CERT Advisory CA-95:03.telnet.encryption.vulnerability
CERT Advisory
cert-advisory at cert.org
Fri Feb 17 01:33:23 UTC 1995
=============================================================================
CA-95:03 CERT Advisory
February 16, 1995
Telnet Encryption Vulnerability
-----------------------------------------------------------------------------
The CERT Coordination Center has received reports of a serious security
problem in the Berkeley Telnet clients that provide support for the
experimental Telnet encryption option using the Kerberos V4 authentication.
All known released versions of the BSD Telnet that support Kerberos V4
authentication and encryption are affected.
We recommend that all sites that use encrypted telnet in conjunction with
Kerberos V4 obtain a patch or upgraded version of Telnet according to the
instructions in Section III below.
As we receive additional information relating to this advisory, we will
place it, along with any clarifications, in a CA-95:03.README file. CERT
advisories and their associated README files are available by anonymous
FTP from info.cert.org. We encourage you to check the README files
regularly for updates on advisories that relate to your site.
I. Description
There is a vulnerability in Berkeley Telnet clients that support
encryption and Kerberos V4 authentications. This vulnerability
substantially reduces the effectiveness of the encryption.
II. Impact
Anyone who can access and read packets that make up the encrypted
Telnet session can easily decrypt the session. This is possible, for
example, when an intruder uses a packet sniffer on the network to
intercept the Telnet sessions.
III. Solution
Obtain and install the appropriate patch according to the instructions
included with the patch.
Below is a summary of the vendors who have reported to us and the
status they provided. More complete information, including how to
obtain patches, is printed in Appendix A of this advisory and
reproduced in the README file associated with this advisory. We will
update the README file as we receive more information from vendors.
Vendor or Source Status
---------------- ------------
Berkeley SW Distribution (BSD) source-code patch available from
Berkeley; also in Appendix B of
this advisory
Data General Corporation not affected by the vulnerability
FTP Software, Inc. patch available
Harris NightHawk System not affected by the vulnerability
Hewlett-Packard Company not affected by the vulnerability
Nat'l. Center for Supercomputer
Applications (NCSA) upgrade available
Open Software Foundation not affected by the vulnerability
The Santa Cruz Operation, Inc. (SCO) not affected by the vulnerability
Sun Microsystems, Inc. not affected by the vulnerability
If you have an encrypting Telnet from some other vendor, please
contact that vendor for information regarding how to get a fixed
version.
---------------------------------------------------------------------------
The CERT Coordination Center wishes to thank Theodore Ts'o of the
Massachusetts Institute of Technology for identifying and developing a
solution to this problem.
---------------------------------------------------------------------------
If you believe that your system has been compromised, contact the CERT
Coordination Center or your representative in Forum of Incident Response
and Security Teams (FIRST).
If you wish to send sensitive incident or vulnerability information to CERT
staff by electronic mail, we strongly advise that the e-mail be encrypted.
The CERT Coordination Center can support a shared DES key, PGP (public key
available via anonymous FTP on info.cert.org), or PEM (contact CERT staff
for details).
Internet E-mail: cert at cert.org
Telephone: +1 412-268-7090 (24-hour hotline)
CERT personnel answer 8:30 a.m.-5:00 p.m. EST(GMT-5)/EDT(GMT-4),
and are on call for emergencies during other hours.
Fax: +1 412-268-6989
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
USA
Past advisories, CERT bulletins, information about FIRST representatives,
and other information related to computer security are available for
anonymous FTP from info.cert.org.
CERT is a service mark of Carnegie Mellon University.
.............................................................................
Appendix A: Vendor Information
Current as of February 16, 1995
See CA-95:03.README for updated information.
Below is information we have received from vendors who have patches available
or upcoming, along with names of vendors who have reported that their
products do not have the problem.
If you have an encrypting Telnet from a vendor who is not listed, please
contact that vendor for information regarding how to get a fixed version.
Vendor or Source Status
---------------- ------------
Berkeley SW Distribution (BSD) source-code patch available from
Berkeley; also in Appendix B of
this advisory
Data General Corporation not affected by the vulnerability
FTP Software, Inc. patch available
Harris NightHawk System not affected by the vulnerability
Hewlett-Packard Company not affected by the vulnerability
Nat'l. Center for Supercomputer
Applications (NCSA) upgrade available
Open Software Foundation not affected by the vulnerability
The Santa Cruz Operation, Inc.(SCO) not affected by the vulnerability
Sun Microsystems, Inc. not affected by the vulnerability
PATCH INFORMATION
-------------
Berkeley Software Distribution (BSD)
A source-code patch, along with the domestic version of the most
recently released Telnet sources from Berkeley, are available by
anonymous FTP from
net-dist.mit.edu:/pub/telnet/telnet.patch
MD5 65d56befe3d0f1699d38de5509552578
There is also a PGP ASCII signature file for the patch in
net-dist.mit.edu:/pub/telnet/telnet.patch.sig
This patch can also be found in CERT Advisory CA-95:03, Appendix B.
(Note: Do not calculate a checksum for Appendix B alone. It will not
match the checksum of the FTP version of the patch because the tabs in
the FTP copy have been replaced with blank spaces in the CA-95:03
Appendix B copy.)
-------------
FTP Software, Inc.
Customers of FTP Software with an encrypting telnet (provided in the
PC/TCP or OnNet packages) should call the FTP technical support line
at 1-800-282-4387 and ask for the "tn encrypt patch".
-------------
National Center for Supercomputer Applications (NCSA)
Users of NCSA Telnet should upgrade to the NCSA Telnet 2.6.1d7, AND
install the appropriate Kerberos plug-in which are available by
anonymous FTP from ftp.ncsa.uiuc.edu
Upgrade
/Mac/Telnet/Telnet2.6/prerelease/d7/Telnet2.6.1d7(68K).sit.hqx
MD5 b34b9fda59421b3b83f8df08a83f83b5
/Mac/Telnet/Telnet2.6/prerelease/d7/Telnet2.6.1d7(fat).sit.hqx
MD5 877add7c3d298111889fc3f2f272ce6f
Kerberos plug-ins
/Mac/Telnet/Telnet2.6/prerelease/AuthMan.plugin.1.0b1.hqx
MD5 df727eae184b22125f90ef1a31513fd4
/Mac/Telnet/Telnet2.6/prerelease/Kerberos_Telnet_plugin.sit.hqx
MD5 dbda691efe9038648f234397895c734d
Questions regarding NCSA Telnet should be directed to
mactel at ncsa.uiuc.edu
.............................................................................
Appendix B: Patch for Vulnerability in Telnet Encryption Option
Current as of February 16, 1995
See CA-95:03.README for updated information.
Index: auth.c
===================================================================
RCS file: /mit/krb5/.cvsroot/src/appl/telnet/libtelnet/auth.c,v
retrieving revision 5.5
retrieving revision 5.7
diff -u -r5.5 -r5.7
--- auth.c 1994/08/18 21:06:45 5.5
+++ auth.c 1994/11/08 04:39:02 5.7
@@ -244,7 +244,7 @@
{
register int x;
- if (strcasecmp(type, AUTHTYPE_NAME(0))) {
+ if (!strcasecmp(type, AUTHTYPE_NAME(0))) {
*maskp = -1;
return(1);
}
@@ -260,14 +260,14 @@
int
auth_enable(type)
- int type;
+ char * type;
{
return(auth_onoff(type, 1));
}
int
auth_disable(type)
- int type;
+ char * type;
{
return(auth_onoff(type, 0));
}
@@ -277,15 +277,20 @@
char *type;
int on;
{
- int mask = -1;
+ int i, mask = -1;
Authenticator *ap;
if (!strcasecmp(type, "?") || !strcasecmp(type, "help")) {
printf("auth %s 'type'\n", on ? "enable" : "disable");
printf("Where 'type' is one of:\n");
printf("\t%s\n", AUTHTYPE_NAME(0));
- for (ap = authenticators; ap->type; ap++)
+ mask = 0;
+ for (ap = authenticators; ap->type; ap++) {
+ if ((mask & (i = typemask(ap->type))) != 0)
+ continue;
+ mask |= i;
printf("\t%s\n", AUTHTYPE_NAME(ap->type));
+ }
return(0);
}
@@ -293,7 +298,6 @@
printf("%s: invalid authentication type\n", type);
return(0);
}
- mask = getauthmask(type, &mask);
if (on)
i_wont_support &= ~mask;
else
@@ -317,16 +321,22 @@
auth_status()
{
Authenticator *ap;
+ int i, mask;
if (i_wont_support == -1)
printf("Authentication disabled\n");
else
printf("Authentication enabled\n");
- for (ap = authenticators; ap->type; ap++)
+ mask = 0;
+ for (ap = authenticators; ap->type; ap++) {
+ if ((mask & (i = typemask(ap->type))) != 0)
+ continue;
+ mask |= i;
printf("%s: %s\n", AUTHTYPE_NAME(ap->type),
(i_wont_support & typemask(ap->type)) ?
"disabled" : "enabled");
+ }
return(1);
}
Index: kerberos.c
===================================================================
RCS file: /mit/krb5/.cvsroot/src/appl/telnet/libtelnet/kerberos.c,v
retrieving revision 5.5
retrieving revision 5.8
diff -u -r5.5 -r5.8
--- kerberos.c 1994/08/18 21:07:02 5.5
+++ kerberos.c 1994/11/14 21:33:58 5.8
@@ -225,9 +225,10 @@
register int i;
des_key_sched(cred.session, sched);
- des_set_random_generator_seed(cred.session);
- des_new_random_key(challenge);
- des_ecb_encrypt(challenge, session_key, sched, 1);
+ des_init_random_number_generator(cred.session);
+ des_new_random_key(session_key);
+ des_ecb_encrypt(session_key, session_key, sched, 0);
+ des_ecb_encrypt(session_key, challenge, sched, 0);
/*
* Increment the challenge by 1, and encrypt it for
* later comparison.
@@ -320,6 +321,11 @@
break;
}
More information about the NANOG
mailing list