| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 6 Oct 2003 08:06:18 -0400 From: "Joshua Wright" <Joshua.Wright@....edu> To: <bugtraq@...urityfocus.com> Subject: Weaknesses in LEAP Challenge/Response -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In August 2003, I sent a tool I had written to the Cisco PSIRT team that exploited weaknesses in the LEAP challenge/response authentication mechanism. This tool leveraged large password lists to efficiently launch offline dictionary attacks against LEAP user accounts, collected through passive sniffing or active disassociate/reassociate techniques. The Cisco LEAP challenge/response mechanism is just a modified version of MS-CHAPv2, as documented on the cisco.com website [1]. The MS-CHAPv2 protocol is known to be weak, as documented in many sources. My concern when learning about the architecture of the LEAP protocol was that Cisco was continuing to push LEAP to customers in their CCX program as a way to gain market share, over stronger wireless authentication protocols such as PEAP and TTLS. After presenting this information at the Defcon 11 conference [2], Cisco released a PSIRT notice that referenced their internal documentation, making customers aware that LEAP was vulnerable to dictionary attacks [3]. This notice was very subtle, and despite my asking Cisco to reword the notice to include stronger language that would prompt people who are using LEAP to take the flaw seriously, Cisco would not modify the notice. I am not the first person to identify this weakness, and I know that other people have written code (that is likely far better than my own code) to exploit this flaw but have remained quiet while Cisco prepares an alternate, stronger authentication mechanism for customers. In an effort to give Cisco and their customers time to react to this flaw, I told Cisco I would not release my attack code for 6 months, starting in August 2003. I plan to keep this promise, although it may be moot since other exploit code has been posted to public forums that exploits the same challenge/response flaw. Customers using LEAP should be aware that the usernames and password of their user account are exposed, and should plan for the deployment of an alternate authentication mechanisms such as PEAP or TTLS. Disabling user accounts after successive failed login attempts will not help protect against unauthorized access, since this is an offline attack that can be run at the attacker's leisure. At a bare minimum, LEAP users should immediately audit and expire user passwords that are based on dictionary words, or common derivations. - -Joshua Wright Senior Network and Security Architect Johnson & Wales University Joshua.Wright@....edu http://home.jwu.edu/jwright/ pgpkey: http://home.jwu.edu/jwright/pgpkey.htm fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73 [1] "802.11 Wireless LAN Security White Paper", http://www.cisco.com/en/US/netsol/ns110/ns175/ns176/ns178/networking_s olutions_white_paper09186a00800b469f.shtml (section 5 - "Cisco LEAP Architecture"). [2] "Weaknesses in LEAP Challenge/Response", http://home.jwu.edu/jwright/presentations/asleap-defcon.pdf. [3] "Dictionary Attack on Cisco LEAP", http://www.cisco.com/warp/public/707/cisco-sn-20030802-leap.shtml. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBP4Fauo/i/ArUS0pzEQJPGgCeMsXRKllukoUWylhsvd/7Y1xxem0AmwYo ujluL47iYElFAkaFSh7ZTKEV =sg8y -----END PGP SIGNATURE-----
Powered by blists - more mailing lists