SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Embedded Server/Appliance)  >   Blue Coat PacketShaper Vendors:   Blue Coat Systems
Blue Coat PacketShaper Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks
SecurityTracker Alert ID:  1023654
SecurityTracker URL:  http://securitytracker.com/id/1023654
CVE Reference:   CVE-2009-3555   (Links to External Site)
Date:  Feb 25 2010
Impact:   Modification of user information
Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in PacketShaper. A remote user can conduct a man-in-the-middle attack on SSL session renegotiation.

A remote user with the ability to conduct a man-in-the-middle attack can exploit a flaw in the underlying SSL/TLS protocol to inject arbitrary plain text into the exchange between the client and the server, with the arbitrary data as a prefix to the session.

The vulnerability resides in the TLS 1.0 or later and SSLv3 protocols.

Management connections to PacketShaper and connections from PacketShaper to LDAP configuration servers are vulnerable.

Traffic passing through PacketShaper for classification and shaping is not affected.

Compression and acceleration tunnels are not affected.

Marsh Ray of PhoneFactor and Martin Rex independently reported this vulnerability.

[Editor's note: The flaw resides in the protocol and not in the protocol implementation. Some vendors are implementing a temporary workaround that prohibits session renegotiation until the protocol itself can be modified. Several protocol implementations are affected, including OpenSSL, GnuTLS, Network Security Services, and Java Secure Socket Extension.]

Impact:   A remote user can with the ability to conduct a man-in-the-middle attack can inject arbitrary plain text data into the exchange, preceding the session data.
Solution:   No solution was available at the time of this entry.

The vendor's advisory is available at:

https://kb.bluecoat.com/index?page=content&id=SA44

Vendor URL:  kb.bluecoat.com/index?page=content&id=SA44 (Links to External Site)
Cause:   Authentication error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC