[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Telnet Encryption Vulnerability

Title: Telnet Encryption Vulnerability
Released by: CERT
Date: 3rd March 1995
Printable version: Click here
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1





=============================================================================

CERT(*) Advisory CA-95:03a

Original issue date:  March 3, 1995

Last revised: September 23, 1997

                Updated copyright statement



A complete revision history is at the end of this file.



Topic: Telnet Encryption Vulnerability

- -----------------------------------------------------------------------------



                *** This advisory supersedes CA-95:03. ***



The CERT Coordination Center has received reports of a serious security

problem in the Berkeley Telnet clients that provide support for the

experimental Telnet encryption option using the Kerberos V4 authentication.

All known released versions of the BSD Telnet that support Kerberos V4

authentication and encryption are affected.



We recommend that all sites that use encrypted telnet in conjunction with

Kerberos V4 obtain a patch or upgraded version of Telnet according to the

instructions in Section III below.



We will update this advisory as we receive additional information.

Please check advisory files regularly for updates that relate to your site.

- ---------------------------------------------------------------------------



I.   Description



     There is a vulnerability in Berkeley Telnet clients that support

     encryption and Kerberos V4 authentications. This vulnerability

     substantially reduces the effectiveness of the encryption.



II.  Impact



     Anyone who can access and read packets that make up the encrypted

     Telnet session can easily decrypt the session. This is possible, for

     example, when an intruder uses a packet sniffer on the network to

     intercept the Telnet sessions.



III. Solution



     Obtain and install the appropriate patch according to the instructions

     included with the patch.



     In Appendix A is a summary of the vendors who have reported to us and

     the status they provided, including how to obtain patches.

     We will update the appendix as we receive more information from vendors.



.............................................................................



Appendix A: Vendor Information



Below is information we have received from vendors who have patches available

or upcoming, along with names of vendors who have reported that their

products do not have the problem.



If you have an encrypting Telnet from a vendor who is not listed, please

contact that vendor for information regarding how to get a fixed version.



     Vendor or Source                     Status

     ----------------                     ------------

     Berkeley SW Distribution (BSD)       source-code patch available from

                                          Berkeley; also in Appendix B of

                                          this advisory

     Data General Corporation             not affected by the vulnerability

     Digital Equipment Corporation        not affected by the vulnerability

     FTP Software, Inc.                   patch available

     Harris NightHawk System              not affected by the vulnerability

     Hewlett-Packard Company              not affected by the vulnerability

     Nat'l. Center for Supercomputer

       Applications (NCSA)                upgrade available

     Open Software Foundation             not affected by the vulnerability

     The Santa Cruz Operation, Inc.(SCO)  not affected by the vulnerability

     Sequent Computer Systems             not affected by the vulnerability

     Sun Microsystems, Inc.               not affected by the vulnerability





PATCH INFORMATION

- -------------

Berkeley Software Distribution (BSD)



     A source-code patch, along with the domestic version of the most

     recently released Telnet sources from Berkeley, are available by

     anonymous FTP from



         net-dist.mit.edu:/pub/telnet/telnet.patch

         MD5 65d56befe3d0f1699d38de5509552578



     There is also a PGP ASCII signature file for the patch in



          net-dist.mit.edu:/pub/telnet/telnet.patch.sig



     This patch can also be found in CERT Advisory CA-95:03a, Appendix B.

     (Note: Do not calculate a checksum for Appendix B alone. It will not

     match the checksum of the FTP version of the patch because the tabs in

     the FTP copy have been replaced with blank spaces in the CA-95:03a

     Appendix B copy.)



- -------------

FTP Software, Inc.



     Customers of FTP Software with an encrypting telnet (provided in the

     PC/TCP or OnNet packages) should call the FTP technical support line

     at 1-800-282-4387 and ask for the "tn encrypt patch".



- -------------

National Center for Supercomputer Applications (NCSA)



     Users of NCSA Telnet should upgrade to the NCSA Telnet 2.6.1d7, AND

     install the appropriate Kerberos plug-in which are available by

     anonymous FTP from ftp.ncsa.uiuc.edu



     Upgrade



        /Mac/Telnet/Telnet2.6/prerelease/d7/Telnet2.6.1d7(68K).sit.hqx

        MD5  b34b9fda59421b3b83f8df08a83f83b5



        /Mac/Telnet/Telnet2.6/prerelease/d7/Telnet2.6.1d7(fat).sit.hqx

        MD5  877add7c3d298111889fc3f2f272ce6f



     Kerberos plug-ins



        /Mac/Telnet/Telnet2.6/prerelease/AuthMan.plugin.1.0b1.hqx

        MD5  df727eae184b22125f90ef1a31513fd4



        /Mac/Telnet/Telnet2.6/prerelease/Kerberos_Telnet_plugin.sit.hqx

        MD5  dbda691efe9038648f234397895c734d



     Questions regarding NCSA Telnet should be directed to

     mactel@ncsa.uiuc.edu







.............................................................................



Appendix B: Patch for Vulnerability in Telnet Encryption Option



Index: auth.c

===================================================================

RCS file: /mit/krb5/.cvsroot/src/appl/telnet/libtelnet/auth.c,v

retrieving revision 5.5

retrieving revision 5.7

diff -u -r5.5 -r5.7

- --- auth.c      1994/08/18 21:06:45     5.5

+++ auth.c      1994/11/08 04:39:02     5.7

@@ -244,7 +244,7 @@

 {

        register int x;



- -       if (strcasecmp(type, AUTHTYPE_NAME(0))) {

+       if (!strcasecmp(type, AUTHTYPE_NAME(0))) {

                *maskp = -1;

                return(1);

        }

@@ -260,14 +260,14 @@



        int

 auth_enable(type)

- -       int type;

+       char * type;

 {

        return(auth_onoff(type, 1));

 }



        int

 auth_disable(type)

- -       int type;

+       char * type;

 {

        return(auth_onoff(type, 0));

 }

@@ -277,15 +277,20 @@

        char *type;

        int on;

 {

- -       int mask = -1;

+       int i, mask = -1;

        Authenticator *ap;



        if (!strcasecmp(type, "?") || !strcasecmp(type, "help")) {

                 printf("auth %s 'type'\n", on ? "enable" : "disable");

                printf("Where 'type' is one of:\n");

                printf("\t%s\n", AUTHTYPE_NAME(0));

- -               for (ap = authenticators; ap->type; ap++)

+               mask = 0;

+               for (ap = authenticators; ap->type; ap++) {

+                       if ((mask & (i = typemask(ap->type))) != 0)

+                               continue;

+                       mask |= i;

                        printf("\t%s\n", AUTHTYPE_NAME(ap->type));

+               }

                return(0);

        }



@@ -293,7 +298,6 @@

                printf("%s: invalid authentication type\n", type);

                return(0);

        }

- -       mask = getauthmask(type, &mask);

        if (on)

                i_wont_support &= ~mask;

        else

@@ -317,16 +321,22 @@

 auth_status()

 {

        Authenticator *ap;

+       int i, mask;



        if (i_wont_support == -1)

                printf("Authentication disabled\n");

        else

                printf("Authentication enabled\n");



- -       for (ap = authenticators; ap->type; ap++)

+       mask = 0;

+       for (ap = authenticators; ap->type; ap++) {

+               if ((mask & (i = typemask(ap->type))) != 0)

+                       continue;

+               mask |= i;

                printf("%s: %s\n", AUTHTYPE_NAME(ap->type),

                        (i_wont_support & typemask(ap->type)) ?

                                        "disabled" : "enabled");

+       }

        return(1);

 }



Index: kerberos.c

===================================================================

RCS file: /mit/krb5/.cvsroot/src/appl/telnet/libtelnet/kerberos.c,v

retrieving revision 5.5

retrieving revision 5.8

diff -u -r5.5 -r5.8

- --- kerberos.c  1994/08/18 21:07:02     5.5

+++ kerberos.c  1994/11/14 21:33:58     5.8

@@ -225,9 +225,10 @@

                register int i;



                des_key_sched(cred.session, sched);

- -               des_set_random_generator_seed(cred.session);

- -               des_new_random_key(challenge);

- -               des_ecb_encrypt(challenge, session_key, sched, 1);

+               des_init_random_number_generator(cred.session);

+               des_new_random_key(session_key);

+               des_ecb_encrypt(session_key, session_key, sched, 0);

+               des_ecb_encrypt(session_key, challenge, sched, 0);

                /*

                 * Increment the challenge by 1, and encrypt it for

                 * later comparison.

@@ -320,6 +321,11 @@

                        break;

                }



+               /*

+                * Initialize the random number generator since it's

+                * used later on by the encryption routine.

+                */

+               des_init_random_number_generator(session_key);

                des_key_sched(session_key, sched);

                memcpy((void *)datablock, (void *)data, sizeof(Block));

                /*

@@ -337,7 +343,7 @@

                 * increment by one, re-encrypt it and send it back.

                 */

                des_ecb_encrypt(datablock, challenge, sched, 0);

- -               for (r = 7; r >= 0; r++) {

+               for (r = 7; r >= 0; r--) {

                        register int t;

                        t = (unsigned int)challenge[r] + 1;

                        challenge[r] = t;       /* ignore overflow */



Index: commands.c

===================================================================

RCS file: /mit/krb5/.cvsroot/src/appl/telnet/telnet/commands.c,v

retrieving revision 5.14

retrieving revision 5.16

diff -u -r5.14 -r5.16

- --- commands.c  1994/08/18 21:07:37     5.14

+++ commands.c  1994/11/08 06:42:49     5.16

@@ -1919,8 +1919,8 @@

 };



 extern int

- -       auth_enable P((int)),

- -       auth_disable P((int)),

+       auth_enable P((char *)),

+       auth_disable P((char *)),

        auth_status P((void));

 static int

        auth_help P((void));

@@ -1959,6 +1959,12 @@

 {

     struct authlist *c;



+    if (argc < 2) {

+      fprintf(stderr,

+          "Need an argument to 'auth' command.  'auth ?' for help.\n");

+      return 0;

+    }

+

     c = (struct authlist *)

                genget(argv[1], (char **) AuthList, sizeof(struct authlist));

     if (c == 0) {

@@ -2015,7 +2021,7 @@

                                                EncryptEnable, 1, 1, 2 },

     { "disable", "Disable encryption. ('encrypt enable ?' for more)",

                                                EncryptDisable, 0, 1, 2 },

- -    { "type", "Set encryptiong type. ('encrypt type ?' for more)",

+    { "type", "Set encryption type. ('encrypt type ?' for more)",

                                                EncryptType, 0, 1, 1 },

     { "start", "Start encryption. ('encrypt start ?' for more)",

                                                EncryptStart, 1, 0, 1 },

@@ -2058,6 +2064,12 @@

     char *argv[];

 {

     struct encryptlist *c;

+

+    if (argc < 2) {

+       fprintf(stderr,

+           "Need an argument to 'encrypt' command.  'encrypt ?' for help.\n");

+       return 0;

+    }



     c = (struct encryptlist *)

                genget(argv[1], (char **) EncryptList, sizeof(struct encryptlist));



- ---------------------------------------------------------------------------

The CERT Coordination Center wishes to thank Theodore Ts'o of the

Massachusetts Institute of Technology for identifying and developing a

solution to this problem. We also thank Douglas Engert of Argonne National

Laboratory for pointing out the omission in our original Appendix B.

- ---------------------------------------------------------------------------



If you believe that your system has been compromised, contact the CERT

Coordination Center or your representative in Forum of Incident Response

and Security Teams (FIRST).



If you wish to send sensitive incident or vulnerability information to CERT

staff by electronic mail, we strongly advise that the e-mail be encrypted.

The CERT Coordination Center can support a shared DES key, PGP (public key

available via anonymous FTP on info.cert.org), or PEM (contact CERT staff

for details).



Internet E-mail: cert@cert.org

Telephone: +1 412-268-7090 (24-hour hotline)

           CERT personnel answer 8:30 a.m.-5:00 p.m. EST(GMT-5)/EDT(GMT-4),

           and are on call for emergencies during other hours.

Fax: +1 412-268-6989



CERT Coordination Center

Software Engineering Institute

Carnegie Mellon University

Pittsburgh, PA 15213-3890

USA



Past advisories, CERT bulletins, information about FIRST representatives,

and other information related to computer security are available for

anonymous FTP from info.cert.org.



- ------------------------------------------------------------------------------



Copyright 1995 Carnegie Mellon University. Conditions for use, disclaimers,

and sponsorship information can be found in

http://www.cert.org/legal_stuff.html and http://ftp.cert.org/pub/legal_stuff .

If you do not have FTP or web access, send mail to cert@cert.org with

"copyright" in the subject line.



CERT is registered in the U.S. Patent and Trademark Office.





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Revision history



Sep. 23. 1997   Updated copyrigth information

Aug. 30, 1996   Information previously in the README was inserted

                      into the advisory.

Mar. 03, 1995   Appendix A summary list - Digital Equipment and Sequent added

                      as "not affected by the vulnerability"

Mar. 03, 1995   This advisory superseded CA-95:03, which had a portion of the

                       patch missing from Appendix B.







-----BEGIN PGP SIGNATURE-----

Version: PGP for Personal Privacy 5.0

Charset: noconv



iQA/AwUBOBS/i1r9kb5qlZHQEQIZogCfUHTZPuUaDgtQj01jtTcdodnNLnMAoPZ2

x34phx468JQRZiX0cDogCs9X

=pZSL

-----END PGP SIGNATURE-----








(C) 1999-2000 All rights reserved.