-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

DFN-CERT Services GmbH - Security Advisory
==========================================

* Advisory: DSB-2011-01
* Version: 1.0
* Released on: 2011-07-22
* Updated on: 2011-07-22
* Product: FreeRADIUS 2.1.11 (2011-06-29)


Summary
- -------

FreeRADIUS is a RADIUS server software which supports many
authentication protocols. One of those protocols is EAP-TLS
used within 802.1X. In EAP-TLS X.509 client certificates are
used to authenticate remote users/clients.

FreeRADIUS supports several methods for checking the revocation
status of X.509 certificates. Recently support for revocation
status checking with the Online Certificate Status Protocol (OCSP)
was added to FreeRADIUS.

During a test of the OCSP support in FreeRADIUS, a security
vulnerability has been found in the way the FreeRADIUS code parses
the replies from an OCSP responder.

This allows a remote attacker to use a revoked certificate from an
otherwise trusted certification authority (CA) to successfully
authenticate against the FreeRADIUS server if it is configured
to use EAP-TLS with OCSP certificate validation.

OCSP is not enabled in the default configuration of FreeRADIUS.


Solution
- --------

Until now, there is no official patch for the vulnerability.
Therefore, we strongly advise you to disable OCSP support in the
FreeRADIUS configuration until an official patch by the packet
maintainer is available. Instead, the use of certification revocation
list (CRL) checking which is implemented by FreeRADIUS is recommended.


Details (CVE-2011-2701)
- -----------------------

In the file rlm_eap_tls.c, the ocsp_check() function performs a basic
verification of the value that is returned by the OCSP service
OCSP_basic_verify(), but it does not verify the status of the
certificate itself. Thus, if an attacker has access to a revoked
certificate and its matching private key, the attacker is able to get
authenticated against the FreeRADIUS server.
This allows the attacker to gain access to all network resources that
are accessible due to the FreeRADIUS authentication, e.g. Internet access.

To avoid the issue, the status of the certificate has to be checked with
the OCSP_resp_find_status() function by comparing the returned status
value against 'V_OCSP_CERTSTATUS_GOOD', and by checking the freshness of
the OCSP response with OCSP_check_validity().


References
- ----------

This advisory and further updates of it will be published at:

  <https://www.dfn-cert.de/informationen/Sicherheitsbulletins/dsb-2011-01.html>


New releases, or patches, for the software can be downloaded from the
official FreeRADIUS web site:

  <http://freeradius.org>


Contact
- -------

We created a basic patch for this issue which is not publicly available
because of possible side effects and a missing test environment. However,
we are willing to send our patch to all Linux/BSD vendors as a basis for
their own patches.

Any questions regarding this advisory, or the patch itself,
can be sent to advisory@dfn-cert.de.

Please note that we will not make our patch publicly available.


History
- -------

2011-07-01  Notified the FreeRADIUS project
2011-07-22  New version with a full description of the issue
    and the CVE identifier


-----BEGIN PGP SIGNATURE-----

iQEVAwUBTi2CGPNu3tfxLoPHAQIpcQf/bB1j7TPuP/252N+jxUlsh4TlV8KkBNP/
GrhMDl+35iq9+wtU4sn8JsuDP0lmTOKm7bEr1Iir9oCBN0bMWPzaWO/21U7Yqns7
IFlKn29aHgLeDWevnkxAUhFjHDEC/i0b7CSHqRcAtP2Fa5Z9TNlTDXIa3HXuOPev
Z4KcKo4LA9v3wFcu/JSLiQcHezC+qJKkIA9wtsiAbcEwyBqBY/Jvqx0ccK859XIC
jwBboxACIU+1hJvUBAv4u5F6jByQyegXPwe6tcnpYJi5Xd7xI3GJKm5r738L8NYW
MyNjrbXOYUDb4MsyWsr4HJSzzfiTjGrgC0xVSNTaoTMGM7I/WurDKQ==
=cnDb
-----END PGP SIGNATURE-----