[saag] Fwd: [oss-security] Re: CVE Request: IKEv1 protocol is vulnerable to DoS amplification attack
Jeffrey Walton <noloader@gmail.com> Wed, 19 October 2016 03:03 UTC
Return-Path: <noloader@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8A35129437 for <saag@ietfa.amsl.com>; Tue, 18 Oct 2016 20:03:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9oeLtPbMfoIa for <saag@ietfa.amsl.com>; Tue, 18 Oct 2016 20:03:30 -0700 (PDT)
Received: from mail-io0-x233.google.com (mail-io0-x233.google.com [IPv6:2607:f8b0:4001:c06::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED0451294D3 for <saag@ietf.org>; Tue, 18 Oct 2016 20:03:29 -0700 (PDT)
Received: by mail-io0-x233.google.com with SMTP id q192so18636038iod.0 for <saag@ietf.org>; Tue, 18 Oct 2016 20:03:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to; bh=dlVE9bey/AXUdoir0huS9SnVxB0x+peU+O4EjBBjomI=; b=aI8Sc1uGqgE7hUXAxu8Zc8C+daMBAJcZnhoPoWes29eZCezjCYeSwkXNTuWWvc6BeE XjR0yfM4RmUdxV1GYeXgNVukFzn3D22Iclwn+9O8Ev/3PhnLT6vzE/36wnOIPFBDguVt cneb3icVa6wH1lgGf4WcAQfSGggXvMqYxS6V8U8AAClaioMGqrrqoeoD1aoQRDoJKbeK +wj0gd/fwQDQCCaTjsfwFq5W/SmzsIHON4aztFwgv07x4ZC96+8Zbc1jpXObkeNSymHg JR4FLuLh8DtnVxbJ5OCgCIXzHk427afIo8z9roljXwzPt3lvILLEV5WPXjmHIifgWrVD salA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to; bh=dlVE9bey/AXUdoir0huS9SnVxB0x+peU+O4EjBBjomI=; b=bQ+qZY82V0GQJdB2nL+UCAGa9XoxVEl5VWJUUZU92/wEKgQ/G2maUkBdTeLrXffeh+ 2YcjNdQ8Ex/062lAbYYiXGrEpBs86D16q71Zdj3nDYrD3TPQw7u4Lt5g5Q/yH+FrubCD bZsJ7PuJ60i57Qv7cjYnNsMq5K5Tt+59zmHGqLruVLekDVx8TwBNzDlJw3ijHEtsFiON y5fgMwEGXcPtuom5sjZGfVA4IFFePBVy7HrZWt5HwNGAznJ6oZwfvziY3sUKCpNSkV23 jlQ/Eqj6CKtGVsKTHfUgPKBxoEjwQysAsqW5Hwx4t11/eEOWjPq4Pz47zIJh+TuafpWf GrBQ==
X-Gm-Message-State: AA6/9Rk+VzMep5Opa37+BTWtaQwwmHjZVnKxuMqEdAEeIRov4eeW74SYfHB87axiI+c6iK6lZRZtgBqzX0Nung==
X-Received: by 10.107.148.4 with SMTP id w4mr4428168iod.135.1476846208960; Tue, 18 Oct 2016 20:03:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.36.36.194 with HTTP; Tue, 18 Oct 2016 20:03:28 -0700 (PDT)
In-Reply-To: <CANO=Ty0yD+DmmeqC3dS2u=4+QNawqt6OJjyXRW2x1pqid=S5tQ@mail.gmail.com>
References: <20160613144048.9BBA942E034@smtpvbsrv1.mitre.org> <f24b7778-0446-c5d1-4905-e75a580fcbc4@redhat.com> <e2b42449-584c-9d7f-070e-b65b3150d3bc@redhat.com> <CANO=Ty0yD+DmmeqC3dS2u=4+QNawqt6OJjyXRW2x1pqid=S5tQ@mail.gmail.com>
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 18 Oct 2016 23:03:28 -0400
Message-ID: <CAH8yC8mgyB29TMaq+O6JRaDhP8Yod06KJ97EZC=7FY0Hd6sdtA@mail.gmail.com>
To: "saag@ietf.org" <saag@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/2D92Lez2VXMOBgqvLq4F_8u_cCI>
Subject: [saag] Fwd: [oss-security] Re: CVE Request: IKEv1 protocol is vulnerable to DoS amplification attack
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: noloader@gmail.com
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Oct 2016 03:03:33 -0000
FYI... ---------- Forwarded message ---------- From: Kurt Seifried <kseifried@redhat.com> Date: Tue, Oct 18, 2016 at 3:19 PM Subject: Re: [oss-security] Re: CVE Request: IKEv1 protocol is vulnerable to DoS amplification attack To: oss-security <oss-security@lists.openwall.com> Cc: Huzaifa Sidhpurwala <huzaifas@redhat.com>, CVE ID Requests <cve-assign@mitre.org> On Tue, Jul 12, 2016 at 1:46 PM, Paul Wouters <pwouters@redhat.com> wrote: > > I have tested openswan and strongswan and confirmed it contains the same > amplification that is inherent in being IKEv1 compliant. > > Neither implementation has applied the hardening that libreswan has > applied for this that was the original information that caused > CVE-2016-5361 to be issued for libreswan. > > I believe MITRE needs to fix the inconsistency in the issuance of > CVE-2016-5361, expand it to be about the IKEv1 protocol, and gather > the other vendor information and patches, or issue additional vendor > specific CVE's. I believe the first solution is better. > So I had a chance to talk to Paul Basically: the RFC doesn't define a specific way to handle this, as such a CVE cannot be given to the RFC (currently CVEs will be given to RFCs/protocols that say "do something bad" like using weak encryption algorithms). As such it was left up to all the IKE implementations themselves to determine what to do with respect to retransmits. I think it's safe to say an amplification of 1:10 or more qualifies as a problem, I'm not sure what the exact amplification ratio to qualify for a CVE is (1:3, 1:7?) but I think 1:10 or more should definitely qualify. Thus a lot of other IKE implementations will be needing CVEs for this class of problem (as well as other protocols).
- [saag] Fwd: [oss-security] Re: CVE Request: IKEv1… Jeffrey Walton