GnuTLS 函数库libgnutls "lib/gnutls_pk.c" 远程安全漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117673 漏洞类型 加密问题
发布时间 2009-04-30 更新时间 2009-06-10
CVE编号 CVE-2009-1416 CNNVD-ID CNNVD-200904-562
漏洞平台 Linux CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/32965
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200904-562
|漏洞详情
GnuTLS是用于实现TLS加密协议的函数库。GnuTLS中的多个安全漏洞可能被远程利用执行欺骗攻击、绕过某些安全限制或导致拒绝服务。GnuTLS库生成的是RSA密钥而不是DSA密钥,而RSA密钥生成的是弱加密签名。
|漏洞EXP
source: http://www.securityfocus.com/bid/34783/info
 
GnuTLS is prone to multiple remote vulnerabilities:
 
- A remote code-execution vulnerability
- A denial-of-service vulnerability
- A signature-generation vulnerability
- A signature-verification vulnerability
 
An attacker can exploit these issues to potentially execute arbitrary code, trigger denial-of-service conditions, carry out attacks against data signed with weak signatures, and cause clients to accept expired or invalid certificates from servers.
 
Versions prior to GnuTLS 2.6.6 are vulnerable.

/*
 * Small code to reproduce the CVE-2009-1416 bad DSA key problem.
 *
 * Build it using:
 *
 *  gcc -o cve-2009-1416 cve-2009-1416.c -lgnutls
 *
 * If your gnutls library is OK then running it will print 'success!'.
 *
 * If your gnutls library is buggy then running it will print 'buggy'.
 *
 */

#include <stdio.h>
#include <stdarg.h>
#include <stdlib.h>

#include <gcrypt.h>
#include <gnutls/gnutls.h>

int
main (void)
{
  gnutls_x509_privkey_t key;
  gnutls_datum_t p, q, g, y, x;
  int ret;

  gnutls_global_init ();
  gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);

  ret = gnutls_x509_privkey_init (&key);
  if (ret < 0)
    return 1;

  ret = gnutls_x509_privkey_generate (key, GNUTLS_PK_DSA, 512, 0);
  if (ret < 0)
    return 1;

  ret = gnutls_x509_privkey_export_dsa_raw (key, &p, &q, &g, &y, &x);
  if (ret < 0)
    return 1;

  if (q.size == 3 && memcmp (q.data, "\x01\x00\x01", 3) == 0)
    printf ("buggy\n");
  else
    printf ("success!\n");

  gnutls_free (p.data);
  gnutls_free (q.data);
  gnutls_free (g.data);
  gnutls_free (y.data);
  gnutls_free (x.data);

  gnutls_x509_privkey_deinit (key);
  gnutls_global_deinit ();

  return 0;
}
|参考资料

来源:MLIST
名称:[gnutls-devel]20090430AllDSAkeysgeneratedusingGnuTLS2.6.xarecorrupt[GNUTLS-SA-2009-2][CVE-2009-1416]
链接:http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3516
来源:VUPEN
名称:ADV-2009-1218
链接:http://www.vupen.com/english/advisories/2009/1218
来源:SECTRACK
名称:1022158
链接:http://www.securitytracker.com/id?1022158
来源:BID
名称:34783
链接:http://www.securityfocus.com/bid/34783
来源:MANDRIVA
名称:MDVSA-2009:116
链接:http://www.mandriva.com/security/advisories?name=MDVSA-2009:116
来源:GENTOO
名称:GLSA-200905-04
链接:http://security.gentoo.org/glsa/glsa-200905-04.xml
来源:SECUNIA
名称:35211
链接:http://secunia.com/advisories/35211
来源:SECUNIA
名称:34842
链接:http://secunia.com/advisories/34842
来源:MLIST
名称:[help-gnutls]20090420EncryptionusingDSAkeys
链接:http://lists.gnu.org/archive/html/help-gnutls/2009-04/msg00018.html