'Re: [oss-security] [oCERT-2015-003] MySQL SSL/TLS downgrade'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] [oCERT-2015-003] MySQL SSL/TLS downgrade
From:       Jon Oberheide <jon () oberheide ! org>
Date:       2015-04-30 15:50:25
Message-ID: CAFHQe1eXiKoQSj7EZz-XFGpkQSSN3nDmumvhuawi_731Ks6Axg () mail ! gmail ! com
[Download RAW message or body]


Some additional silly links related to the vulnerability:

http://backronym.fail/
https://www.duosecurity.com/blog/backronym-mysql-vulnerability

And actually one useful link from Todd Farmer:

http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/

On Wed, Apr 29, 2015 at 10:00 AM, Andrea Barisani <lcars@ocert.org> wrote:

>
> #2015-003 MySQL SSL/TLS downgrade
>
> Description:
>
> The MySQL project is an open source relational database management system.
>
> A vulnerability has been reported concerning the impossibility for MySQL
> users
> (with any major stable version) to enforce an effective SSL/TLS connection
> that would be immune from man-in-the-middle (MITM) attacks performing a
> malicious downgrade.
>
> While the issue has been addressed in MySQL preview release 5.7.3 in
> December
> 2013, it is perceived that the majority of MySQL users are not aware of
> this
> limitation and that the issue should be treated as a vulnerability.
>
> The vulnerability lies within the behaviour of the '--ssl' client option,
> which on affected versions it is being treated as "advisory". Therefore
> while
> the option would attempt an SSL/TLS connection to be initiated towards a
> server, it would not actually require it. This allows a MITM attack to
> transparently "strip" the SSL/TLS protection.
>
> The issue affects the ssl client option whether used directly or triggered
> automatically by the use of other ssl options ('--ssl-xxx') that imply
> '--ssl'.
>
> Such behavior is clearly indicated in MySQL reference manual as follows:
>
>   For the server, this option specifies that the server permits but does
> not require
>   SSL connections.
>
>   For a client program, this option permits but does not require the
> client to
>   connect to the server using SSL. Therefore, this option is not
> sufficient in
>   itself to cause an SSL connection to be used. For example, if you
> specify this
>   option for a client program but the server has not been configured to
> permit
>   SSL connections, an unencrypted connection is used.
>
> In a similar manner to the new '--ssl' option behaviour, users of the MySQL
> client library (Connector/C, libmysqlclient), as of MySQL 5.7.3, can take
> advantage of the MYSQL_OPT_SSL_ENFORCE option to enforce SSL/TLS
> connections.
>
> The vulnerability also affects the MySQL forks MariaDB and Percona Server,
> as
> the relevant 5.7.3 patch has not been pulled, at the time of this
> advisory, in
> their respective stable versions.
>
> Affected version:
>
> MySQL <= 5.7.2
>
> MySQl Connector/C (libmysqlclient) < 6.1.3
>
> Percona Server, all versions
>
> MariaDB, all versions
>
> Fixed version:
>
> MySQL >= 5.7.3
>
> MySQl Connector/C (libmysqlclient) >= 6.1.3
>
> Percona Server, N/A
>
> MariaDB, N/A
>
> Credit: vulnerability report from Adam Goodman, Principal Security
> Architect
> at Duo Security.
>
> CVE: CVE-2015-3152 (MariaDB, Percona)
>
> Timeline:
>
> 2015-03-20: vulnerability report received
> 2015-03-23: contacted Oracle Security
> 2015-04-04: oCERT sets embargo date to April 29th
> 2015-04-20: reporter confirms MariaDB is affected
> 2015-04-22: contacted MariaDB and affected vendors, assigned CVEs
> 2015-04-23: contacted Percona
> 2015-04-29: advisory release
>
> References:
>
> https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390
> http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option
> http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-3.html
> https://mariadb.atlassian.net/browse/MDEV-7937
> https://bugs.launchpad.net/percona-server/+bug/1447527
>
> Permalink:
> http://www.ocert.org/advisories/ocert-2015-003.html
>
> --
> Andrea Barisani |                Founder & Project Coordinator
>           oCERT | OSS Computer Security Incident Response Team
>
> <lcars@ocert.org>                         http://www.ocert.org
>  0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
>         "Pluralitas non est ponenda sine necessitate"
>



-- 
Jon Oberheide <jon@oberheide.org>
GnuPG Key: 4096R/52961381
Fingerprint: 964B 79EF 47D4 D7D0 CF73 D456 97FF B9D2 5296 1381


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic