Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2015.1233 Security Bulletin : Vulnerability in RC4 stream cipher affects IBM WebSphere Message Broker and IBM Integration Bus (CVE-2015-2808) 6 May 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM WebSphere Message Broker IBM Integration Bus Publisher: IBM Operating System: AIX HP-UX Linux variants Solaris Windows Impact/Access: Access Privileged Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2015-2808 Reference: ESB-2015.1231 ESB-2015.1228 ESB-2015.1221 ESB-2015.1218 ESB-2015.1217 ESB-2015.1216 ESB-2015.1215 ESB-2015.1214 Original Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21883122 - --------------------------BEGIN INCLUDED TEXT-------------------- Security Bulletin : Vulnerability in RC4 stream cipher affects IBM WebSphere Message Broker and IBM Integration Bus (CVE-2015-2808) Document information More support for: WebSphere Message Broker Security Software version: 7.0, 8.0 Operating system(s): AIX, HP-UX, Linux, Solaris, Windows Reference #: 1883122 Modified date: 2015-05-05 Security Bulletin Summary The RC4 Bar Mitzvah Attack for SSL/TLS affects IBM WebSphere Message Broker and IBM Integration Bus Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as "Bar Mitzvah Attack". CVSS Base Score: 5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/101851 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) Affected Products and Versions IBM Integration Bus V9 , V10 WebSphere Message Broker V7, V8 IBM Integration Toolkit V9 WebSphere Message Broker Toolkit V7, V8 Remediation/Fixes A fix to remove RC4 cipher suites from the default list of enabled cipher suites is available for WebSphere Message Broker V7.0 and V8.0 (for IBM Java 6) Product VRMF APAR Remediation/Fix WebSphere Message Broker V7.0 IT08327 An interim fix is available from IBM Fix Central for all platforms. http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Message+Broker&release=All&platform=All&function=aparId&apars=IT08327 The APAR is targeted to be available in fix pack 7.0.0.8 WebSphere Message Broker V8.0 IT08327 An interim fix is available from IBM Fix Central for all platforms. http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Message+Broker&release=All&platform=All&function=aparId&apars=IT08327 The APAR is targeted to be available in fix pack 8.0.0.7. Note: If you have APAR IT03599 applied to your system to enable MQv8 support: 1. You are using Java 7 bundled with IT03599, and APAR IT08327 does not apply. 2. You must follow the mitigations/workarounds for IBM Integration Bus V9 and V10. You should verify applying this fix does not cause any compatibility issues. The planned maintenance release dates for WebSphere Message Broker and IBM Integration Bus are available at : http://www.ibm.com/support/docview.wss?uid=swg27006308 Workarounds and Mitigations IBM Integration Bus V9 and V10 a) IBM Java 7 shipped with IBM Integration Bus has RC4 enabled by default and is therefore vulnerable. The vulnerability can be mitigated by disabling RC4 which can be achieved by following 'Instructions to disable RC4 in Java 7' given below. After disabling the RC4 ciphers if you decide to use CBC ciphers you should follow the steps outlined in 'Using CBC ciphers' given below. b) If you use the DataDirect ODBC V7.x drivers shipped with WebSphere Message Broker The SSL library shipped with the ODBC drivers is vulnerable. The RC4 ciphers are in the acceptable cipher list by default. To mitigate this vulnerability you can configure the drivers to exclude RC4 ciphers from the list of negotiated ciphers by following 'Instructions to disable RC4 in DataDirect drivers' given below. WebSphere Message Broker V7 and V8 a) After disabling the RC4 ciphers by applying the APAR fix if you then decide to use CBC ciphers you should follow the steps outlined in 'Using CBC ciphers' given below. b) If you use the DataDirect ODBC V7.x drivers shipped with WebSphere Message Broker The SSL library shipped with the ODBC drivers is vulnerable. The RC4 ciphers are in the acceptable cipher list by default. To mitigate this vulnerability you can configure the drivers to exclude RC4 ciphers from the list of negotiated ciphers by following 'Instructions to disable RC4 in DataDirect drivers' given below. WebSphere Message Broker Toolkit V7 and V8 WebSphere Message Broker Toolkit Versions 7.0 and V8.0 by default disable the RC4 stream cipher for broker administration and are not vulnerable. To remain protected in all cases you should NOT enable weak or export-level cipher suites or select an RC4 cipher when connecting to the Broker's Queue Manager. If you enable the RC4 stream cipher you are vulnerable. To use a TLS cipher to connect to the Queue Manager, you must apply a fixpack or ifix containing APAR IT05725. APAR IT05725 is planned for inclusion in 7.0.0.8 and 8.0.0.5 Interim Fix 001. If you choose to use CBC ciphers in place of the RC4 ciphers you should follow the steps outlined in 'Using CBC ciphers' given below. IBM Integration Toolkit V9 IBM Integration Toolkit V9.0 by default disables the RC4 stream cipher for broker administration and is not vulnerable. To remain protected in all cases you should NOT enable weak or export-level cipher suites or select an RC4 cipher when connecting to the Broker's Queue Manager. If enable the RC4 stream cipher you are vulnerable. To use a TLS cipher to connect to the Queue Manager, you must apply a fixpack or ifix containing APAR IT05429. APAR IT05429 is available in IBM Integration Toolkit Version 9.0 Fix Pack 3. To stop users enabling the RC4 stream cipher in the future you should disable RC4 by following 'Instructions to disable RC4 in Java7' given below. If you choose to use CBC ciphers in place of the RC4 ciphers you should follow the steps outlined in 'Using CBC ciphers' given below. Instructions to disable RC4 in Java 7 Add RC4 to the list of disabled algorithms defined by the jdk.tls.disabledAlgorithms security property in the java.security file. For example: jdk.tls.disabledAlgorithms=SSLv3, RC4 The java.security file can be found in the following locations: IBM Integration Bus V9: <install>\jre17\lib\security\java.security IBM Integration Toolkit V9 <install>\jdk\jre\lib\security\java.security IBM Integration Bus V10 on Windows and LinuxX64: <install>\common\jdk\jre\lib\security\java.security IBM Integration Bus V10 not on Windows and LinuxX64: <install>\common\jre\lib\security\java.security Instructions to disable RC4 in DataDirect drivers (ODBC SSL connectivity) Use the undocumented CipherList connection option: Option name: CipherList (CL) Default: "DEFAULT", currently equivalent to "ALL:!aNULL:!eNULL:!SSLv2" Format: See "Cipher List Format" at https://www.openssl.org/docs/apps/ciphers.html In order to disable RC4 ciphers while still maintaining the default restrictions, you need to set: CipherList=DEFAULT:!RC4 Using CBC ciphers After disabling the RC4 ciphers if you decide to enable and use CBC ciphers then you should set the jsse.enableCBCProtection JVM system property to avoid vulnerability to the BEAST security vulnerability CVE-2011-3389. More details about this JVM system property can be found here: http://www.ibm.com/support/knowledgecenter/SSYKE2_6.0.0/com.ibm.java.security.component.60.doc/security-component/jsse2Docs/beast.html You can set the JVM system property in a number of ways. For WebSphere Message Broker and IBM Integration Bus runtime by either: Setting on a per-execution group basis by following the instructions to set a jvmSystemProperty using mqsichangeproperties here: http://www.ibm.com/support/knowledgecenter/SSMKHH_9.0.0/com.ibm.etools.mft.doc/an09143_.htm Setting on a per-broker or machine wide basis by setting the IBM_JAVA_OPTIONS (_JAVA_OPTIONS on Solaris or HP systems) environment variable: IBM_JAVA_OPTIONS=-Djsse.enableCBCProtection=true _JAVA_OPTIONS=-Djsse.enableCBCProtection=true On Windows, Linux and UNIX systems by following the instructions applicable for your platform to setup the command environment here: http://www.ibm.com/support/knowledgecenter/SSMKHH_9.0.0/com.ibm.etools.mft.doc/an26190_.htm?cp=SSMKHH_9.0.0%2F7-0-14 On z/OS systems by adding the environment variable to BIPBPROF and submitting BIPGEN to recustomize the ENVFILE: http://www.ibm.com/support/knowledgecenter/SSMKHH_9.0.0/com.ibm.etools.mft.doc/ae22465_.htm If you already have the IBM_JAVA_OPTIONS or _JAVA_OPTIONS environment variable set then you will need to add the new parameter to the end of any existing parameters preceded by a space. For WebSphere Message Broker and IBM Integration Toolkit: Edit the eclipse.ini file for the toolkit installation and add the following line: -Djsse.enableCBCProtection=true The eclipse.ini file can be found in the root directory of the toolkit installation. For example: c:\Program Files (x86)\IBM\WMBT800\eclipse.ini c:\Program Files\IBM\IIB\10.0.0.0\tools\eclipse.ini Note that in the event that servers or clients are configured to use only RC4 ciphers, the above settings would prevent any SSL connection from succeeding. You should verify applying the above configuration changes do not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. The full list of Java acceptable protocols and their meaning are at http://www.ibm.com/support/knowledgecenter/SSYKE2_7.0.0/com.ibm.java.security.component.70.doc/security-component/jsse2Docs/protocols.html Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. Important note IBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the System z Security web site. Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk. References Complete CVSS Guide On-line Calculator V2 Related information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Acknowledgement None Change History 5 May 2015 - Original version Published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVUli3hLndAQH1ShLAQJGsRAAtszb/1HOWqs6KpTbiMNEwm3Vb6we3/+b h9LZJDQRX/DWbVsyqI4huuhJThVR6ORRPvyuJi55gHWbVk6vYsIMx3UHCzRkLPHo kttmIhe5A/urwsSmlAwMVeTixhXO13SeuHSJG7+DtQPYK/9AXq70JsTmjrCvQrxl BcSvi5k25dAA3dQcGMTfxyBBhH1nHzoADBEv8S5esleqqCkbxqHLKsadbot6+lJx jTMFeu/2KK96tIGUAs4mL1JNM5jPAmnWhbOlyMaT7qV+/LTrRmvm5m9aUynYgOJQ z79x+3vFJUTI01dMkdPrrIqNHN8aWePpP1ZseOUBuLSx25U/R97Qo4J3LaVL7Lbi XTM/x7wVfr7hlmaij12tAy7IZoz79L/AGG1jlQaNsPh4NsOWWHfwsXC80USO11zh NT5g3v4z+JhWSBfbVoEGsG5RTgw2oYmY779XXpX/88C3ucNyNCvDNHId0oOY+Vya /7tdYZ8Pd6TXAjKljrH34atVBezhhoLRSAvCi+4xqfsgKXI6juP149B660jy7NCN Ng+2PsNUfu/zBv6gyOY5Ql3sH4qwZLRmHREnSdf+NxAAQ0y6w6yBuynhhjIYLsDr iyGgL6eUMrgBExZofi6gsekKDkh+kQuS/wtneG5fZeWLOBaXAk4ZF7ofKRzwo6jt nZYm5tLACvo= =AaWf -----END PGP SIGNATURE-----