lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <0bf8e549-3437-c45f-7abd-ba631a467eb0@sec-consult.com>
Date: Tue, 6 Sep 2016 12:09:36 +0200
From: SEC Consult Vulnerability Lab <research@...-consult.com>
To: <bugtraq@...urityfocus.com>, <fulldisclosure@...lists.org>
Subject: [FD] SEC Consult SA-20160906-0 :: Private key for browser-trusted
 certificate embedded in multiple Aruba Networks / Alcatel-Lucent products

This advisory is accompanied by a blog post regarding a recap on our published
"House of Keys" research study on the re-use of cryptographic secrets from
11/2015.

For further information also see
http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html


SEC Consult Vulnerability Lab Security Advisory < 20160906-0 >
=======================================================================
              title: Private Key For Browser-Trusted Certificate Embedded
                     In Firmware
            product: multiple Aruba Networks / Alcatel-Lucent products
 vulnerable version: see Vulnerable / tested versions
      fixed version: -
         CVE number:
             impact: High
           homepage: http://www.arubanetworks.com/
                     http://enterprise.alcatel-lucent.com/
              found: 2015-05-15
                 by: Stefan Viehböck (Office Vienna)
                     SEC Consult Vulnerability Lab

                     An integrated part of SEC Consult
                     Bangkok - Berlin - Linz - Montreal - Moscow
                     Singapore - Vienna (HQ) - Vilnius - Zurich

                     https://www.sec-consult.com
=======================================================================

Vendor description:
-------------------
"Aruba, a Hewlett Packard Enterprise company, (formerly "Aruba Networks, Inc.")
is a networking vendor selling enterprise wireless LAN and edge access
networking equipment. The company has over 1,800 employees and is
headquartered in Sunnyvale, California. Aruba's core products are access points
(APs), mobility controllers, and network management software through their
Airwave Management Platform product."

Source: https://en.wikipedia.org/wiki/Aruba_Networks


Vulnerability overview/description:
-----------------------------------
A browser-trusted certificate (CN: securelogin.arubanetworks.com, signed by
GeoTrust) including its private key is embedded in the firmware of several
Aruba Networks/Alcatel-Lucent products. The certificate is used for providing
user access to a captive portal and web administration via HTTPS as well as
EAP
connections for WPA2-Enterprise clients.

An attacker can use this vulnerability to impersonate a captive portal, web
administration or Wi-Fi AP and gain access to sensitive information.

The certificate is compromised and should be revoked. Users should be told to
install certificates generated by themselves.


Proof of concept:
-----------------
OpenSSL text output for certificate:
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121426 (0x1da52)
    Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, O=GeoTrust Inc., OU=Domain Validated SSL, CN=GeoTrust DV
SSL CA
        Validity
            Not Before: May 11 01:22:10 2011 GMT
            Not After : Aug 11 04:40:59 2017 GMT
        Subject: serialNumber=lLUge2fRPkWcJe7boLSVdsKOFK8wv3MF, C=US,
O=securelogin.arubanetworks.com, OU=GT28470348, OU=See
www.geotrust.com/resources/cps (c)11, OU=Domain Control Validated - QuickSSL(R)
Premium, CN=securelogin.arubanetworks.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d1:b5:ee:fb:d4:89:e9:89:94:c7:15:3a:e4:42:
                    26:ec:64:aa:db:23:ec:2f:66:0e:1d:39:e0:47:63:
                    85:76:c6:40:1d:c9:b4:d0:db:90:bf:b9:b2:bf:eb:
                    17:96:a4:5d:fb:22:8c:c8:8c:4c:24:58:13:9d:16:
                    c7:0f:10:58:b8:b0:20:89:11:ea:77:67:9c:6b:75:
                    3b:8c:e6:bf:0a:db:64:56:4b:ab:63:a0:e5:2d:c2:
                    61:d0:b3:b5:e8:4a:c5:f0:b2:c8:bd:29:96:a3:c4:
                    7a:00:4b:bb:4d:5c:51:af:a7:ba:4a:a4:80:31:75:
                    19:f3:93:0f:ed:46:68:60:7f:4d:42:7e:07:f0:22:
                    45:0f:e3:ac:97:10:2f:dc:08:aa:10:c2:48:51:58:
                    5f:12:09:52:88:5e:59:cf:59:82:2a:90:36:26:e7:
                    46:84:bc:ee:16:b1:a5:ee:05:c7:73:8d:35:2f:40:
                    d9:2b:c8:bf:15:39:63:64:ae:a8:96:13:e5:7c:0f:
                    d1:0f:f9:4c:26:4a:0b:dd:4d:65:4b:ff:49:e7:7e:
                    f1:51:17:21:fc:dc:fd:12:57:37:b0:cf:7c:90:b7:
                    28:84:d5:66:5f:ca:a8:63:81:f0:1a:e5:26:50:7a:
                    af:b9:d0:e7:42:05:ee:47:16:67:a8:b2:41:31:21:
                    97:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier:
                keyid:8C:F4:D9:93:0A:47:BC:00:A0:4A:CE:4B:75:6E:A0:B6:B0:B2:7E:FC
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Subject Alternative Name:
                DNS:securelogin.arubanetworks.com
            X509v3 CRL Distribution Points:
                Full Name:
                  URI:http://gtssldv-crl.geotrust.com/crls/gtssldv.crl
            X509v3 Subject Key Identifier:
                9D:D0:E4:66:DD:8E:FB:CF:EA:E4:96:52:CC:92:29:67:D5:D3:32:E8
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access:
                CA Issuers - URI:http://gtssldv-aia.geotrust.com/gtssldv.crt
    Signature Algorithm: sha1WithRSAEncryption
         26:63:34:5a:e4:51:61:d9:92:25:35:f8:62:36:cc:5e:7c:6a:
         94:72:41:ec:e7:60:10:d0:a7:b9:f7:f0:0b:a6:d2:97:b0:2b:
         3e:10:81:ac:20:75:38:d9:c0:0c:50:f2:01:ed:fc:2e:fb:be:
         1b:0b:e9:45:49:38:2a:1c:b1:b7:13:27:ef:7b:b2:2d:b9:3c:
         0d:85:7e:1e:f0:36:1e:de:80:ef:d7:ad:9c:d0:c2:a1:b7:e0:
         d6:51:5a:e5:c7:c4:fa:2a:a6:95:af:93:41:ee:6e:37:ee:08:
         d5:b0:12:9f:35:2d:a1:e4:b0:b9:06:6d:35:39:59:72:21:8e:
         c2:59:11:a0:4d:ac:e0:1c:5f:d0:36:05:b0:98:da:57:24:92:
         12:8b:bd:da:cd:d4:83:b9:52:42:4d:9a:40:0b:38:86:51:8f:
         a7:ea:dd:d9:1f:1b:31:db:10:76:2d:18:1c:14:9b:9b:13:f5:
         4f:4c:c0:61:9a:a0:58:42:a8:dc:8e:66:d4:a2:87:93:c5:48:
         a1:2d:f3:99:29:92:44:bb:2a:0b:2a:7f:75:4f:3d:a6:42:1f:
         84:f2:24:0d:0d:7d:aa:bb:bc:00:af:a5:ad:55:ba:ee:3f:d3:
         60:dd:70:06:80:ea:56:35:48:16:9f:47:f0:7a:0d:0b:be:ef:
         20:54:63:1c

Certificate:
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIDAdpSMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNVBAYTAlVTM
RYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQLExREb21haW4gVmFsaWRhdG
VkIFNTTDEbMBkGA1UEAxMSR2VvVHJ1c3QgRFYgU1NMIENBMB4XDTExMDUxMTAxMjI
xMFoXDTE3MDgxMTA0NDA1OVowggEJMSkwJwYDVQQFEyBsTFVnZTJmUlBrV2NKZTdi
b0xTVmRzS09GSzh3djNNRjELMAkGA1UEBhMCVVMxJjAkBgNVBAoTHXNlY3VyZWxvZ
2luLmFydWJhbmV0d29ya3MuY29tMRMwEQYDVQQLEwpHVDI4NDcwMzQ4MTEwLwYDVQ
QLEyhTZWUgd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvY3BzIChjKTExMTcwNQY
DVQQLEy5Eb21haW4gQ29udHJvbCBWYWxpZGF0ZWQgLSBRdWlja1NTTChSKSBQcmVt
aXVtMSYwJAYDVQQDEx1zZWN1cmVsb2dpbi5hcnViYW5ldHdvcmtzLmNvbTCCASIwD
QYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANG17vvUiemJlMcVOuRCJuxkqtsj7C
9mDh054EdjhXbGQB3JtNDbkL+5sr/rF5akXfsijMiMTCRYE50Wxw8QWLiwIIkR6nd
nnGt1O4zmvwrbZFZLq2Og5S3CYdCztehKxfCyyL0plqPEegBLu01cUa+nukqkgDF1
GfOTD+1GaGB/TUJ+B/AiRQ/jrJcQL9wIqhDCSFFYXxIJUoheWc9ZgiqQNibnRoS87
haxpe4Fx3ONNS9A2SvIvxU5Y2SuqJYT5XwP0Q/5TCZKC91NZUv/Sed+8VEXIfzc/R
JXN7DPfJC3KITVZl/KqGOB8BrlJlB6r7nQ50IF7kcWZ6iyQTEhl4cCAwEAAaOCATc
wggEzMB8GA1UdIwQYMBaAFIz02ZMKR7wAoErOS3VuoLawsn78MA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwKAYDVR0RBCEwH4Idc
2VjdXJlbG9naW4uYXJ1YmFuZXR3b3Jrcy5jb20wQQYDVR0fBDowODA2oDSgMoYwaH
R0cDovL2d0c3NsZHYtY3JsLmdlb3RydXN0LmNvbS9jcmxzL2d0c3NsZHYuY3JsMB0
GA1UdDgQWBBSd0ORm3Y77z+rkllLMkiln1dMy6DAMBgNVHRMBAf8EAjAAMEcGCCsG
AQUFBwEBBDswOTA3BggrBgEFBQcwAoYraHR0cDovL2d0c3NsZHYtYWlhLmdlb3Ryd
XN0LmNvbS9ndHNzbGR2LmNydDANBgkqhkiG9w0BAQUFAAOCAQEAJmM0WuRRYdmSJT
X4YjbMXnxqlHJB7OdgENCnuffwC6bSl7ArPhCBrCB1ONnADFDyAe38Lvu+GwvpRUk
4KhyxtxMn73uyLbk8DYV+HvA2Ht6A79etnNDCobfg1lFa5cfE+iqmla+TQe5uN+4I
1bASnzUtoeSwuQZtNTlZciGOwlkRoE2s4Bxf0DYFsJjaVySSEou92s3Ug7lSQk2aQ
As4hlGPp+rd2R8bMdsQdi0YHBSbmxP1T0zAYZqgWEKo3I5m1KKHk8VIoS3zmSmSRL
sqCyp/dU89pkIfhPIkDQ19qru8AK+lrVW67j/TYN1wBoDqVjVIFp9H8HoNC77vIFR
jHA==
-----END CERTIFICATE-----

Private Key:
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA0bXu+9SJ6YmUxxU65EIm7GSq2yPsL2YOHTngR2OFdsZAHcm00
NuQv7myv+sXlqRd+yKMyIxMJFgTnRbHDxBYuLAgiRHqd2eca3U7jOa/CttkVkurY6
DlLcJh0LO16ErF8LLIvSmWo8R6AEu7TVxRr6e6SqSAMXUZ85MP7UZoYH9NQn4H8CJ
FD+OslxAv3AiqEMJIUVhfEglSiF5Zz1mCKpA2JudGhLzuFrGl7gXHc401L0DZK8i/
FTljZK6olhPlfA/RD/lMJkoL3U1lS/9J537xURch/Nz9Elc3sM98kLcohNVmX8qoY
4HwGuUmUHqvudDnQgXuRxZnqLJBMSGXhwIDAQABAoIBAQCbwEXIX2g2POp0mb3tfX
wvIe0LaLin02I0LqH2I2Iifsdr2D0kyY3N93tcspwIU/dA574rzJdYftnCWAJrm7Z
pJNZlNxsup5My9BTQZygIRj1VIkoeaocL30yKlo5KAg7U39PbOiIZa3k48wYfRKue
jDH98gMLuG8XymeP0DUBRPKkPV9gQSIaJlyhK8DqC3krC6cE3FIdK4RfDOqinUqff
iVYnNc3qaHrWOO0lnduG5ngRgE6XipUrjf3Y/JfqpEHhjGW4TNZ+2j9U7Vnwp22sc
+/F4SCEDXYC5dGzdgRlTALSe/UNCctB2DcYdSmBqHfekJ1YtXoeLNrcabQIgCRAoG
BAO74O2KbY/kkw3W0XMJsGHJLK0hKCW4WMZl2pqfPwkoXNWJIPl7GYrGnBIQ75fZn
ddlq6Gq8ZfDUZlbE07JAEXUeyNd0m6emqOm7q+v8aY0AKnsH+X2nHI7caYQJu0s5A
y8IB9fdhmpFX40C77M8KJIXIvYjRI7ulJF3ZJBiCOPVAoGBAOCn5mrmcFaxkvuSUs
90OmF0rHVdaNgsFaaFc3B9H9flh7fX38M1ZCBIR01yaPciJOLMsAaBe1UMnaw1rWf
mlnVGt9khFCU2f2IlWc3oPGnkQBhTUrOhufOJg+JzDoS4CiMpQD0yT+FABgSdD+Y4
f8+IFjoqagFyU/l+VAWPtyfrAoGBALn+6THRollrfNqjPENzIP/sc867GWXezlIU4
Jfig+Vo9Pr/IdRgcra1OTW27UEAu+Aybp2M74cnulO0tNSbOzs+b7IKp5Awjm4FzU
VK29iMFYRW66AaLocfFN1ZObbNtCWqCXjBifoy7rDxZSHLJAS5D1QmlRjupyIlnFc
ohqTVAoGBAKLIJgZpiRbYPnd5E/Xr8u1wvBGiqHiSoPFzGy10DKHEWC3XBvUMd8uI
c9njP7lqjS2lQRrFsZbzuD/y+P4jL/w0TLzQ4icAsRZtl//B+hyEXgkCPxeX5QRZL
S3lTqzOKdJGbpypGwZM/M9U+xNG9x1qLyjgWMVJkR1j8v/AnecXAoGALItcXppPW3
TvBQ4KTT/VFz/A/isT7dryB+C6O7FnAf9uGE6w2NlCmmt8Ak5hCo+ZixI1iXudKq7
DdDm31W27PMugRMrn89ghoe3FiKbI7ISVWJKiulo2Pcb3yy5ZDiqMkVcmvmCPzahz
Das7gZ8UdS0D0Tt6h5dim5BnLvQCQPo=
-----END RSA PRIVATE KEY-----


Vulnerable / tested versions:
-----------------------------
This vulnerability is not dependent on specific products/versions. We
found the certificate and private key in firmware for various Alcatel-Lucent
OmniAccess products, potentially other products are affected as well.

According to Aruba, "The certificate "securelogin.arubanetworks.com", and
its associated private key, is distributed on every controller and in
every software release."


Vendor contact timeline:
------------------------
2015-05-21: Contacting vendor through sirt@...banetworks.com, answer
            regarding affected products
2015-05-28: Update from Aruba, certificate for "securelogin.arubanetworks.com"
            will not be changed; documentation will be updated to reflect
            security issues.
2015-06-08: Certificate will not be revoked, announcement available here:

http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/Certificate-quot-securelogin-arubanetworks-com-quot/td-p/239148
2015-11-25: "House of Keys" research study published regarding re-use of
            crypto secrets in firmware of multiple vendors (advisory postponed)
2016-09-05: Follow-up on "House of Keys", publication of Aruba advisory


Solution:
---------
None available.


Workaround:
-----------
Users should install a custom certificate signed by a trusted CA.


Advisory URL:
-------------
https://www.sec-consult.com/en/Vulnerability-Lab/Advisories.htm


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SEC Consult Vulnerability Lab

SEC Consult
Bangkok - Berlin - Linz - Montreal - Moscow
Singapore - Vienna (HQ) - Vilnius - Zurich

About SEC Consult Vulnerability Lab
The SEC Consult Vulnerability Lab is an integrated part of SEC Consult. It
ensures the continued knowledge gain of SEC Consult in the field of network
and application security to stay ahead of the attacker. The SEC Consult
Vulnerability Lab supports high-quality penetration testing and the evaluation
of new offensive and defensive technologies for our customers. Hence our
customers obtain the most current information about vulnerabilities and valid
recommendation about the risk profile of new technologies.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Interested to work with the experts of SEC Consult?
Send us your application https://www.sec-consult.com/en/Career.htm
Interested in improving your cyber security with the experts of SEC Consult?
Contact our local offices https://www.sec-consult.com/en/About/Contact.htm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mail: research at sec-consult dot com
Web: https://www.sec-consult.com
Blog: http://blog.sec-consult.com
Twitter: https://twitter.com/sec_consult

EOF Stefan Viehböck / @2016


Download attachment "smime.p7s" of type "application/pkcs7-signature" (3993 bytes)


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ