Debian Bug report logs - #511517
libnasl: Return values of DSA_do_verify

version graph

Package: libnasl; Maintainer for libnasl is (unknown);

Reported by: Kurt Roeckx <kurt@roeckx.be>

Date: Sun, 11 Jan 2009 19:27:01 UTC

Severity: normal

Fixed in version 2.2.11-1+rm

Done: Marco Rodrigues <gothicx@sapo.pt>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Javier Fernandez-Sanguino Pen~a <jfs@debian.org>:
Bug#511517; Package libnasl. (Sun, 11 Jan 2009 19:27:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kurt Roeckx <kurt@roeckx.be>:
New Bug report received and forwarded. Copy sent to Javier Fernandez-Sanguino Pen~a <jfs@debian.org>. (Sun, 11 Jan 2009 19:27:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Kurt Roeckx <kurt@roeckx.be>
To: submit@bugs.debian.org
Subject: libnasl: Return values of DSA_do_verify
Date: Sun, 11 Jan 2009 20:24:30 +0100
Package: libnasl
Severity: serious
Tags: security

Hi,

I've been checking packages to see if they properly check the return
value of some of the functions in openssl.  In nasl/nasl_crypto2.c
there is this code:
  if (DSA_do_verify((unsigned char*)data, datalen, sig, dsa))
     retc->x.i_val = 1;

But DSA_do_verify() can return 0 or -1 in case of errors.  A good way
to check the value would be something like:
  if (DSA_do_verify((unsigned char*)data, datalen, sig, dsa) == 1)


I have no idea if this code is being used and what the consequences
of this might be.


Kurt





Information forwarded to debian-bugs-dist@lists.debian.org, Javier Fernandez-Sanguino Pen~a <jfs@debian.org>:
Bug#511517; Package libnasl. (Wed, 28 Jan 2009 21:03:15 GMT) Full text and rfc822 format available.

Acknowledgement sent to Moritz Muehlenhoff <jmm@inutil.org>:
Extra info received and forwarded to list. Copy sent to Javier Fernandez-Sanguino Pen~a <jfs@debian.org>. (Wed, 28 Jan 2009 21:03:15 GMT) Full text and rfc822 format available.

Message #10 received at 511517@bugs.debian.org (full text, mbox):

From: Moritz Muehlenhoff <jmm@inutil.org>
To: 511517@bugs.debian.org
Cc: control@bugs.debian.org
Subject: Not security-relevant
Date: Wed, 28 Jan 2009 22:01:14 +0100
severity 511517 normal
tags 511517 -security
thanks

This should be fixed as a general bug, but upstream points out that
it is w/o security relevance:
http://www.attrition.org/pipermail/vim/2009-January/002133.html




Severity set to `normal' from `serious' Request was from Moritz Muehlenhoff <jmm@inutil.org> to control@bugs.debian.org. (Wed, 28 Jan 2009 21:03:16 GMT) Full text and rfc822 format available.

Tags removed: security Request was from Moritz Muehlenhoff <jmm@inutil.org> to control@bugs.debian.org. (Wed, 28 Jan 2009 21:03:17 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Javier Fernandez-Sanguino Pen~a <jfs@debian.org>:
Bug#511517; Package libnasl. (Wed, 28 Jan 2009 22:06:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kurt Roeckx <kurt@roeckx.be>:
Extra info received and forwarded to list. Copy sent to Javier Fernandez-Sanguino Pen~a <jfs@debian.org>. (Wed, 28 Jan 2009 22:06:07 GMT) Full text and rfc822 format available.

Message #19 received at 511517@bugs.debian.org (full text, mbox):

From: Kurt Roeckx <kurt@roeckx.be>
To: Renaud Deraison <deraison@nessus.org>
Cc: 511517@bugs.debian.org
Subject: CVE-2009-0125
Date: Wed, 28 Jan 2009 23:00:38 +0100
Hi,

I saw that you wrote:

> If an attacker were to control a rogue SSH server, then he would be better
> off submitting a perfectly valid signature instead of a malformed one, and we
> would log into it anyways. Hence, there is absolutely no security risk
> associated with the misuse of this function.

I would like to start by saying that I have no idea how it works.
But I have to wonder why you call DSA_do_verify() if it the result
has no impact on the security.

Did you considered a man in the middle attack, where the attacker
could impersonate the 2 other parties and have full control over
the connection?


Kurt





Information forwarded to debian-bugs-dist@lists.debian.org, Javier Fernandez-Sanguino Pen~a <jfs@debian.org>:
Bug#511517; Package libnasl. (Wed, 28 Jan 2009 22:12:08 GMT) Full text and rfc822 format available.

Acknowledgement sent to jfs@computer.org:
Extra info received and forwarded to list. Copy sent to Javier Fernandez-Sanguino Pen~a <jfs@debian.org>. (Wed, 28 Jan 2009 22:12:08 GMT) Full text and rfc822 format available.

Message #24 received at 511517@bugs.debian.org (full text, mbox):

From: Javier Fernandez-Sanguino <javifs@gmail.com>
To: Moritz Muehlenhoff <jmm@inutil.org>, 511517@bugs.debian.org
Cc: control@bugs.debian.org
Subject: Re: Bug#511517: Not security-relevant
Date: Wed, 28 Jan 2009 22:52:31 +0100
2009/1/28 Moritz Muehlenhoff <jmm@inutil.org>:
> severity 511517 normal
> tags 511517 -security
> thanks
>
> This should be fixed as a general bug, but upstream points out that
> it is w/o security relevance:
> http://www.attrition.org/pipermail/vim/2009-January/002133.html

Fedora has shipped security advisories related to this bug in Nessus,
I understand, then, that we do not need to do likewise.

Regards

Javier




Information forwarded to debian-bugs-dist@lists.debian.org, Javier Fernandez-Sanguino Pen~a <jfs@debian.org>:
Bug#511517; Package libnasl. (Thu, 29 Jan 2009 18:27:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kurt Roeckx <kurt@roeckx.be>:
Extra info received and forwarded to list. Copy sent to Javier Fernandez-Sanguino Pen~a <jfs@debian.org>. (Thu, 29 Jan 2009 18:27:02 GMT) Full text and rfc822 format available.

Message #29 received at 511517@bugs.debian.org (full text, mbox):

From: Kurt Roeckx <kurt@roeckx.be>
To: 511517@bugs.debian.org
Subject: Fwd: Re: CVE-2009-0125
Date: Thu, 29 Jan 2009 19:23:38 +0100
[Message part 1 (text/plain, inline)]
Hi,

I attached an email I got back from Renaud Deraison which
basicly states that all the error case that DSA_do_verify()
checks are already checked before the call to DSA_do_verify()
and that DSA_do_verify() should not return -1.


Kurt

[Message part 2 (message/rfc822, inline)]
From: Renaud Deraison <deraison@nessus.org>
To: Kurt Roeckx <kurt@roeckx.be>
Subject: Re: CVE-2009-0125
Date: Thu, 29 Jan 2009 10:12:24 +0100

Hi Kurt,

On Jan 28, 2009, at 11:00 PM, Kurt Roeckx wrote:
>
[...]
> I would like to start by saying that I have no idea how it works.
> But I have to wonder why you call DSA_do_verify() if it the result
> has no impact on the security.

We mostly do this to make sure the protocol works as expected.


> Did you considered a man in the middle attack, where the attacker
> could impersonate the 2 other parties and have full control over
> the connection?

Yes, that was the point of my message -- we do opportunistic  
encryption anyhow.

We also further investigated the use of that function and, given our  
implementation, we do not believe that an attacker could submit a DSA  
signature which would generate an error (since we verify the number of  
bits, etc... prior to calling DSA_do_verify()).

It's still a bug, but it has no security implications.


Take care,

					-- Renaud


Reply sent to Marco Rodrigues <gothicx@sapo.pt>:
You have taken responsibility. (Sat, 29 Aug 2009 09:12:13 GMT) Full text and rfc822 format available.

Notification sent to Kurt Roeckx <kurt@roeckx.be>:
Bug acknowledged by developer. (Sat, 29 Aug 2009 09:12:14 GMT) Full text and rfc822 format available.

Message #34 received at 511517-done@bugs.debian.org (full text, mbox):

From: Marco Rodrigues <gothicx@sapo.pt>
To: 511517-done@bugs.debian.org
Subject: Package libnasl has been removed from Debian
Date: Sat, 29 Aug 2009 09:58:14 +0100
Version: 2.2.11-1+rm

You filled the bug http://bugs.debian.org/511517 in Debian BTS
against the package libnasl. I'm closing it at *unstable*, but it will
remain open for older distributions.

For more information about this package's removal, read
http://bugs.debian.org/534506. That bug might give the reasons why
this package was removed and suggestions of possible replacements.

Don't hesitate to reply to this mail if you have any question.

Thank you for your contribution to Debian.

--
Marco Rodrigues




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 27 Sep 2009 07:28:39 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 06:35:17 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.