search cancel

Qualys scan ID 38142 - SSL Server Allows Anonymous Authentication Vulnerability - On Symantec Directory (DXserver) DSAs

book

Article ID: 238431

calendar_today

Updated On:

Products

CA Directory

Issue/Introduction

You may get notified by your security team the fact that running a Qualys scan for vulnerabilities, they found (QID:38142 SSL Server Allows Anonymous Authentication Vulnerability) where following active ciphers are available on DSAs that allows anonymous SSL connection.

[Evidence]
CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE
TLSv1.2 SUPPORTS CIPHERS WITH NO AUTHENTICATION          
AECDH-RC4-SHA ECDH None SHA1 RC4(128) MEDIUM
AECDH-DES-CBC3-SHA ECDH None SHA1 3DES(168) MEDIUM
AECDH-AES128-SHA ECDH None SHA1 AES(128) MEDIUM
AECDH-AES256-SHA ECDH None SHA1 AES(256) HIGH


[Solution]
Disable support for anonymous authentication to mitigate this vulnerability.


[Consequence]
An attacker can exploit this vulnerability to impersonate your server to clients.

Testing shows:

-bash-4.2$ openssl s_client -connect <hostname>:<port> -cipher aNULL
CONNECTED(00000003)
---
no peer certificate available
---
No client certificate CA names sent
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 408 bytes and written 301 bytes
---
New, TLSv1/SSLv3, Cipher is AECDH-AES256-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : AECDH-AES256-SHA
    Session-ID: 7EA130E10FF2B2DB8539A55F47A3346A04AA3C49AE4CDDA6602F1C8CAEC6132B
    Session-ID-ctx:
    Master-Key: 423A54FF5EDDBCF84896C782029EF6FD574A93E248C1E59A7ABB284152B664259F5F79A6F6CA415CB10842B8D6889115
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - dc 83 72 c4 ef a9 d4 ba-c7 37 0c 25 43 d3 86 07   ..r......7.%C...
    0010 - b7 96 50 27 13 d9 be d6-6e 70 10 b4 76 97 62 3b   ..P'....np..v.b;
    0020 - 90 43 fc 98 d1 8f b9 e1-3c c0 ff be 64 6b 33 a1   .C......<...dk3.
    0030 - 58 ad 32 c2 b3 23 65 c4-df 94 9d 3b a3 e9 76 7f   X.2..#e....;..v.
    0040 - 7b ee 79 a9 c1 d8 4a 88-aa 30 2d d5 32 47 65 14   {.y...J..0-.2Ge.
    0050 - 33 4b d4 3b dd f2 ea a5-5e 91 89 5a 56 ea 5d f8   3K.;....^..ZV.].
    0060 - 24 70 3e 80 4b d3 ea f3-36 e8 2f dc c5 0b 4f 86   $p>.K...6./...O.
    0070 - b4 46 0f ff 47 1c 5e 6a-42 c8 4c 8d d3 fd c5 46   .F..G.^jB.L....F
    0080 - 9c b5 ac b9 0a 39 76 20-14 88 5d d1 2f e4 94 e3   .....9v ..]./...
    0090 - 89 69 dc 64 6c e0 a4 04-4f bd 19 4c a1 24 ec bb   .i.dl...O..L.$..

    Start Time: 1648816809
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

read:errno=0
-bash-4.2$

Environment

Release : 14.1

Component :

Resolution

To address this, find out the exact SSLD .dxc config file a DSA in question is using. If not sure, look at the SERVERS .dxi file of that DSA.
Within this SSLD .dxc file you will see a line with 'cipher' list defined.

e.g.
cipher = "ALL:!EXPORT40:!ADH:!SSLv2:!EXP:!LOW"

NOTE: If the line is commented out, that means all ciphers are allowed. In that case, uncomment this line and add !AECDH to the list.

i.e.
cipher = "ALL:!EXPORT40:!ADH:!SSLv2:!EXP:!LOW:!AECDH"

Once done, save the file and restart your DSA.

After that run the same openssl command to check and you will notice connection being blocked with ssl handshake error as shown in example below.

Testing shows:

-bash-4.2$ openssl s_client -connect <hostname>:<port> -cipher aNULL
CONNECTED(00000003)
140476201125776:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 151 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1648815988
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
-bash-4.2$

Additional Information

Please note the OpenSSL s-client connectivity test needs to be performed from a different host and not from the same machine where the EEM/CA Directory is running.