exploit the possibilities

Rapid7 Security Advisory 22

Rapid7 Security Advisory 22
Posted Apr 26, 2006
Authored by Rapid7 | Site rapid7.com

Rapid7 Advisory R7-0022 Symantec Scan Engine Known Immutable DSA Private Key

tags | advisory
MD5 | bbed4e656163ee62d7fd9f5b8767dbef

Rapid7 Security Advisory 22

Change Mirror Download
_______________________________________________________________________
Rapid7, LLC Security Advisory
_______________________________________________________________________

Rapid7 Advisory R7-0022
Symantec Scan Engine Known Immutable DSA Private Key

Published: April 21, 2006
Revision: 1.0
http://www.rapid7.com/advisories/R7-0022.html

CVE: CVE-2006-0231

1. Affected system(s):

KNOWN VULNERABLE:
o Symantec Scan Engine v5.0.0.24

KNOWN FIXED:
o Symantec Scan Engine v5.1.0.7

UNKNOWN (PROBABLY VULNERABLE):
o All v5.0.x.x
o Earlier versions

2. Summary

Symantec Scan Engine exhibits a vulnerability in the way it
generates the SSL private key used for protecting communications
over TCP port 8005. This port is used to exchange sensitive
configuration and control commands between the server and the
administrative control application.

While all data over this port is protected using SSL, Rapid7 has
found that every installation of Symantec Scan Engine uses the same
private DSA key. This immutable key cannot be changed by end users
and can be extracted easily from any installation of this product.

This design flaw renders the SSL protection useless. A
man-in-the-middle attacker could easily intercept and decrypt all
communications between Symantec Scan Engine and an administrative
client.

NeXpose, Rapid7's award-winning vulnerability assessment platform,
checks for this vulnerability and other vulnerabilities we have
discovered in Symantec Scan Engine. Visit http://www.rapid7.com
to register for a free demo of NeXpose.

3. Vendor status and information

Symantec Corporation
http://www.symantec.com

Symantec was notified of this vulnerability on January 17, 2006.
They acknowledged the vulnerability, then provided us with a
fixed version. Rapid7's advisory was publicly released on April 21,
2006.

4. Solution

Upgrade to Symantec Scan Engine v5.1.0.7 or later.

5. Detailed analysis

Symantec Scan Engine's administrative client exchanges sensitive
configuration information with the server using a proprietary
protocol protected by SSL which runs by default on TCP port 8005.
This built-in SSL server is used, for example, to transmit the
administrator password hash when changing the password. It is
crucial for this communication channel to remain private,
authenticated, and reliable.

A critical design error has been made in the way SSL protection is
employed. The use of a particular DSA private key, pre-generated by
Symantec, is enforced in their SSL server in all tested versions of
Symantec Scan Engine. End users are offered no way to change the key,
and the key itself can be relatively easily extracted from any
installation. The key can be found in the file "servers.jar"
(located by default in "C:\Program Files\Symantec\Scan Engine"),
which contains a java keystore file "com/symantec/jsse/serverKeys"
protected by the password "secret". The key entry is stored under
the alias "server" and is protected by the password "secret".

This known immutable key renders SSL protection useless since the
private key is known to anybody (see below for the key in PEM
format). All Scan Engine installations use the same key. For example,
attackers can combine ARP or DNS spoofing attacks with the knowledge
of the private key to conduct man-in-the-middle attacks.

-----BEGIN DSA PRIVATE KEY-----
MIIBuwIBAAKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR
+1k9jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb
+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdg
UI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlX
TAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCj
rh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQB
TDv+z0kqAoGAE9rKDKa4eOROFXX1/jy7sLH34OGTbTmsqYoEBTJt8DolJkr6L4kf
SyOzpIhKB440mmXZMQJbXy0WNBCGzPjq6OHpI60KuBTskWAtPBEGE1jiov/7jK9b
wCt6sTBqo3Ux5ygyjuFQyt89d+qTp9761Z32OvaBq+IJvZYWNM8M/2ECFDLgCI85
fJtA3mlq9Q1T6U36Kl7x
-----END DSA PRIVATE KEY-----

The private component of this DSA key is X:

X = 0x32e0088f397c9b40de696af50d53e94dfa2a5ef1

A tool such as ssldump can be used to confirm the validity of the
private key as shown above, by manually comparing its public part to
the DSA public key embedded in the SSL server's certificate
displayed by ssldump.

6. Credit

This vulnerability was discovered by Marc Bevand of Rapid7.

7. Contact Information

Rapid7, LLC
Email: advisory@rapid7.com
Web: http://www.rapid7.com
Phone: +1 (617) 247-1717

8. Disclaimer and Copyright

Rapid7, LLC is not responsible for the misuse of the information
provided in our security advisories. These advisories are a service
to the professional security community. There are NO WARRANTIES with
regard to this information. Any application or distribution of this
information constitutes acceptance AS IS, at the user's own risk.
This information is subject to change without notice.

This advisory Copyright (C) 2006 Rapid7, LLC. Permission is hereby
granted to redistribute this advisory, providing that no changes are
made and that the copyright notices and disclaimers remain intact.

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    19 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close