Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2015.0948.2 Security Bulletin: Vulnerability in RC4 stream cipher affects IBM HTTP Server (CVE-2015-2808) 14 April 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM HTTP Server Publisher: IBM Operating System: AIX HP-UX Linux variants Solaris Windows Impact/Access: Access Privileged Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2015-2808 Reference: ESB-2015.0947 ESB-2015.0946 ESB-2015.0944 Original Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21701072 Revision History: April 14 2015: Corrected Impact/Access April 13 2015: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Security Bulletin: Vulnerability in RC4 stream cipher affects IBM HTTP Server (CVE-2015-2808) Security Bulletin Document information More support for: IBM HTTP Server SSL Software version: 6.1, 7.0, 8.0, 8.5, 8.5.5 Operating system(s): AIX, HP-UX, Linux, Solaris, Windows Reference #: 1701072 Modified date: 2015-04-09 Summary The RC4 "Bar Mitzvah" SSL/TLS may affect some configurations of the IBM HTTP Server for WebSphere Application Server. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as "Bar Mitzvah Attack". CVSS Base Score: 5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/101851 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) Affected Products and Versions The following IBM HTTP Server (IHS) for WebSphere Application Server may be affected: Version 8.5.5 Version 8.5 Version 8.0 Version 7.0 Version 6.1 Remediation/Fixes The recommended solutions is to apply the interim fix, Fix Pack or PTF containing APAR PI34229 for each named product as soon as practical. APAR PI34229 defaults to remove the RC4 ciphers from the default list that is used if you do not specify any ciphers. NOTE: If you specify any ciphers, you will also need to perform some of the steps in the mitigation section. For affected IBM HTTP Server for WebSphere Application Server: For V8.5.0.0 through 8.5.5.5 Full Profile: Upgrade to a minimum of Fix Pack 8.5.5.2 or later then apply Interim Fix PI34229 - --OR-- Apply Fix Pack 8.5.5.6 or later (targeted availability 26 June 2015). For V8.0 through 8.0.0.10: Upgrade to a minimum of Fix Pack 8.0.0.9 or later and then apply Interim Fix PI34229 - --OR-- Apply Fix Pack 8.0.0.11 or later (targeted availability 17 August 2015). For V7.0.0.0 through 7.0.0.37: Upgrade to a minimum of Fix Pack 7.0.0.33 or later and then apply Interim Fix PI34229 - --OR-- Apply Fix Pack 7.0.0.39 or later (targeted availability 26 October 2015). You should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. For unsupported versions IBM recommends upgrading to a fixed support version of the product. Workarounds and Mitigations IBM recommends disabling RC4 in IBM HTTP Server. To disable RC4, complete the steps below: For Version 8.0 and later: A simple way to mitigate this issue is to turn on FIPS140-2 support which will both disable RC4 by default and remove any RC4 ciphers added inadvertently. To enable FIPS140-2, add 'SSLFIPSEnable' to each configuration stanza with 'SSLEnable' Note: On z/OS, SSLFIPSEnable is only available in 8.5.5.0 and later and is set once globally instead of per-virtual host. If you cannot enable FIPS140-2 support or if you run into a complication, you must complete all of the following to disable RC4: To remove RC4 from the defaults, add the following directives to the end of each configuration stanza with 'SSLEnable' (VirtualHost or bottom of httpd.conf if SSLEnable is set globally) This step is not needed if you installed the Interim fix. SSLCipherSpec ALL -SSL_RSA_WITH_RC4_128_SHA -SSL_RSA_WITH_RC4_128_MD5 Remove any 'SSLCipherSpec' explicitly enabling RC4 as illustrated below: # All of these must be removed to disable RC4 SSLCipherSpec SSL_RSA_WITH_RC4_128_SHA SSLCipherSpec SSL_RSA_WITH_RC4_128_MD5 SSLCipherSpec 34 SSLCipherSpec 35 Review the current configuration for SSL ciphers configured via SSLCipherSpec directives with at least two arguments each that add an RC4-based cipher. Search for either "RC4" or the numbers "34" and "35" within SSLCipherSpec directives and remove the corresponding ciphers. # For example if a configuration contains: SSLCipherSpec TLSv1 +SSL_RSA_WITH_RC4_SHA +TLS_RSA_WITH_AES_128_CBC_SHA # Remove the RC4 cipher, changing the directive to: SSLCipherSpec TLSv1 +TLS_RSA_WITH_AES_128_CVC_SHA Do this for all the 'SSLCipherSpec' directives. For Versions 6.0, 6.1, or 7.0: One way to mitigate this issue is to turn on FIPS140-2 support which will both disable RC4 by default and result in a startup error if RC4 is inadvertently enabled. For each existing 'SSLEnable' in your IHS configuration, add 'SSLFIPSEnable' If you do not wish to enable FIPS140-2 support or if you run into a complication, you may do all of the following, whichever applies to your configuration: If any of the following 'SSLCipherSpec' directives are contained in the configuration, remove them and make sure at least 1 other SSLCipherSpec specifies a SSLv3/TLSv1 cipher. See the following bullet for an example of strong non-RC4 ciphers. SSLCipherSpec SSL_RSA_WITH_RC4_128_SHA SSLCipherSpec SSL_RSA_WITH_RC4_128_MD5 SSLCipherSpec 34 SSLCipherSpec 35 If 'SSLEnable' is configured, but no 'SSLCipherSpec' is specified, explicitly select strong ciphers (excluding RC4) with the following recommended ciphers: This step is not needed if you installed the interim fix. SSLCipherSpec TLS_RSA_WITH_AES_128_CBC_SHA SSLCipherSpec TLS_RSA_WITH_AES_256_CBC_SHA SSLCipherSpec SSL_RSA_WITH_3DES_EDE_CBC_SHA Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. References Complete CVSS Guide On-line Calculator V2 Related information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Acknowledgement 09 April 2015: original document *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVSxtyBLndAQH1ShLAQIG6w/+J8JTgjUk8oVmtkloKNSS1PFz2NXqeWZl Ua/TwMKHQd4LPVcszpQO7Oe5yLQ01LDNt9KiNw0ogvpuoYwfN//pgBnBiRKhD0l8 BOc227ZZdfUEDK083mhPWWTAuMLM1AVF+6bO4EcQhJlszSs/eKyvJTUF8cAbKWpI 4CL7NN7+Oolb1h3xuXXqUaSz5TBGTYVH0H9ujj3Z8njd2Nk86IKEs98thp6Id/Dl MzEb1IZKj1VOz9fD8w8+DYy4XEs3LY0iRGMm49kplecLM+uDYBSdO6Vby6lcNitE 4xPWYh1hUr+0v30YuZrjMDzV1iH55xHYVyH9e6gunF/y9KZzrVJkTApVWRoF3F1Y 03br/Z6ZMd0sPMh7cJvY5viWQdFmVsy9Z4p8/wH6RFq62PXqKfJ3JAhXDW/yl27b dG8GAzcu7YjXar1o2qE3nfF4RaFKuBUCgmnr8ChDPFI/UADxQq8C9tJnI38YhH0p d64oQgFTle5X8lPCb5U7W3KkHwbvXI+gGQQuM/k3iJiGMx/dELRHYzyGz7EsDiGs 6+TF+smkYDfA0HP/KwANz/nOs8J5uGNI+9zqHIKpRWJfa3Miu+3336/pAJCfu3W8 YNLA45xrk3CcDO9MbzGXl+gvb770OOPc2gTd01ozE60ghka1gmtCV0dUm/WhxP71 OQqTYJ35AGc= =n/dm -----END PGP SIGNATURE-----