SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Directory)  >   IBM Tivoli Directory Server Vendors:   IBM
IBM Tivoli Directory Server TLS Export Cipher Bug Lets Remote Users Downgrade Session Security
SecurityTracker Alert ID:  1031926
SecurityTracker URL:  http://securitytracker.com/id/1031926
CVE Reference:   CVE-2015-0138   (Links to External Site)
Date:  Mar 16 2015
Impact:   Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Modification of system information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 6.0, 6.1, 6.2, 6.3, 6.3.1
Description:   A vulnerability was reported in IBM Tivoli Directory Server. A remote user can downgrade the TLS session security and potentially recover keys.

A remote user that can conduct a man-in-the-middle attack can force a downgrade to an export-grade cipher suite and then conduct a key factoring attack to recover the target server's RSA private key. The remote user can then determine the TLS master key for that session.

[Editor's note: This is known as a "FREAK" attack.]

For servers or applications that re-use an export-grade RSA private key across multiple sessions, the remote user can then recover or modify the plaintext for all of those sessions.

The original advisory is available at:

https://www.smacktls.com/#freak

The miTLS Team reported this vulnerability.

Impact:   A remote user can downgrade the session security and then conduct a key factoring attack to recover the target server's export-grade RSA private key and to obtain the TLS master key for that session.
Solution:   The vendor has issued a fix:

6.3.1.9-ISS-ISDS-IF0009
6.3.0.35-ISS-ITDS-IF0035
6.2.0.42-ISS-ITDS-IF0042
6.1.0.66-ISS-ITDS-IF0066
6.0.0.73-ISS-ITDS-IF0073

The vendor's advisory is available at:

http://www-01.ibm.com/support/docview.wss?uid=isg3T1022075

Vendor URL:  www-01.ibm.com/support/docview.wss?uid=isg3T1022075 (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (2003), Windows (2008)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Apr 14 2015 (IBM Issues Fix for IBM Rational ClearQuest Web) IBM Tivoli Directory Server TLS Export Cipher Bug Lets Remote Users Downgrade Session Security
IBM has issued an advisory for IBM Rational ClearQuest Web.
Apr 14 2015 (IBM Issues Fix for IBM AIX) IBM Tivoli Directory Server TLS Export Cipher Bug Lets Remote Users Downgrade Session Security
IBM has issued a fix for IBM AIX 5.3, 6.1, and 7.1.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC