lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: 23 Sep 2008 03:51:58 -0000
From: nnposter@...closed.not
To: bugtraq@...urityfocus.com
Subject: Aruba Mobility Controller Shared Default Certificate

Aruba Mobility Controller Shared Default Certificate


Product:

Aruba Mobility Controller
http://www.arubanetworks.com/products/mobility_controllers.php


Aruba mobility controllers use X.509 certificates to protect access to the web management interface and to provide secure wireless authentication, such as TLS, TTLS, PEAP, and Aruba-specific Captive Portal. By default the controller uses a built-in certificate that is shared by all deployed units across all customers. Administrators are not forced to generate new, implementation-specific key pairs to replace this shared one.

Since the corresponding private key is not protected in any particular way it is possible for a party with access to one of the controllers to retrieve the private key and abuse it to compromise other implementations.

The latest such certificate is serial number 386929 issued by Equifax Secure Certificate Authority, expiring Jun 30, 2011.

The vulnerability has been identified in ArubaOS version 3.3.1.16 but all previous versions are also likely affected.


Solution:
Replace the default certificate with a new key pair that is unique for the implementation.


Found by:
nnposter

Powered by blists - more mailing lists