000032667 - RSA Authentication Manager CVE-2016-0800 "DROWN" Vulnerability - False Positive

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 3, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000032667
Applies ToRSA Authentication Manager 8.x
RSA Authentication Manager 7.1.4 / 3.0.4
CVE IDCVE-2016-0800, CVE-2016-0705, CVE-2016-0798, CVE-2016-0797, CVE-2016-0799, CVE-2016-0703, CVE-2016-0704
Article SummaryCVE-2016-0800 – DROWN vulnerability
And related vulnerabilities: 
CVE-2016-0705, CVE-2016-0798, CVE-2016-0797, CVE-2016-0799, CVE-2016-0703, CVE-2016-0704
Link to Advisorieshttps://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0800
https://www.openssl.org/news/secadv/20160301.txt

https://access.redhat.com/security/vulnerabilities/drown
https://www.suse.com/security/cve/CVE-2016-0800.html
Alert ImpactNot Applicable
Technical DetailsFalse positive
Technical Details ExplanationSeverity: High
A cross-protocol attack was discovered that could lead to decryption of TLS
sessions by using a server supporting SSLv2 and EXPORT cipher suites as a
Bleichenbacher RSA padding oracle.  Note that traffic between clients and
non-vulnerable servers can be decrypted provided another server supporting
SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or
POP) shares the RSA keys of the non-vulnerable server. This vulnerability is
known as DROWN (CVE-2016-0800).
Recovering one session key requires the attacker to perform approximately 2^50
computation, as well as thousands of connections to the affected server. A more
efficient variant of the DROWN attack exists against unpatched OpenSSL servers
using versions that predate 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf released on
19/Mar/2015 (see CVE-2016-0703).
Users can avoid this issue by disabling the SSLv2 protocol in all their SSL/TLS
servers, if they've not done so already. Disabling all SSLv2 ciphers is also
sufficient, provided the patches for CVE-2015-3197 (fixed in OpenSSL 1.0.1r and
1.0.2f) have been deployed.  Servers that have not disabled the SSLv2 protocol,
and are not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2
ciphers are nominally disabled, because malicious clients can force the use of
SSLv2 with EXPORT ciphers.
ResolutionRSA Authentication Manager 3.0.4/7.1.4, 8.1 and 8.1 SP1 P11 is not impacted as SSLv2 is not utilized.
Notes

Upgraded OpenSSL to openssl-0.9.8j-0.89.1 in Third Party Patch v2 as per https://www.suse.com/security/cve/CVE-2016-0800.html

To confirm:

~> rpm -qa | grep openssl libopenssl0_9_8-0.9.8j-0.89.1 openssl-0.9.8j-0.89.1

 

Disclaimer

Read and use the information in this RSA Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact RSA Software Technical Support at 1- 800 995 5095. RSA Security LLC and its affiliates, including without limitation, its ultimate parent company, EMC Corporation, distributes RSA Security Advisories in order to bring to the attention of users of the affected RSA products, important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided 'as is' without warranty of any kind. RSA disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall RSA, its affiliates or suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA, its affiliates or suppliers have been advised of the possibility of such damages. Some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.

Attachments

    Outcomes