CERT home
vulnerabilities & fixesevaluations & practicesresearch & analysistraining & education
homesearchFAQsite indexcontact
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

Vulnerability Note VU#466161

XML signature HMAC truncation authentication bypass

Overview

The XML Signature specification allows for HMAC truncation, which may allow a remote attacker to bypass authentication.

I. Description

XML Signature Syntax and Processing (XMLDsig) is a W3C recommendation for providing integrity, message authentication, and/or signer authentication services for data. XMLDsig is commonly used by web services such as SOAP. The XMLDsig recommendation includes support for HMAC truncation, as specified in RFC2104. However, the XMLDsig specification does not follow the RFC2104 recommendation to not allow truncation to less than half of the length of the hash output or less than 80 bits. When HMAC truncation is under the control of an attacker this can result in an effective authentication bypass. For example, by specifying an HMACOutputLength of 1, only one bit of the signature is verified. This can allow an attacker to forge an XML signature that will be accepted as valid.

II. Impact

This vulnerability can allow an attacker to bypass the authentication mechanism provided by the XML Signature specification.

III. Solution

Apply an update

Please check with your vendor for available updates. Erratum E03 for the XMLDsig recommendation has been added, which specifies minimum values for HMAC truncation.

Systems Affected

VendorStatusDate Updated
3com, Inc.Unknown2009-07-092009-07-09
ACCESSUnknown2009-07-092009-07-09
Alcatel-LucentUnknown2009-07-092009-07-09
Apache XML SecurityVulnerable2009-07-14
Apple Inc.Vulnerable2009-07-092009-07-10
AT&TUnknown2009-07-092009-07-09
Avaya, Inc.Unknown2009-07-092009-07-09
Barracuda NetworksUnknown2009-07-092009-07-09
Belkin, Inc.Unknown2009-07-092009-07-09
Borderware TechnologiesUnknown2009-07-092009-07-09
CERT-BundUnknown2009-06-222009-06-22
CerticomUnknown2009-02-182009-02-18
Charlotte's Web NetworksUnknown2009-07-092009-07-09
Check Point Software TechnologiesUnknown2009-07-092009-07-09
Cisco Systems, Inc.Unknown2009-07-092009-07-09
ClavisterUnknown2009-07-092009-07-09
Computer AssociatesUnknown2009-07-092009-07-09
Computer Associates eTrust Security ManagementUnknown2009-07-092009-07-09
Conectiva Inc.Unknown2009-07-092009-07-09
Cray Inc.Unknown2009-07-092009-07-09
D-Link Systems, Inc.Unknown2009-07-092009-07-09
Debian GNU/LinuxVulnerable2009-07-092009-07-14
DragonFly BSD ProjectUnknown2009-07-092009-07-09
EMC CorporationUnknown2009-07-092009-07-09
Engarde Secure LinuxUnknown2009-07-092009-07-09
Enterasys NetworksUnknown2009-07-092009-07-09
EricssonUnknown2009-07-092009-07-09
eSoft, Inc.Unknown2009-07-092009-07-09
Extreme NetworksUnknown2009-07-092009-07-09
F5 Networks, Inc.Unknown2009-07-092009-07-09
Fedora ProjectUnknown2009-07-092009-07-09
Force10 Networks, Inc.Not Vulnerable2009-07-092009-07-14
Fortinet, Inc.Unknown2009-07-092009-07-09
Foundry Networks, Inc.Unknown2009-07-092009-07-09
FreeBSD, Inc.Unknown2009-07-092009-07-09
FujitsuUnknown2009-07-092009-07-09
Gentoo LinuxUnknown2009-07-092009-07-09
Global Technology AssociatesUnknown2009-07-092009-07-09
Hewlett-Packard CompanyUnknown2009-07-092009-07-09
HitachiUnknown2009-07-092009-07-09
IBM CorporationVulnerable2009-07-092009-07-14
IBM eServerUnknown2009-07-092009-07-09
InfobloxUnknown2009-07-092009-07-09
Intel CorporationUnknown2009-07-092009-07-09
Internet Security Systems, Inc.Unknown2009-07-092009-07-09
IntotoUnknown2009-07-092009-07-09
IP FilterUnknown2009-07-092009-07-09
IP Infusion, Inc.Unknown2009-07-092009-07-09
Juniper Networks, Inc.Unknown2009-07-092009-07-09
Luminous NetworksUnknown2009-07-092009-07-09
m0n0wallNot Vulnerable2009-07-092009-07-10
Mandriva S. A.Unknown2009-07-092009-07-09
McAfeeUnknown2009-07-092009-07-09
Microsoft CorporationUnknown2009-07-092009-07-09
Mono-ProjectVulnerable2009-07-10
MontaVista Software, Inc.Unknown2009-07-092009-07-09
Multitech, Inc.Unknown2009-07-092009-07-09
NEC CorporationUnknown2009-07-092009-07-09
NetAppUnknown2009-07-092009-07-09
NetBSDUnknown2009-07-092009-07-09
netfilterUnknown2009-07-092009-07-09
NokiaUnknown2009-07-092009-07-09
Nortel Networks, Inc.Unknown2009-07-092009-07-09
Novell, Inc.Unknown2009-07-092009-07-09
Openwall GNU/*/LinuxUnknown2009-07-092009-07-09
Oracle CorporationVulnerable2009-07-13
PePLinkNot Vulnerable2009-07-092009-07-20
Process SoftwareUnknown2009-07-092009-07-09
Q1 LabsNot Vulnerable2009-07-092009-07-10
QNX, Software Systems, Inc.Unknown2009-07-092009-07-09
QuaggaUnknown2009-07-092009-07-09
RadWare, Inc.Unknown2009-07-092009-07-09
Red Hat, Inc.Unknown2009-07-092009-07-09
Redback Networks, Inc.Unknown2009-07-092009-07-09
RSA Security, Inc.Vulnerable2009-07-14
SafeNetUnknown2009-07-092009-07-09
Secureworx, Inc.Unknown2009-07-092009-07-09
Silicon Graphics, Inc.Unknown2009-07-092009-07-09
Slackware Linux Inc.Unknown2009-07-092009-07-09
SmoothWallUnknown2009-07-092009-07-09
SnortUnknown2009-07-092009-07-09
Soapstone NetworksUnknown2009-07-092009-07-09
Sony CorporationUnknown2009-07-092009-07-09
SourcefireUnknown2009-07-092009-07-09
StonesoftUnknown2009-07-092009-07-09
Sun Microsystems, Inc.Vulnerable2009-07-092009-08-05
SUSE LinuxUnknown2009-07-092009-07-09
SymantecUnknown2009-07-092009-07-09
The SCO GroupNot Vulnerable2009-07-092009-07-13
TippingPoint, Technologies, Inc.Unknown2009-07-092009-07-09
TurbolinuxUnknown2009-07-092009-07-09
U4EA Technologies, Inc.Unknown2009-07-092009-07-09
UbuntuUnknown2009-07-092009-07-09
UnisysUnknown2009-07-092009-07-09
VMwareNot Vulnerable2009-07-092009-07-14
VyattaUnknown2009-07-092009-07-09
Watchguard Technologies, Inc.Unknown2009-07-092009-07-09
Wind River Systems, Inc.Not Vulnerable2009-07-092009-07-13
XML Security LibraryVulnerable2009-07-10
ZyXELUnknown2009-07-092009-07-09

References


http://www.w3.org/2008/06/xmldsigcore-errata.html#e03
http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html
http://www.rsa.com/blog/blog_entry.aspx?id=1492
http://www.w3.org/TR/xmldsig-core/
http://www.w3.org/TR/xmldsig-core/#sec-HMAC
http://tools.ietf.org/html/rfc2104#section-5
http://www.oasis-open.org/specs/index.php#wss
http://www.w3.org/2000/xp/Group/
http://msdn.microsoft.com/en-us/library/ms996502.aspx
http://www.ibm.com/support/docview.wss?rs=180&uid=swg21384925
http://santuario.apache.org/download.html
http://www.mono-project.com/Vulnerabilities
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2009.html
http://www.aleksey.com/xmlsec/downloads.html
http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161
http://rdist.root.org/2009/07/19/xmldsig-welcomes-all-signatures/

Credit

Thanks to Thomas Roessler of the W3C for reporting this vulnerability.

This document was written by Will Dormann.

Other Information

Date Public07/14/2009
Date First Published07/14/2009 02:38:38 PM
Date Last Updated08/05/2009
CERT Advisory 
CVE NameCVE-2009-0217
Metric8.16
Document Revision28

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Copyright 2009 Carnegie Mellon University