CVE-2005-2359
CVSS5.0
发布时间 :2005-08-05 00:00:00
修订时间 :2008-09-05 16:51:32
NMCOPS    

[原文]The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session.


[CNNVD]FreeBSD IPsec会话AES-XCBC-MAC认证常量密钥漏洞(CNNVD-200508-068)

        FreeBSD就是一种运行在Intel平台上、可以自由使用的Unix系统;IPsec是FreeBSD所使用的一种Internet协议网络层安全协议。
        FreeBSD用于认证的AES-XCBC-MAC算法实现中存在编程错误,可能导致使用常量密钥而不是系统管理员所指定的密钥。
        如果缺少加密而使用AES-XCBC-MAC算法进行认证的话,攻击者就可以创建看起来源自不同系统的报文,因此就可以成功创建IPsec会话。如果攻击者根据源系统的身份控制了对敏感信息或系统的访问,就可能导致信息泄漏或权限提升。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:freebsd:freebsd:5.4FreeBSD 5.4
cpe:/o:freebsd:freebsd:5.3FreeBSD 5.3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2359
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2359
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200508-068
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/21551
(VENDOR_ADVISORY)  XF  freebsd-aesxcbcmac-security-bypass(21551)
http://secunia.com/advisories/16244/
(VENDOR_ADVISORY)  SECUNIA  16244
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc
(UNKNOWN)  FREEBSD  FreeBSD-SA-05:19
http://www.securityfocus.com/bid/14394
(UNKNOWN)  BID  14394
http://securitytracker.com/id?1014586
(UNKNOWN)  SECTRACK  1014586

- 漏洞信息

FreeBSD IPsec会话AES-XCBC-MAC认证常量密钥漏洞
中危 设计错误
2005-08-05 00:00:00 2005-10-20 00:00:00
远程  
        FreeBSD就是一种运行在Intel平台上、可以自由使用的Unix系统;IPsec是FreeBSD所使用的一种Internet协议网络层安全协议。
        FreeBSD用于认证的AES-XCBC-MAC算法实现中存在编程错误,可能导致使用常量密钥而不是系统管理员所指定的密钥。
        如果缺少加密而使用AES-XCBC-MAC算法进行认证的话,攻击者就可以创建看起来源自不同系统的报文,因此就可以成功创建IPsec会话。如果攻击者根据源系统的身份控制了对敏感信息或系统的访问,就可能导致信息泄漏或权限提升。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc

- 漏洞信息 (F38928)

FreeBSD-SA-05-19.ipsec.txt (PacketStormID:F38928)
2005-07-28 00:00:00
Yukiyo Akisada  freebsd.org
advisory,protocol
freebsd
CVE-2005-2359
[点击下载]

FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec - IPsec is a security protocol for the Internet Protocol networking layer. It provides a combination of encryption and authentication of system, using several possible cryptography algorithms. A programming error in the implementation of the AES-XCBC-MAC algorithm for authentication resulted in a constant key being used instead of the key specified by the system administrator.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=============================================================================
FreeBSD-SA-05:19.ipsec                                      Security Advisory
                                                          The FreeBSD Project

Topic:          Incorrect key usage in AES-XCBC-MAC

Category:       core
Module:         netinet6
Announced:      2005-07-27
Credits:        Yukiyo Akisada, Yokogawa Electric Corporation
Affects:        FreeBSD 5.3, FreeBSD 5.4
Corrected:      2005-07-27 08:41:44 UTC (RELENG_6, 6.0-BETA2)
                2005-07-27 08:41:56 UTC (RELENG_5, 5.4-STABLE)
                2005-07-27 08:42:16 UTC (RELENG_5_4, 5.4-RELEASE-p6)
                2005-07-27 08:42:38 UTC (RELENG_5_3, 5.3-RELEASE-p20)
CVE Name:       CAN-2005-2359

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
<URL:http://www.freebsd.org/security/>.

I.   Background

IPsec is a security protocol for the Internet Protocol networking
layer.  It provides a combination of encryption and authentication of
system, using several possible cryptography algorithms.

II.  Problem Description

A programming error in the implementation of the AES-XCBC-MAC algorithm
for authentication resulted in a constant key being used instead of the
key specified by the system administrator.

III. Impact

If the AES-XCBC-MAC algorithm is used for authentication in the absence
of any encryption, then an attacker may be able to forge packets which
appear to originate from a different system and thereby succeed in
establishing an IPsec session.  If access to sensitive information or
systems is controlled based on the identity of the source system, this
may result in information disclosure or privilege escalation.

IV.  Workaround

Do not use the AES-XCBC-MAC algorithm for authentication, or use it
together with some form of IPsec encryption.

Systems which do not use IPsec, use other algorithms, or have IPsec
encryption enabled are unaffected by this issue.

V.   Solution

Perform one of the following:

1) Upgrade your vulnerable system to 5-STABLE, or to the RELENG_5_4 or
RELENG_5_3 security branch dated after the correction date.

2) To patch your present system:

The following patches have been verified to apply to FreeBSD 5.3 and 5.4
systems.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:19/ipsec.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:19/ipsec.patch.asc

b) Apply the patch.

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
<URL:http://www.freebsd.org/handbook/kernelconfig.html> and reboot the
system.

VI.  Correction details

The following list contains the revision numbers of each file that was
corrected in FreeBSD.

Branch                                                           Revision
  Path
- -------------------------------------------------------------------------
RELENG_5
  src/sys/netinet6/ah_aesxcbcmac.c                                1.1.4.2
RELENG_5_4
  src/UPDATING                                            1.342.2.24.2.15
  src/sys/conf/newvers.sh                                  1.62.2.18.2.11
  src/sys/netinet6/ah_aesxcbcmac.c                            1.1.4.1.2.1
RELENG_5_3
  src/UPDATING                                            1.342.2.13.2.23
  src/sys/conf/newvers.sh                                  1.62.2.15.2.25
  src/sys/netinet6/ah_aesxcbcmac.c                                1.1.6.1
RELENG_6
  src/sys/netinet6/ah_aesxcbcmac.c                                1.2.2.1
- -------------------------------------------------------------------------

VII. References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2359

The latest revision of this advisory is available at
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)

iD8DBQFC50oTFdaIBMps37IRAt3IAJ9tqRnoO5+6u/+3Nn8/Cos1cS1/ygCdHmzs
+LPbiS3Bye0Vdvssh7b6vYE=
=v16f
-----END PGP SIGNATURE-----
    

- 漏洞信息

18297
FreeBSD IPsec AES-XCBC-MAC Persistent Key Use
Remote / Network Access Cryptographic
Loss of Integrity
Exploit Unknown

- 漏洞描述

FreeBSD contains a programming error in the implementation of the AES-XCBC-MAC algorithm which may result in the constant key being used. If identity of the source system protects access to sensitive information or systems, this may result in information disclosure or privilege escalation.

- 时间线

2005-07-27 Unknow
Unknow Unknow

- 解决方案

Upgrade to 5-STABLE, or to the RELENG_5_4 or RELENG_5_3 security branch dated after the correction date or apply the proper patch, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): 1) Do not use the AES-XCBC-MAC algorithm for authentication, or use it together with some form of IPsec encryption. 2) Recompile your kernel as appropriate and reboot the system.

- 相关参考

- 漏洞作者

- 漏洞信息

BSD IPsec Session AES-XCBC-MAC Authentication Constant Key Usage Vulnerability
Design Error 14394
Yes No
2005-07-27 12:00:00 2009-07-12 04:06:00
The vendor reported this issue.

- 受影响的程序版本

NetBSD NetBSD 2.0.2
NetBSD NetBSD 2.0.1
NetBSD NetBSD 2.0
FreeBSD FreeBSD 5.4 -RELENG
FreeBSD FreeBSD 5.4 -RELEASE
FreeBSD FreeBSD 5.4 -PRERELEASE
FreeBSD FreeBSD 5.3 -STABLE
FreeBSD FreeBSD 5.3 -RELENG
FreeBSD FreeBSD 5.3 -RELEASE
FreeBSD FreeBSD 5.3

- 漏洞讨论

BSD is affected by a vulnerability that may allow remote unauthorized attackers to establish an IPsec session.

The vulnerability presents itself when the 'AES-XCBC-MAC' algorithm is used for authentication without any other method of IPsec encryption.

A successful attack can allow an attacker to forge packets and potentially establish an IPsec session. This can lead to various other attacks.

- 漏洞利用

An exploit is not required.

- 解决方案

FreeBSD advisory FreeBSD-SA-05:19.ipsec is available to address this issue. Please see the referenced advisory for more information.

Patches are available for FreeBSD 5.3 and 5.4.

A patch is available for NetBSD 2.x versions from the KAME Project.


NetBSD NetBSD 2.0

NetBSD NetBSD 2.0.1

NetBSD NetBSD 2.0.2

FreeBSD FreeBSD 5.3 -RELENG

FreeBSD FreeBSD 5.4 -RELENG

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站