CVE-2001-1105
CVSS7.5
发布时间 :2001-09-12 00:00:00
修订时间 :2008-09-05 16:25:42
NMCOS    

[原文]RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.


[CNNVD]RSA BSAFE SSL-J验证绕过漏洞(CNNVD-200109-041)

        RSA BSAFE SSL-J 3.0, 3.0.1和3.1版本当用于Cisco iCND 2.0版本中时可以从失败的登录尝试缓存会话ID,远程攻击者可以通过初步失败后的登录绕过SSL客户验证和获取对敏感数据的访问。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:rsa:bsafe_ssl-j_sdk:3.0.1RSA BSAFE SSL-J SDK 3.0.1
cpe:/a:rsa:bsafe_ssl-j_sdk:3.0RSA BSAFE SSL-J SDK 3.0
cpe:/a:rsa:bsafe_ssl-j_sdk:3.1RSA BSAFE SSL-J SDK 3.1
cpe:/a:cisco:icdn:2.0Cisco iCDN 2.0

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1105
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1105
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200109-041
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/static/7112.php
(VENDOR_ADVISORY)  XF  bsafe-ssl-bypass-authentication(7112)
http://www.securityfocus.com/bid/3329
(VENDOR_ADVISORY)  BID  3329
http://www.ciac.org/ciac/bulletins/l-141.shtml
(VENDOR_ADVISORY)  CIAC  L-141
http://www.rsasecurity.com/products/bsafe/bulletins/BSAFE_SSL-J_3.x.SecurityBulletin.html
(UNKNOWN)  CONFIRM  http://www.rsasecurity.com/products/bsafe/bulletins/BSAFE_SSL-J_3.x.SecurityBulletin.html
http://www.cisco.com/warp/public/707/SSL-J-pub.html
(UNKNOWN)  CISCO  20010912 Vulnerable SSL Implementation in iCDN

- 漏洞信息

RSA BSAFE SSL-J验证绕过漏洞
高危 输入验证
2001-09-12 00:00:00 2005-10-20 00:00:00
远程  
        RSA BSAFE SSL-J 3.0, 3.0.1和3.1版本当用于Cisco iCND 2.0版本中时可以从失败的登录尝试缓存会话ID,远程攻击者可以通过初步失败后的登录绕过SSL客户验证和获取对敏感数据的访问。

- 公告与补丁

        RSA BSAFE SSL-J customers with active maintenance agreements and who currently use an affected version of RSA BSAFE SSL-J are recommended to upgrade to the latest release version of RSA BSAFE SSL-J. Additional information may be found at:
        http://www.rsasecurity.com/support/bsafe/index.html
        This issue is known to affect version 2.0 of Cisco's iCDN, and has been fixed in version 2.0.1.

- 漏洞信息

8835
RSA Security BSAFE SSL-J Failed Login Credential Caching Authentication Bypass
Remote / Network Access Authentication Management
Loss of Integrity Patch / RCS
Exploit Unknown Coordinated Disclosure

- 漏洞描述

RSA Security BSAFE SSL-J contains a flaw that is due session IDs from failed login attempts being cached, which can be leveraged to bypass SSL client authentication. This will allow a remote attacker to gain access to potentially sensitive data via logging in after a failed login attempt.

- 时间线

2001-09-12 Unknow
Unknow Unknow

- 解决方案

The vendor has released a patch to address this vulnerability. There are no known workarounds or upgrades to correct this issue. Check the vendor advisory, changelog, or solution in the references section for details.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

RSA BSAFE SSL-J Authentication Bypass Vulnerability
Input Validation Error 3329
Yes No
2001-09-12 12:00:00 2009-07-11 07:56:00
Published in a Cisco Systems Security Advisory on September 12, 2001.

- 受影响的程序版本

RSA Security BSAFE SSL-J SDK 3.1
RSA Security BSAFE SSL-J SDK 3.0.1
RSA Security BSAFE SSL-J SDK 3.0
+ Cisco iCDN 2.0
Cisco iCDN 2.0
Cisco iCDN 2.0.1

- 不受影响的程序版本

Cisco iCDN 2.0.1

- 漏洞讨论

A vulnerability exists in several versions of RSA's SSL-J Software Development Kit (SDK) that can enable an attacker to bypass SSL client authentication.

Under certain conditions, if an error occurs during the SSL client-server handshake, the SSL session key may be stored in a cache rather than being discarded. Once cached, this session key can be used by an attacker to cause a server to skip the full client authentication scheme, using a much shorter one. This effectively allows the attacker to fully bypass the client authentication.

On systems that rely solely on the authentication mechanism provided by SSL, this could enable an attacker to perform unauthorized actions.

Additional technical details are forthcoming.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

RSA BSAFE SSL-J customers with active maintenance agreements and who currently use an affected version of RSA BSAFE SSL-J are recommended to upgrade to the latest release version of RSA BSAFE SSL-J. Additional information may be found at:

http://www.rsasecurity.com/support/bsafe/index.html

This issue is known to affect version 2.0 of Cisco's iCDN, and has been fixed in version 2.0.1.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站