-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Subject: CVE-2011-4073 Openswan crypto helper crasher Release date: Fri Oct 28, 2011 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2011-4073 Security Alert: This alert (and any possible updates) is available at the following URL: http://www.openswan.org/download/CVE-2011-4073/ The Openswan project was informed of a vulnerability in the crypto helper handler in our IKE daemon implementation "pluto". Vulnerable versions: openswan 2.3.0 up to 2.6.36 configured without nhelpers=0 Fixed version : openswan 2.6.37 Vulnerability information: When a phase 2 cryptographic job is handed over to a crypto helper process, and the phase 1 associated with that phase2 is deleted, the crypto helper submits its completed work to a freed and possible re-used memory location. Openswan is only vulnerable if the attacker is a known client that can pass ISAKMP phase 1 authentication. Since the cryptographic work done locally cannot be influenced by the remote client, it is not possible for the client to cause remote execution of code. Cryptographic helpers are normally enabled, but vendor distributions of Openswan disabled the cryptohelpers using "pluto --nhelpers 0" or specifying "nhelpers=0" in the ipsec.conf configuration file. Vulnerability Details: The functions quick_outI1_continue() and quick_outI1() copied pointers to state structs into the struct qke_continuation. When the original state struct was deleted, the stored pointer in qke_continuation was still pointing to these memory locations, causing the invalid memory access. The IKE daemon would crash and restart. These fixed functions now properly lookup the state ojbects from the state table by their st_serialno. When requested to delete a deleted state, a warning is logged. Full release: The latest openswan release which fixes all known issues can be found at: http://www.openswan.org/download/openswan-2.6.37.tar.gz http://www.openswan.org/download/openswan-2.6.37.tar.gz.asc (GPG signature) Patch: For those unable to upgrade to the latest openswan 2.6.37 release, the following patch can be used to resolve this problem: http://www.openswan.org/download/CVE-2011-4073/openswan-2.x.x-CVE-2011-4073.patch Credits: This vulnerability was found by the information security group at ETH Zurich (http://www.infsec.ethz.ch) using an IKE protocol fuzzer during work on testing protocol implementations funded by the Spacios European project (http://spacios.eu/). We specifically wish to thank Petar Tsankov, Mohammad Torabi Dashti and David Basin for their work with the Openswan Project in reporting this vulnerability and performing tests confirming resolution of this vulnerability. About openswan (http://www.openswan.org/): Openswan is a free implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE). IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted network is encrypted by the IPsec gateway machine, and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network (VPN). About Xelerance (http://www.xelerance.com/): Xelerance is the custodian of the openswan IPsec software and the L2TP server xl2tpd. These are used in combination to provide Enterprise VPN solutions. Headquartered in Ottawa, the high-tech capital of Canada, Xelerance provides products and services to secure the internet. Its products include DNSX Secure Signer and DNSX Secure Resolver. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBTqsXhOcYBqa1zCfhAQi6Dwf/WTMR+MXxnzmGEAWRu4x8R2N2MLJO5mZl pJUZlrWsMdUmIExuBoB+XPIsTERwaK1qCL7065H+d3+J2gUAy/dPzDABpausfEPX uE3j5DXCW3gtgIBurefFTvJRyg6J7k+mfzGf2kewaWrduQe/55XAls+1Bk4lWYOG JtW/qq2kmpMScUGc7xVWapIFCoe0J8JQvrEiinImvuPocdJyqJ1FV/M1CcqiaitH A1/4l/pjNPqdrYltJ1bK/D5k2+a79dvsasECuISijPmmlGfRBgXyJX4SX2YhXyXI SMoKm4pb0OdnB8x9E5HeHoXCn16sSuDYzw5Hd8nYc/tg4F1aLwQ8mQ== =K8/i -----END PGP SIGNATURE-----