---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: FreeBSD IPsec AES-XCBC-MAC Authentication Security Issue SECUNIA ADVISORY ID: SA16244 VERIFY ADVISORY: http://secunia.com/advisories/16244/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: >From remote OPERATING SYSTEM: FreeBSD 5.x http://secunia.com/product/1132/ DESCRIPTION: Yukiyo Akisada has reported a security issue in FreeBSD, which potentially can be exploited by malicious people to bypass certain security restrictions. The problem is caused due to an implementation error in IPsec within the AES-XCBC-MAC authentication algorithm, which causes a constant key to be used for authentication instead of the administrator-defined key. This can potentially be exploited to spoof authentication packets from other IP addresses and bypass any IP-based access controls on the vulnerable system. Successful exploitation requires encryption to be disabled. The security issue has been reported in versions 5.3 and 5.4. SOLUTION: Update FreeBSD or apply patch. Fixed versions: 2005-07-27 08:41:44 UTC (RELENG_6, 6.0-BETA2) 2005-07-27 08:41:56 UTC (RELENG_5, 5.4-STABLE) 2005-07-27 08:42:16 UTC (RELENG_5_4, 5.4-RELEASE-p6) 2005-07-27 08:42:38 UTC (RELENG_5_3, 5.3-RELEASE-p20) Patch for FreeBSD 5.x: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:19/ipsec.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:19/ipsec.patch.asc PROVIDED AND/OR DISCOVERED BY: Yukiyo Akisada, Yokogawa Electric Corporation. ORIGINAL ADVISORY: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------