSLCipherSpec SSL_RSA_WITH_3DES_EDE_CBC_SHA
Get Notified about Future Security Bulletins
Subscribe to My Notifications to be notified of important product support
alerts like this.
References
Complete CVSS Guide
On-line Calculator V2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Acknowledgement
09 April 2015: original document
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVSxtyBLndAQH1ShLAQIG6w/+J8JTgjUk8oVmtkloKNSS1PFz2NXqeWZl
Ua/TwMKHQd4LPVcszpQO7Oe5yLQ01LDNt9KiNw0ogvpuoYwfN//pgBnBiRKhD0l8
BOc227ZZdfUEDK083mhPWWTAuMLM1AVF+6bO4EcQhJlszSs/eKyvJTUF8cAbKWpI
4CL7NN7+Oolb1h3xuXXqUaSz5TBGTYVH0H9ujj3Z8njd2Nk86IKEs98thp6Id/Dl
MzEb1IZKj1VOz9fD8w8+DYy4XEs3LY0iRGMm49kplecLM+uDYBSdO6Vby6lcNitE
4xPWYh1hUr+0v30YuZrjMDzV1iH55xHYVyH9e6gunF/y9KZzrVJkTApVWRoF3F1Y
03br/Z6ZMd0sPMh7cJvY5viWQdFmVsy9Z4p8/wH6RFq62PXqKfJ3JAhXDW/yl27b
dG8GAzcu7YjXar1o2qE3nfF4RaFKuBUCgmnr8ChDPFI/UADxQq8C9tJnI38YhH0p
d64oQgFTle5X8lPCb5U7W3KkHwbvXI+gGQQuM/k3iJiGMx/dELRHYzyGz7EsDiGs
6+TF+smkYDfA0HP/KwANz/nOs8J5uGNI+9zqHIKpRWJfa3Miu+3336/pAJCfu3W8
YNLA45xrk3CcDO9MbzGXl+gvb770OOPc2gTd01ozE60ghka1gmtCV0dUm/WhxP71
OQqTYJ35AGc=
=n/dm
-----END PGP SIGNATURE-----