FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec

From: FreeBSD Security Advisories (security-advisories_at_freebsd.org)
Date: 07/27/05

  • Next message: Francisco Amato: "[ISR] - Novell GroupWise Client Remote Buffer Overflow"
    Date: Wed, 27 Jul 2005 08:50:59 GMT
    To: Bugtraq <bugtraq@securityfocus.com>
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    =============================================================================
    FreeBSD-SA-05:19.ipsec Security Advisory
                                                              The FreeBSD Project

    Topic: Incorrect key usage in AES-XCBC-MAC

    Category: core
    Module: netinet6
    Announced: 2005-07-27
    Credits: Yukiyo Akisada, Yokogawa Electric Corporation
    Affects: FreeBSD 5.3, FreeBSD 5.4
    Corrected: 2005-07-27 08:41:44 UTC (RELENG_6, 6.0-BETA2)
                    2005-07-27 08:41:56 UTC (RELENG_5, 5.4-STABLE)
                    2005-07-27 08:42:16 UTC (RELENG_5_4, 5.4-RELEASE-p6)
                    2005-07-27 08:42:38 UTC (RELENG_5_3, 5.3-RELEASE-p20)
    CVE Name: CAN-2005-2359

    For general information regarding FreeBSD Security Advisories,
    including descriptions of the fields above, security branches, and the
    following sections, please visit
    <URL:http://www.freebsd.org/security/>.

    I. Background

    IPsec is a security protocol for the Internet Protocol networking
    layer. It provides a combination of encryption and authentication of
    system, using several possible cryptography algorithms.

    II. Problem Description

    A programming error in the implementation of the AES-XCBC-MAC algorithm
    for authentication resulted in a constant key being used instead of the
    key specified by the system administrator.

    III. Impact

    If the AES-XCBC-MAC algorithm is used for authentication in the absence
    of any encryption, then an attacker may be able to forge packets which
    appear to originate from a different system and thereby succeed in
    establishing an IPsec session. If access to sensitive information or
    systems is controlled based on the identity of the source system, this
    may result in information disclosure or privilege escalation.

    IV. Workaround

    Do not use the AES-XCBC-MAC algorithm for authentication, or use it
    together with some form of IPsec encryption.

    Systems which do not use IPsec, use other algorithms, or have IPsec
    encryption enabled are unaffected by this issue.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to 5-STABLE, or to the RELENG_5_4 or
    RELENG_5_3 security branch dated after the correction date.

    2) To patch your present system:

    The following patches have been verified to apply to FreeBSD 5.3 and 5.4
    systems.

    a) Download the relevant patch from the location below, and verify the
    detached PGP signature using your PGP utility.

    # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:19/ipsec.patch
    # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:19/ipsec.patch.asc

    b) Apply the patch.

    # cd /usr/src
    # patch < /path/to/patch

    c) Recompile your kernel as described in
    <URL:http://www.freebsd.org/handbook/kernelconfig.html> and reboot the
    system.

    VI. Correction details

    The following list contains the revision numbers of each file that was
    corrected in FreeBSD.

    Branch Revision
      Path
    - -------------------------------------------------------------------------
    RELENG_5
      src/sys/netinet6/ah_aesxcbcmac.c 1.1.4.2
    RELENG_5_4
      src/UPDATING 1.342.2.24.2.15
      src/sys/conf/newvers.sh 1.62.2.18.2.11
      src/sys/netinet6/ah_aesxcbcmac.c 1.1.4.1.2.1
    RELENG_5_3
      src/UPDATING 1.342.2.13.2.23
      src/sys/conf/newvers.sh 1.62.2.15.2.25
      src/sys/netinet6/ah_aesxcbcmac.c 1.1.6.1
    RELENG_6
      src/sys/netinet6/ah_aesxcbcmac.c 1.2.2.1
    - -------------------------------------------------------------------------

    VII. References

    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2359

    The latest revision of this advisory is available at
    ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (FreeBSD)

    iD8DBQFC50oTFdaIBMps37IRAt3IAJ9tqRnoO5+6u/+3Nn8/Cos1cS1/ygCdHmzs
    +LPbiS3Bye0Vdvssh7b6vYE=
    =v16f
    -----END PGP SIGNATURE-----


  • Next message: Francisco Amato: "[ISR] - Novell GroupWise Client Remote Buffer Overflow"

    Relevant Pages

    • FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec
      ... For general information regarding FreeBSD Security Advisories, ... including descriptions of the fields above, security branches, and the ... IPsec is a security protocol for the Internet Protocol networking ... A programming error in the implementation of the AES-XCBC-MAC algorithm ...
      (FreeBSD-Security)
    • [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec
      ... For general information regarding FreeBSD Security Advisories, ... including descriptions of the fields above, security branches, and the ... IPsec is a security protocol for the Internet Protocol networking ... A programming error in the implementation of the AES-XCBC-MAC algorithm ...
      (freebsd-announce)
    • FreeBSD Security Advisory FreeBSD-SA-08:04.ipsec
      ... For general information regarding FreeBSD Security Advisories, ... including descriptions of the fields above, security branches, and the ... The IPsec suite of protocols provide network level security for IPv4 ... A single specifically crafted IPv6 packet could cause the kernel to panic, ...
      (FreeBSD-Security)
    • FreeBSD Security Advisory FreeBSD-SA-08:04.ipsec
      ... For general information regarding FreeBSD Security Advisories, ... including descriptions of the fields above, security branches, and the ... The IPsec suite of protocols provide network level security for IPv4 ... A single specifically crafted IPv6 packet could cause the kernel to panic, ...
      (Bugtraq)
    • [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-08:04.ipsec
      ... For general information regarding FreeBSD Security Advisories, ... including descriptions of the fields above, security branches, and the ... The IPsec suite of protocols provide network level security for IPv4 ... A single specifically crafted IPv6 packet could cause the kernel to panic, ...
      (freebsd-announce)