============================================================================= Grid Security Vulnerability Group Security Advisory -- Topic: Java trustmanager does not consider CA signing policies -- Date: 2007-07-31, updated 2010-08-16 -- Background The gLite Java Trustmanager is used for grid certificate handling in the Java environment of some gLite services. The CA signing policy specifies the namespace that each CA uses for the certificate Distinguished Name. It is defined in a file distributed by the IGTF[1] as part of its CA distribution packages. -- Affected Software Updated 2010-08-16 gLite 3.1 and gLite 3.2. -- Affected Components All components using the trustmanager for various secure web services. Server node types: glite-CREAM glite-FTS_oracle glite-HYDRA glite-MON glite-VOMS_mysql glite-VOMS_oracle Client node types: glite-UI glite-VOBOX glite-WN -- Vulnerability Details A certificate with a Distinguished Name lying outside the namespace of the corresponding CA will not be rejected by the Java trustmanager component. Thus all services that are relying on the trustmanager checks to determine the validity of the certificate and performing authentication/authorization based solely on the Distinguished Name of the client certificate will be vulnerable to an identity spoofing attack. The successful exploitation of this vulnerability requires the attacker either: - to trick a CA into issuing a certificate with a Distinguished Name lying inside some other accredited CA namespace, or - to get a CA private key and create such a certificate directly, or - to be a malicious accredited CA that will sign certificates outside its namespace. -- Grid Security Vulnerability Group Response The Grid Security Vulnerability Group considers this to be 'Low' risk. -- Component and Installation information for gLite 3.1 Installation instructions for gLite 3.1 are available at: http://glite.org/glite/packages/R3.1/updates.asp http://glite.web.cern.ch/glite/packages/R3.1/x86_64/updates.asp -- gLite 3.1 release number Updated 2010-08-16 At present gLite 3.1 does not contain a sufficiently recent version of the Trustmanager to fix this issue. -- Component and Installation information for gLite 3.2 Installation instructions for gLite 3.2 are available at: http://glite.web.cern.ch/glite/packages/R3.2/sl5_x86_64/updates.asp -- gLite 3.2 release number Updated 2010-08-16 gLite 3.2 Update 16 For some components earlier or later updates include a fixed version of the Trustmanager as explained below. -- Other information Added 2010-08-16 This issue has been fixed in the Java Trustmanager. The minimum versions of the Java trustmanager and util-java rpms that should have the bug fixed are: glite-security-util-java-2.0.3-1 glite-security-trustmanager-2.0.6-1 Note: not all components dependent on the Java trustmanager have been rebuilt since the fixed version has been available, especially regarding gLite 3.1. Components/node types pick it up as they are updated for other reasons. -- Credit This vulnerability was initially reported by Oscar Koeroo (NIKHEF). -- Disclosure Timeline 2006-03-07 Vulnerability reported by Oscar Koeroo (NIKHEF) 2006-10-10 Initial response from the Grid Security Vulnerability Group 2007-07-31 Public disclosure of advisory as disclosure has been agreed, Target Date has passed, and still not fully resolved. 2010-08-16 Updated advisory as a version of the Trustmanager has been produced which fixes this problem. -- References 1. International Grid Trust Federation, http://www.gridpma.org/. ==============================================================================