lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 27 May 2009 22:45:32 -0400
From: Pete Licoln <pete.licoln@...il.com>
To: Jeremy Brown <0xjbrown41@...il.com>, 
	full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: [TZO-27-2009] Firefox Denial of Service
	(Keygen)

Looks like some doctors have made some in vitro fertilization fuzzing with
jeremy a while ago ...

2009/5/27 Jeremy Brown <0xjbrown41@...il.com>

> Looks like somebody's been using a browser fuzzer :)
>
> On Wed, May 27, 2009 at 9:14 PM, Thierry Zoller <Thierry@...ler.lu> wrote:
> > ________________________________________________________________________
> >
> >              From the very-low-hanging-fruit-department
> >                   Firefox Denial of Service (KEYGEN)
> > ________________________________________________________________________
> >
> >
> > Release mode: Forced release.
> > Ref         : [TZO-27-2009] - Firefox Denial of Service (KEYGEN)
> > WWW         :
> http://blog.zoller.lu/2009/04/advisory-firefox-denial-of-service.html
> > Vendor      : http://www.firefox.com
> > Status      : No patch
> > CVE         : none provided
> > Credit      : none
> > Bugzilla entry: https://bugzilla.mozilla.org/show_bug.cgi?id=469565
> >
> > Security notification reaction rating : There wasn't any appropriate
> reaction.
> > Notification to patch window : x+n
> >
> > Disclosure Policy :
> http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html
> >
> > Affected products :
> > - Firefox 3.0.10 (Windows)
> > - Likely : All Firefox versions supporting the KEYGEN tag.
> >
> > I. Background
> > ~~~~~~~~~~~~~
> > Firefox is a popular Internet browser from the Mozilla Corporation. In
> 2007 the
> > Mozilla Corporation had a revenue of over 75 million dollars [1], out of
> > which 68 million where made with a search advertising deal, in other
> words with
> > the search box in Firefox that defaults to Google.
> >
> > I envy the spirit of everyone that works on Firefox code in their spare
> time,
> > for free.
> >
> > II. Description
> > ~~~~~~~~~~~~~~~
> > This bug is a simple design bug that results in an endless loop (and
> interesting
> > memory leaks).
> >
> > Once upon a time Netscape thought it would be a great idea to add the
> keygen tag
> > (<keygen>) as a feature to their Browser. The keygen tag offers a simple
> way
> > of automatically generating key material using various algorithms. For
> instance
> > it is possible to generate RSA, DSA and EC key material.
> >
> > "The public key and challenge string are DER encoded as
> PublicKeyAndChallenge and
> > then digitally signed with the private key to produce a
> SignedPublicKeyAndChallenge.
> > The SignedPublicKeyAndChallenge is base64 encoded, and the ASCII data is
> finally
> > submitted to the server as the value of a name-value pair, where the name
> is
> > specified by the NAME attribute of the KEYGEN tag."
> >
> > More information:
> https://developer.mozilla.org/En/HTML/HTML_Extensions/KEYGEN_Tag
> >
> > This feature includes the automatic submission of the public part to a
> script,
> > the crux. The Keygen tag reloads the document by submitting the public
> key as an argument
> > to the current URI. Combining this with a javascript body onload() call
> > (or meta refresh) results in an neat endless loop blocking access to the
> UI.
> >
> > Furthermore memory is leaked during the process.
> >
> > III. Impact
> > ~~~~~~~~~~~
> > The browser doesn't respond any longer to any user input, tabs are no
> > longer accessible, your work if any might be lost. Restarting the
> > Firefox process and restoring the previous Firefox session will
> > re-spawn the tab and start the loop again.
> >
> > According to a Bugzilla entry memory is also leaked during the process.
> >
> > So let's recap, we have a function that generates key material and
> looping
> > causes memory to leak. One might think this should be important enough
> > to investigate, especially if you know that for DSA for instance, only
> > a few bits of k can reveal an entire private key. [3]
> >
> > Note: I am not saying the memory leaks include key material, seeing the
> lack
> > of interest this bugzilla ticket triggered, I have not considered
> investigating
> > further.  What  I  am  saying  is  that if security is taken seriously
> > memory leaks that directly or indirectly happen during key generation
> > need to be investigated thoroughly.
> >
> >
> > IV. Proof of concept (hold your breath)
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > <html>
> > <body onLoad="document.forms[0].submit()">
> > <FORM>
> > <KEYGEN NAME="somekey" CHALLENGE="1125983021">
> > <INPUT TYPE="submit" NAME="SubmitButton" VALUE="Done">
> > </FORM>
> > </html>
> >
> > Live : http://secdev.zoller.lu/ff_dos_keygen.html
> >
> >
> > IV. Disclosure timeline
> > ~~~~~~~~~~~~~~~~~~~~~~~~~
> > DD/MM/YYYY
> > 14/12/2008 : Created bugzilla entry (security) with (the wrong) proof of
> concept
> >             file.
> >
> > 14/12/2008 : Attached the correct POC file (mea culpa) and a stack trace
> and details
> >             of memory corruption that repeatedly occurred during testing
> the POC
> >
> > 24/12/2008 : dveditz@...illa.com comments : "I can definitely confirm
> the denial
> >             of service aspect, and there's a very minor memory leak
> (after 9
> >             hours of CPU time memory use went from 60MB to 360MB).
> Haven't been
> >             able to reproduce a crash."
> >
> > 27/05/2009 : The 4 month grace period [2] given is reached. Release of
> this advisory.
> >
> >
> > [1]
> http://www.mozilla.org/foundation/documents/mf-2007-audited-financial-statement.pdf
> >
> http://www.guidestar.org/FinDocuments//2007/200/097/2007-200097189-047bbaa9-9.pdf
> > [2]
> http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html
> > [3] http://rdist.root.org/?s=dsa
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ