Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2015.1371
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Security
Access Manager for Web and IBM Tivoli Access Manager for
e-business (CVE-2015-2808)
22 May 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM Security Access Manager for Web
IBM Tivoli Access Manager for e-business
Publisher: IBM
Operating System: AIX
HP-UX
Linux variants
Solaris
Windows
Impact/Access: Access Privileged Data -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2015-2808
Reference: ESB-2015.0961
ESB-2015.0960
ESB-2015.0958
ESB-2015.0956
ESB-2015.0955
ESB-2015.0954
ESB-2015.0953
ESB-2015.0950.2
ESB-2015.0949.2
ESB-2015.0948.2
ESB-2015.0947.2
ESB-2015.0946.2
ESB-2015.0944.2
Original Bulletin:
http://www-01.ibm.com/support/docview.wss?uid=swg21902389
- --------------------------BEGIN INCLUDED TEXT--------------------
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Security
Access Manager for Web and IBM Tivoli Access Manager for e-business
(CVE-2015-2808)
Security Bulletin
Summary
The RC4 Bar Mitzvah Attack for SSL/TLS affects IBM Security Access Manager for
Web and IBM Tivoli Access Manager for e-business.
Vulnerability Details
CVEID: CVE-2015-2808
DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol,
could allow a remote attacker to obtain sensitive information. An attacker
could exploit this vulnerability to remotely expose account credentials
without requiring an active man-in-the-middle session. Successful exploitation
could allow an attacker to retrieve credit card data or other sensitive
information. This vulnerability is commonly referred to as "Bar Mitzvah
Attack".
CVSS Base Score: 5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/101851 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Affected Products and Versions
IBM Tivoli Access Manager for e-business versions 6.0, 6.1, 6.1.1
IBM Security Access Manager for Web version 7.0 software
IBM Security Access Manager for Web version 7.0 appliance, all firmware
versions
IBM Security Access Manager for Web version 8.0 appliance, all firmware
versions
Remediation/Fixes
IBM has provided patches for all affected versions. Follow the installation
instructions in the README files included with the patch.
You should verify applying this fix does not cause any compatibility issues.
The fix disables RC4 stream cipher by default. IBM recommends that you review
your entire environment to identify other areas where you have enabled the RC4
stream cipher and take appropriate mitigation and remediation actions.
Please note: If you have configured the ciphers that are used in your
environment, you might still be susceptible to the attack described above.
Please review the 'Post-installation instructions' provided below the
remediation table.
Product VRMF APAR Remediation
IBM Tivoli Access Manager for e-business 6.0 - IV73153 Apply the following interim fix:
6.0.0.38 6.0.0-ISS-TAM-IF0039
IBM Tivoli Access Manager for e-business 6.1 - IV73153 Apply the following interim fix:
6.1.0.19 6.1.0-ISS-TAM-IF0020
IBM Tivoli Access Manager for e-business 6.1.1 - IV73150 Apply the following interim fix:
6.1.1.17 6.1.1-ISS-TAM-IF0018
IBM Security Access Manager for Web 7.0 - IV73149 Apply the following fix pack:
(software-installations) 7.0.0.13 7.0.0-ISS-SAM-IF0014
IBM Security Access Manager for Web 7.0 - IV73146 1) Apply the following fix pack:
(appliance-based) 7.0.0.12 7.0.0-ISS-WGA-FP0012
2) You can then apply the following interim fix:
7.0.0-ISS-WGA-IF0014
IBM Security Access Manager for Web 7.0.0.12 IV73146 Apply the following interim fix:
(appliance-based) 7.0.0.13 7.0.0-ISS-WGA-IF0014
IBM Security Access Manager for Web 8.0 - IV73137 1) Apply the following fix pack:
8.0.1.1 8.0.1-ISS-WGA-FP0002
2) You can then apply the following interim fix:
8.0.1.2-ISS-WGA-IF0002
IBM Security Access Manager for Web 8.0.1.2 IV73137 Apply the following interim fix:
8.0.1.2-ISS-WGA-IF0002
For Tivoli Access Manager for e-business 5.1, IBM recommends upgrading to a
fixed, supported version/release/platform of the product.
Post-installation instructions
After you have applied the interim fix packages described above, you need to
review your environment to check whether your environment is configured to use
RC4 ciphers.
Review the details below to determine whether you need to update the
configuration in your environment to avoid any exposure to this vulnerability:
Vulnerabilities have been identified in many of the available ciphers. Here is
a list of the remaining ciphers that are not affected by these known
vulnerabilities. These ciphers are stated in no particular order. You can use
one or more of these ciphers as you work through the configuration details
included in this tech note.
Table One: SSLv3, TLSv10, TLSv11 (GSKit 7 & GSKit 8)
Long name Cipher number
TLS_RSA_WITH_3DES_EDE_CBC_SHA 0A
TLS_RSA_WITH_AES_128_CBC_SHA 2F
TLS_RSA_WITH_AES_256_CBC_SHA 35
Table Two: TLSv12 (GSKit 8 only)
Long name
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Mitigation for all TAMeb versions and ISAM for Web 7.0 software version
1). Download the latest version of GSKit, 7.0.5.6 or 8.0.50.42, for your
currently installed TAMeb or ISAM version -
IBM Security Access Manager for Web 7.0.0 (Software)
Tivoli Access Manager for e-business 6.1.1
Tivoli Access Manager for e-business 6.1.0
Tivoli Access Manager for e-business 6.0.0
2). Shutdown all running instances of WebSEAL on the machine for which these
instructions are to be followed.
3). For all ISAM and TAMeb versions. For all machines hosting WebSEAL if the
following environment variables have been set
GSK_V2_CIPHER_SPECS
GSK_V3_CIPHER_SPECS
Remove all references of the following cipher numbers, which have known
vulnerabilities
01 02 03 04 05 06 09 62 64
Note: You can configure your environment to use of one or more of the ciphers
listed in the tables at the start of this tech note.
4). For ISAM 7.0 only. For each instance of WebSEAL, under the [ssl] stanza,
remove all references to RC4 ciphers from both the gsk_attr_name and the
jct_gsk_attr_name attributes:
Long Name
- -----------------------------------
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_NULL_MD5
TLS_RSA_WITH_NULL_SHA256
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_NULL_SHA
Note - Any instance of the above ciphers should be removed. You can configure
your environment to use one or more of the ciphers listed in the tables at the
start of this tech note.
5). Update the following Policy Server configuration files: ldap.conf and
activedir_ldap.conf. Update the following configuration entries to ensure that
there are no references to RC4 ciphers. Configure the following entries to use
one or more of the ciphers listed in the tables at the start of this tech
note.
[ldap]
ssl-tls-cipher-specs
tls-v12-cipher-specs
Note: Ensure that you remove any references to the following cipher numbers -
01 02 03 04 05 06 09 62 64
[uraf-registry]
ssl-tls-cipher-specs
tls-v12-cipher-specs
Note: Ensure that you remove any references to the following ciphers:
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_NULL_MD5
TLS_RSA_WITH_NULL_SHA256
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_NULL_SHA
Note: For these updates to take effect, please restart your Policy Server.
6). For all TAMeb and ISAM versions. For all instances of WebSEAL, if the
GSKit environment variables have been correctly configured as outlined in step
two above and the value of the ssl-qop-mgmt within the WebSEAL configuration
file is currently set to No or False then no additional actions are required.,
skip to Step 7.
For all instances of WebSEAL, if the ssl-qop-mgmt attribute is set to Yes or
True, configure the default configuration entries in the
[ssl-qop-mgmt-default] stanza to ensure that you remove any vulnerable
ciphers. Note: Do not use a setting of 'ALL'.
Ensure that the following ciphers are not present in the configured ciphers:
default = RC4-40
default = RC2-40
default = DES-56
default = DES-56-62
default = RC4-56
default = RC4-128
default = RC2-128
7). For all instances of WebSEAL, if not already done, set the following
environment variable during the start up process for WebSEAL-
GSK_STRICTCHECK_CBCPADBYTES = GSK_FALSE
Important - If this environment variable is already set then it can remain in
place. It should not have any effect on this mitigation plan.
8). Upgrade to GSKit, 7.0.5.6 or 8.0.50.42, using the instructions provided in
the readme of their respective releases.
9). Restart all instances of WebSEAL.
Mitigation for all ISAM for Web 7.0 and 8.0 appliance versions
Note: It is important that you explicitly set values for all of these entries
so that the default ciphers are not used. The list of default ciphers on the
appliance includes some of the RC4 ciphers that are affected by this
vulnerability. To mitigate this vulnerability, you must set all of the
configuration entries that are described in the following steps.
1). Update to the latest interim fixes for your product version -
IBM Security Access Manager for Web 8.0.1.2 IF0002
IBM Security Access Manager for Mobile 8.0.1.2 IF0002
IBM Security Access Manager for Web (WGA) 7.0.0 IF0014
IBM Single Sign On for Bluemix v2 Identity Bridge 8.0.1.2 IF0002
Note: Before applying the interim fixes, you must first ensure that you are
running the latest fix pack level.
2). Shut down all instances of the Reverse Proxy hosted by the appliance where
these instructions are to be followed.
3). For each of the instance of Reverse Proxy open its configuration file
using the following instructions:
1. Select 'Secure Web Settings -> Reverse Proxy' from the menu bar;
2. Select the Reverse Proxy instance;
3. Select 'Manage -> Configuration -> Edit Configuration File' from the menu
4). For each instance of Reverse Proxy, under the [ssl] stanza, remove all
references to RC4 ciphers from both the gsk_attr_name and the
jct_gsk_attr_name attributes:
Long Name
- -----------------------------------
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_NULL_MD5
TLS_RSA_WITH_NULL_SHA256
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_NULL_SHA
Note - Any instance of the above ciphers should be removed. Configure your
environment to use one or more of the ciphers listed in the tables at the
start of this tech note.
5). On the Runtime Component management page, select 'Manage -> Configuration
Files -> ldap.conf'.
Update the following configuration entries to use one or more of the ciphers
listed in the tables at the start of this tech note.
[ldap]
ssl-tls-cipher-specs
tls-v12-cipher-specs
Ensure that you remove any references to the following cipher numbers -
01 02 03 04 05 06 09 62 64
6) On the Runtime Component management page, select 'Manage -> Configuration
Files -> activedir_ldap.conf'.
Update the following configuration entries to ensure that there are no
references to RC4 ciphers. You can use one or more of the ciphers listed in
the tables at the start of this tech note.
[uraf-registry]
ssl-tls-cipher-specs
tls-v12-cipher-specs
Ensure that you remove any references to the following ciphers:
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_NULL_MD5
TLS_RSA_WITH_NULL_SHA256
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_NULL_SHA
Note: For these updates to take effect, please restart your Policy Server.
7). For all instances of the Reverse Proxy, if the ssl-qop-mgmt attribute is
set to Yes or "True", configure the default configuration entries in the
[ssl-qop-mgmt-default] stanza to ensure that vulnerable ciphers are removed.
Note: Do not use a setting of 'ALL'.
Ensure that the following ciphers are not present in the configured ciphers:
default = RC4-40
default = RC2-40
default = DES-56
default = DES-56-62
default = RC4-56
default = RC4-128
default = RC2-128
8). For each instance of Reverse Proxy if not already set, set the following
attribute and value under the [ssl] stanza -
gsk-attr-name = enum:471:0
jct-gsk-attr-name = enum:471:0
Note - If this attribute is already set to then this can remain in place. It
should not have any affect for the mitigation plan.
9). For each instance of Reverse Proxy save and deploy the changes.
10). Apply the appliance fix pack using the following instructions -
i). Click Manage, and then click Fix Packs.
ii). In the Fix Packs pane, click New.
iii). In the Add Fix Pack window, click Browse to locate the fix pack file,
and then click Open.
iv). Click Submit to install the fix pack.
11). Once the appliance has restarted, verify that all Reverse Proxy servers
are restarted successfully.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
Subscribe to My Notifications to be notified of important product support
alerts like this.
References
Complete CVSS Guide
On-line Calculator V2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
May 21, 2015: Original Version Published.
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVV63ChLndAQH1ShLAQKlpg//exPIU0Qgpk8gCqPoX4FEIxHwwu/gIi5U
gX8cG8pYgvx864CE4twuK+4ftStMUb70JtJaSO+RBXXCXGSd3AWo+3WFYgOaYHnE
N4be9nPvSxrZ7tcJQs2iFMbrUhPks44pO7+H1lGmVEV3bXdVNmCiV/6XL4VU9iYA
K7t14Yj27H1chqMTRk+kso8rb51YwE2t4XL8jsWkP6x9jgE9WcvVe8Qg9mw/3yix
oKx23DrozsNbE3bVIxr5Y47TLGP55ioSYHEnXlpmk/dN2UPQXmOgCCxB58kp3/LA
atWp2VZU5SbkPJQQqbmYbXl+DvVMT4IDwB61y5ZWfbsnyZzSbEHKu248vHR+NjbA
hdG3ckeHZLj+3sqagqumHBqJ5iW+P9iv/j+JBcEolHRau+OMX51L+5QO5naaNhsV
rhorfjkaCGoTj6o0G7isAIcEWuA9mpy4Jo6GhO6FJQywkb/gJP9lYVm7LsSVuygM
NDP2rIZu2FFFyXDpunJ+Sm3G98R1DcUhOVCIfrK+z4sAMXx+8mv5JJmZXXnnJ3RV
2n1GWDwjJtZRFj9J3k5SE5oP+YSSxZWYzb6b5inSgGatWdnzKeBk0SkJJFb+iQjC
p3epMce3HsFK9nINfbXJ6fhZQi34EFEhW14D8cLMCp5Z0Q2n9aJqP+vUSR5YurF9
CeeOu2dkQZk=
=HwG2
-----END PGP SIGNATURE-----