		   Grid Security Vulnerability Group - Advisory

-- Topic:          Possibility of a MITM attack when using the Java Trustmanager
-- Date:           2010-02-09, updated 2010-07-20
-- ID:	           Grid Vulnerability Savannah bug #60154 (JRA1 bug #60127)

-- Background

The gLite Java Trustmanager is used for grid certificate handling in the Java
environment of some gLite services.


-- Vulnerability Details

The possibility of a Man In The Middle (MITM) vulnerability in TLS/SSL has been
publicly discussed (see references) and it applies to the gLite Trustmanager.

-- Grid Security Vulnerability Group Response

The Grid Security Vulnerability Group considers this issue to be 'Low' risk.


-- Affected software and components

Server node types:

    glite-CREAM
    glite-FTS_oracle
    glite-HYDRA
    glite-MON
    glite-VOMS_mysql
    glite-VOMS_oracle

Client node types:

    glite-UI
    glite-VOBOX
    glite-WN

The server problem is fixed in glite-security-trustmanager >= 2.5.5-1.


-- Other information

It is very difficult to exploit this issue, but the trustmanager server code
has been modified by removing all cipher options after the handshake, thus
making any renegotiations fail, which should make all trustmanager servers
immune to such attacks.  The client has not been modified, as there is no
simple solution on the client side and there should be few (if any) Java
clients using the trustmanager that might be used to connect to services
outside the ones supported by gLite, hence the remaining risk is very low.

The GSVG has not been able to identify any other pieces of gLite middleware
which could be affected by the SSL/TLS issue.

Globus have also assessed the problem and concluded that Globus is unaffected.

Note that not all components dependent on the Java trustmanager have been
rebuilt since the modified version has been available.
Components/node types pick it up as they are released.


-- Credit

Vulnerability discussed publicly and GSVG alerted by Jim Basney and Eygene
Ryabinkin.


-- Disclosure Timeline
Yyyy-mm-dd

2009-11-09 Vulnerability discussed publicly and GSVG alerted by Jim Basney and
           Eygene Ryabinkin
2009-12-04 Initial assessment by the Grid Security Vulnerability Group
2010-06-09 Updated java-trustmanager available
2010-07-20 Public disclosure

-- References

References:
http://extendedsubset.com/
http://www.ietf.org/mail-archive/web/tls/current/msg03928.html
http://www.ietf.org/mail-archive/web/tls/current/msg03948.html
http://www.theregister.co.uk/2009/11/05/serious_ssl_bug/
http://www.links.org/?p=780
http://it.slashdot.org/story/09/11/05/144252/Man-In-the-Middle-Vulnerability-For-SSL-and-TLS


==========================================================================