Vulnerability Note VU#120541

SSL and TLS protocols renegotiation vulnerability

Original Release date: 11 Nov 2009 | Last revised: 22 Jul 2011

Overview

A vulnerability exists in SSL and TLS protocols that may allow attackers to execute an arbitrary HTTP transaction.

Description

The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols are commonly used to provide authentication, encryption, integrity, and non-repudiation services to network applications such as HTTP, IMAP, POP3, LDAP. A vulnerability in the way SSL and TLS protocols allow renegotiation requests may allow an attacker to inject plaintext into an application protocol stream. This could result in a situation where the attacker may be able to issue commands to the server that appear to be coming from a legitimate source. According to the Network Working Group:

The server treats the client's initial TLS handshake as a renegotiation and thus believes that the initial data transmitted by the attacker is from the same entity as the subsequent client data.

This issue affects SSL version 3.0 and newer and TLS version 1.0 and newer.

Impact

A remote, unauthenticated attacker may be able to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream. This could allow and attacker to issue HTTP requests, or take action impersonating the user, among other consequences.

Solution

Users should contact vendors for specific patch information.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Barracuda NetworksAffected05 Nov 200917 Dec 2009
Debian GNU/LinuxAffected05 Nov 200911 Nov 2009
GnuTLSAffected05 Nov 200911 Nov 2009
Hewlett-Packard CompanyAffected05 Nov 200917 Dec 2009
IBM CorporationAffected05 Nov 200911 Nov 2009
McAfeeAffected05 Nov 200911 Nov 2009
Sun Microsystems, Inc.Affected05 Nov 200906 Nov 2009
CryptlibNot Affected05 Nov 200911 Nov 2009
Force10 Networks, Inc.Not Affected05 Nov 200922 Jul 2011
libgcryptNot Affected05 Nov 200911 Nov 2009
Redback Networks, Inc.Not Affected05 Nov 200911 Nov 2009
SafeNetNot Affected05 Nov 200919 Nov 2009
3com IncUnknown05 Nov 200905 Nov 2009
ACCESSUnknown05 Nov 200905 Nov 2009
Alcatel-LucentUnknown05 Nov 200905 Nov 2009
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to Marsh Ray of PhoneFactor for reporting this vulnerability. This issue was also independently discovered and publicly disclosed by Martin Rex of SAP.

This document was written by Chris Taschner.

Other Information

  • CVE IDs: CVE-2009-3555
  • Date Public: 05 Nov 2009
  • Date First Published: 11 Nov 2009
  • Date Last Updated: 22 Jul 2011
  • Document Revision: 35

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.