Novell Access Manager and CVE-2011-3389: "Beast Attack Vulnerability"

  • 7009901
  • 15-Dec-2011
  • 03-Jul-2013

Environment

Novell Access Manager 3.1 Linux Access Gateway appliance
Novell Access Manager 3.1 Linux Access Gateway service
NetIQ Access Manager 3.2

Situation

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plain text HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.


How the CVE-2011-3389 and the Best Attack vulnerability relates to Novell Access Manager 3.1 ?

Resolution

This is mostly an issue related to TLS 1.0 client, therefore in terms of mitigation the expectation is for this to be fixed in the various browsers currently affected.

However, acting on the server side of the connection, the only reliable way to defend against Beast Attack is to prioritise RC4 cipher suites, here follows a sample of how this can be done in apache:

SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH

If your server supports TLS 1.2+ you can also try a different approach:

SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM

The idea here is to put a few TLS 1.2 cipher suites first so that they can be picked up by TLS 1.2 clients, which are not vulnerable, followed by RC4 for TLS 1.0 clients.

Going back to Novell Acess Manager Access Gateway components, how can we apply the described SSL configuration ?

On the Linux Access Gateway appliance 3.1.x (LAG) this is not doable, there is no way to defend from the Beast Attack if not having the clients to use a Browser where the issue has been fixed.

Concerning the Linux Access Gateway Service 3.1.x (MAG) though , that is based on apache, we have the chance to manually tweak the configuration so to put in place the SSL directives described above.

The MAG can be then configured to be safe from the Beast Attack, however, if you are still running NAM 3.1.x the only effective way of doing this is manually modifying the various proxy services configuration files located in:

"etc/opt/novell/apache2/conf/vhosts.d/<proxy_service_name>.conf"

so to have the SSL directives to appear as we need.

The drawback with this approach is that any subsequent configuration change applied on the relevant proxy service from the administration console would cause this changes to be lost and reverted back to default; so the conf file would need to be modified again after every configuration change.

Theoretically the same goal can be achieved adding the SSL directives we need in the Advanced Options setting for the MAG from the Access Manager Admin Console, that will avoid the changes to be reverted back at every configuration update, however this section was created and tested for a given list of specific parameters that, at the time of 3.1.x, did not include SSLHonorCipherOrder and SSLCipherSuite.

The actual result of this operation would be to have the SSL directives to be appended at the end f the proxy service configuration file, and not to fully override the ones present in the earlier sections of the same files, potentially causing conflicts.

This issue has been fixed in NAM 3.2 so to allow the SSL directives to be properly modified acting on the Advanced Options setting for the AG from the Access Manager Admin Console, without creating any potential conflicts as described above.

In addition, security scans on IDP or AC devices may also report the vulnerability. You can also enable ciphers on the connector in the server.xml to protect them:

<Connector NIDP_Name="connector" SSLEnabled="true" URIEncoding="utf-8" acceptCount="100" address="192.168.1.1" ciphers="ECDHE-RSA-AES256-SHA384, AES256-SHA-256, SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_KRB5_WITH_RC4_128_SHA" clientAuth="false" disableUploadTimeout="true" enableLookups="false" keystoreFile="/opt/novell/devman/jcc/certs/idp/connector.keystore" keystorePass="A4kW3c1Le3861sm" maxThreads="600" minSpareThreads="5" port="8443" scheme="https" secure="true" sslImplementationName="com.novell.nidp.common.util.net.server.NIDPSSLImplementation" sslProtocol="TLS"/>

Status

Security Alert

Additional Information

More informations can be found at the following locations:

https://support.novell.com/security/cve/CVE-2011-3389.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389


Feedback service temporarily unavailable. For content questions or problems, please contact Support.