CVE-2004-0155
CVSS7.5
发布时间 :2004-06-01 00:00:00
修订时间 :2016-10-17 22:41:13
NMCOPS    

[原文]The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate.


[CNNVD]Racoon IKE守护程序未授权X.509证书连接漏洞(CNNVD-200406-030)

        
        racoon IKE守护程序是一款IKE协议实现。
        racoon IKE守护程序存在安全问题,远程攻击者可以利用这个漏洞利用合法X.509证书不需要提供相应正确的私钥进行未授权VPN访问。
        Linux 2.6内核包含的racoon守护程序和KAME's IPsec工具受此漏洞影响,目前没有详细漏洞细节提供。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:945Racoon IKE Daemon Unauthorized X.509 Certificate Connection Vulnerability
oval:org.mitre.oval:def:9291The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0155
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0155
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200406-030
(官方数据源) CNNVD

- 其它链接及资源

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10/SCOSA-2005.10.txt
(UNKNOWN)  SCO  SCOSA-2005.10
http://marc.info/?l=bugtraq&m=108136746911000&w=2
(UNKNOWN)  BUGTRAQ  20040407 CAN-2004-0155: The KAME IKE Daemon Racoon does not verify RSA Signatures during Phase 1, allows man-in-the-middle attacks and unauthorized connections
http://marc.info/?l=bugtraq&m=108369640424244&w=2
(UNKNOWN)  APPLE  APPLE-SA-2004-05-03
http://www.gentoo.org/security/en/glsa/glsa-200406-17.xml
(UNKNOWN)  GENTOO  GLSA-200406-17
http://www.kb.cert.org/vuls/id/552398
(UNKNOWN)  CERT-VN  VU#552398
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:069
(UNKNOWN)  MANDRAKE  MDKSA-2004:069
http://www.mandriva.com/security/advisories?name=MDKSA-2004:027
(UNKNOWN)  MANDRAKE  MDKSA-2004:027
http://www.redhat.com/support/errata/RHSA-2004-165.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2004:165
http://www.securityfocus.com/bid/10072
(UNKNOWN)  BID  10072

- 漏洞信息

Racoon IKE守护程序未授权X.509证书连接漏洞
高危 访问验证错误
2004-06-01 00:00:00 2005-10-20 00:00:00
远程  
        
        racoon IKE守护程序是一款IKE协议实现。
        racoon IKE守护程序存在安全问题,远程攻击者可以利用这个漏洞利用合法X.509证书不需要提供相应正确的私钥进行未授权VPN访问。
        Linux 2.6内核包含的racoon守护程序和KAME's IPsec工具受此漏洞影响,目前没有详细漏洞细节提供。
        

- 公告与补丁

        厂商补丁:
        IPsec-Tools
        -----------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        IPsec-Tools Upgrade IPsec-Tools 0.2.5
        
        http://sourceforge.net/project/showfiles.php?group_id=74601&release_id=228873

        IPsec-Tools Upgrade IPsec-Tools 0.3rc5
        
        http://sourceforge.net/project/showfiles.php?group_id=74601&release_id=228883

- 漏洞信息 (F33033)

KAME-IKE.txt (PacketStormID:F33033)
2004-04-07 00:00:00
Ralf Spenneberg,Michal Ludvig,Hans Hacker  
advisory
CVE-2004-0155
[点击下载]

The KAME IKE Daemon Racoon does not verify RSA Signatures during Phase 1, allowing man-in-the-middle attacks and unauthorized connections.

Security Advisory: The KAME IKE Daemon Racoon does not verify RSA
Signatures during Phase 1, allows man-in-the-middle attacks and
unauthorized connections
                                                                                
Author: Ralf Spenneberg <ralf@spenneberg.net>
                                                                                
Revision: 1
                                                                                
Last Updated: April 07, 2004 18:00
                                                                                
CAN-2004-0155
                                                                                
Summary:
The KAME IKE Daemon racoon authenticates the peer in Phase 1 using
either preshared keys, RSA signatures or GSS-API. When RSA signatures
are used, racoon validates the X.509 certificate send by the peer but
not the RSA signature.
If the peer sends a valid and trusted X.509 certificate during Phase 1
any private key can be used to generate the RSA signature. The
authentication will still
succeed.
                                                                                
Impact:
Very High: Since racoon is the an often used IKE daemon on the *BSD
platform and on the native Linux kernel 2.6 IPsec stack.
If the attacker has access to a valid and trusted X.509 certificate he
can establish an IPsec connection to racoon or can start a
man-in-the-middle attack.
                                                                                
Exploit:
No exploit code is needed. Racoon itself can be used to exploit this
security bug. The important configuration line:
   certificate_type x509 certificate badprivatekey;
If the certificate is valid and trusted by the attacked racoon the
attacker can
connect using any 'badprivatekey'
                                                                                
Vulnerable:
Tested:
Linux: ipsec-tools <=0.2.4; <=0.3rc4
FreeBSD 4.9 using racoon-20030711
Not-tested but probable looking at the code:
All KAME/racoon version published before April 06 2004
I do not have access to the Apple/racoon version, but it is highly
probable that this version is vulnerable, too.
                                                                                        
Technical description:
In function eay_rsa_verify() in file crypto_openssl.c:
       [...]
       evp = d2i_PUBKEY(NULL, &bp, pubkey->l);
       if (evp == NULL)
             return 0;
       [...]
In this context the function d2i_PUBKEY always returns NULL. The
function therefore exits with the returncode 0 (success). The actual
verification of the signature does not take place.
                                                                                
Solution:
Upgrade is needed. No workaround is known!
The attached patch fixed the problem on Linux using the ipsec-tools
package.
Updated packages are already available for some distributions:

ipsec-tools: http://ipsec-tools.sf.net
KAME: Updates are available in their CVS
Gentoo: Has already published their Security Advisory
                                                                        
Credits:
Michal Ludvig
Hans Hacker

-- 
Ralf Spenneberg
UNIX/Linux Trainer and Consultant, RHCE, RHCX
Waldring 34                             48565 Steinfurt         Germany
Fon: +49(0)2552 638 755                 Fax: +49(0)2552 638 757
Mobil: +49(0)177 567 27 40
 
Markt+Technik Buch:                     Intrusion Detection f    

- 漏洞信息

5008
KAME Racoon IKE Daemon RSA Signature Verification Failure
Local Access Required, Remote / Network Access Authentication Management, Input Manipulation, Misconfiguration
Loss of Confidentiality
Exploit Public

- 漏洞描述

Multiple IPSec implementations, including KAME, ipsec-tools, and operating systems that include them contain a flaw that may allow a malicious user to make a successful IPSec connection without proper authorization. The issue is triggered when the attacker possesses any valid and trusted X.509 certificate and the server attempts to use RSA signature authentication. While the server does check the validity of the X.509 certificate, it fails to check the RSA signature of that certificate. It is possible that the flaw may allow unauthorized access, resulting in a loss of confidentiality.

- 时间线

2004-04-07 Unknow
2004-04-07 Unknow

- 解决方案

Upgrade to version 1.84 of KAME or a recent CVS tree, version 1.62 of NetBSD, version 4.9-CURRENT of FreeBSD, version 0.2.5 of ipsec-tools, or higher, as these have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Racoon IKE Daemon Unauthorized X.509 Certificate Connection Vulnerability
Access Validation Error 10072
Yes No
2004-04-07 12:00:00 2007-02-20 04:56:00
Discovery is credited to Ralf Spenneberg.

- 受影响的程序版本

SGI ProPack 3.0
SCO Unixware 7.1.4
Red Hat Fedora Core2
Red Hat Fedora Core1
KAME Racoon 20030711
+ FreeBSD FreeBSD 4.9
KAME Racoon
+ FreeBSD FreeBSD 4.9
+ NetBSD NetBSD 1.6.1
+ NetBSD NetBSD 1.6
IPsec-Tools IPsec-Tools 0.3 rc4
IPsec-Tools IPsec-Tools 0.3 rc3
IPsec-Tools IPsec-Tools 0.3 rc2
IPsec-Tools IPsec-Tools 0.3 rc1
IPsec-Tools IPsec-Tools 0.2.4
IPsec-Tools IPsec-Tools 0.2.3
IPsec-Tools IPsec-Tools 0.2.2
IPsec-Tools IPsec-Tools 0.2.1
IPsec-Tools IPsec-Tools 0.2
IPsec-Tools IPsec-Tools 0.1
Gentoo Linux 1.4 _rc3
Gentoo Linux 1.4 _rc2
Gentoo Linux 1.4 _rc1
Gentoo Linux 1.4
Gentoo Linux 1.2
Gentoo Linux 1.1 a
Gentoo Linux 0.7
Gentoo Linux 0.5
Apple Mac OS X Server 10.3.3
Apple Mac OS X Server 10.2.8
Apple Mac OS X 10.3.3
Apple Mac OS X 10.2.8
IPsec-Tools IPsec-Tools 0.3 rc5
IPsec-Tools IPsec-Tools 0.2.5

- 不受影响的程序版本

IPsec-Tools IPsec-Tools 0.3 rc5
IPsec-Tools IPsec-Tools 0.2.5

- 漏洞讨论

The racoon IKE daemon is prone to a security vulnerability that may allow unauthorized access. This issue may allow holders of valid X.509 certificates to make unauthorized connections to the VPN without being required to have the corresponding private key. Man-in-the-middle attacks are also possible.

This issue affects the racoon daemon included in IPsec-Tools for Linux 2.6 Kernel and the version included in KAME's IPsec utilities.

- 漏洞利用

An attacker may exploit this issue using the racoon daemon itself by setting the following configuration option:

certificate_type x509 certificate badprivatekey;

(where 'badprivatekey' equals an arbitrary private key for the certificate)

The attacker can then make an unauthorized connection.

- 解决方案

Please see the referenced advisories for more information.


Red Hat Fedora Core2

IPsec-Tools IPsec-Tools 0.1

IPsec-Tools IPsec-Tools 0.2

IPsec-Tools IPsec-Tools 0.2.1

IPsec-Tools IPsec-Tools 0.2.2

IPsec-Tools IPsec-Tools 0.2.3

IPsec-Tools IPsec-Tools 0.2.4

IPsec-Tools IPsec-Tools 0.3 rc2

IPsec-Tools IPsec-Tools 0.3 rc4

IPsec-Tools IPsec-Tools 0.3 rc1

IPsec-Tools IPsec-Tools 0.3 rc3

Apple Mac OS X 10.2.8

Apple Mac OS X Server 10.2.8

Apple Mac OS X Server 10.3.3

Apple Mac OS X 10.3.3

SGI ProPack 3.0

SCO Unixware 7.1.4

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站