Attachmate Security Updates for US-CERT Vulnerability #845620: RSA Public Exponent 3

  • 7021933
  • 19-Oct-2006
  • 01-Apr-2018

Environment

Reflection for Secure IT version 6.0 - 6.1
Reflection for UNIX and OpenVMS 2008 R1
Reflection for HP, UNIX and OpenVMS version 8.0 - 13.0.4, 14.0
Reflection for IBM 2008 R1
Reflection for IBM 2007
Reflection for IBM version 8.0 - 13.0.4, 14.0
Reflection X version 10.0 - 13.0.4, 14.0
Reflection FTP Client version 10.0 - 13.0.4, 14.0
EXTRA! X-treme version 9.0 SP1 or higher

Situation

A flaw in the signature verification of RSA public keys or certificates could cause Reflection and EXTRA! clients to accept forged signatures from a server resulting in successful man-in-the-middle attacks. This technical note describes the vulnerability (US-CERT Vulnerability Note VU #845620), affected Reflection and EXTRA! applications, and available solutions and workarounds.

Resolution

Vulnerability Details

There is a flaw in signature verification that affects RSA public keys and digital certificates created with a public exponent of 3. This flaw results from improper processing of the PKCS-1 padding before generating the hash. This allows a remote attacker to forge the PKCS#1 v1.5 signature signed by the RSA key and attempt a man-in-the-middle attack by masquerading as the valid server.

For details, see the CERT web site at http://www.kb.cert.org/vuls/id/845620.

Affected Attachmate Applications

The following Attachmate applications are vulnerable:

Secure Shell connections:
Reflection SFTP Client 6.0 – 6.1
Reflection for Secure IT 6.0 – 6.1
Reflection for HP 10.0 – 13.0.4, 14.0
Reflection for UNIX and OpenVMS 10.0 – 13.0.4, 14.0
Reflection for ReGIS Graphics 10.0 – 13.0.4, 14.0
Reflection X 10.0 – 13.0.4, 14.0
Reflection FTP Client 10.0 – 13.0.4, 14.0

SSL/TLS connections:
Reflection for HP 8.0 – 13.0.4, 14.0
Reflection for UNIX and OpenVMS 2008 R1
Reflection for UNIX and OpenVMS 8.0 or higher
Reflection for ReGIS Graphics HP 8.0 – 13.0.4, 14.0
Reflection for IBM 2008 R1
Reflection for IBM 2007
Reflection for IBM HP 8.0 – 13.0.4, 14.0
Reflection FTP Client HP 8.0 – 13.0.4, 14.0
EXTRA! X-treme 9.0 SP1 or higher

Solution

Product patches and service packs are available to correct this vulnerability in all affected applications. Maintained customers can obtain all necessary product updates from the Attachmate Download Library as directed below.

Reflection for Secure IT Windows Client

Maintained users of Reflection for Secure IT Windows Client version 6.0 and 6.1 should upgrade to Reflection for Secure IT Windows Client 6.1 Service Pack 1 (SP1) or higher.

Reflection for Secure IT Windows Server

Maintained users of Reflection for Secure IT Windows Server version 6.0 and 6.1 should upgrade to Reflection for Secure IT Windows Server 6.1 Service Pack 2 (SP2) or higher.

Reflection for Secure IT UNIX Client or UNIX Server

Maintained users of Reflection for Secure IT UNIX Client or UNIX Server version 6.0 and 6.1 should upgrade to Reflection for Secure IT UNIX Client or UNIX Server 6.1 Service Pack 2 (SP2) or higher.

Reflection 2008 and 2007 Products

Maintained users of the following Reflection 2008 products should apply the Reflection service pack appropriate for their product:

Reflection for IBM 2008 R1 SP1 or higher
Reflection for UNIX and OpenVMS 2008 R1 SP1 or higher
Reflection Standard Suite R1 SP1 or higher

Maintained users of Reflection for IBM 2007 should upgrade to Reflection for IBM 2008 R1 SP1 or higher.

Reflection 13.0 – 14.x Products

Maintained users of the following Reflection products (version 13.0 – 14.x) should apply the appropriate Reflection patch or service pack.

Reflection for HP
Reflection for UNIX and OpenVMS
Reflection for IBM
Reflection for Multi-Host Professional
Reflection for Multi-Host Standard
Reflection X
Reflection Suite for X

Maintained users of Reflection 14.0 should upgrade to Reflection 14.0 SP1 or higher. For information about Reflection 14.0 SP1 or higher (including file download details), see KB 7021762.

Maintained users of Reflection 13.0–13.0.4 should upgrade to Reflection 13.0.5 or higher.

For Reflection Windows-based products version 8.012.0.X, contact your sales representative for information about upgrading your product to correct this vulnerability. For information about contacting Attachmate, see https://www.attachmate.com/Worldwide/.

EXTRA! 9.0 SP1 – SP2

Maintained EXTRA! users should upgrade to EXTRA! 9.1 or higher.

Workaround

To workaround this security vulnerability, make sure that all RSA keys are generated with a public exponent greater than 3. The Reflection ssh-keygen utility has never generated RSA keys with public exponents of 3, so any keys generated by this utility are not subject to this vulnerability.

Important Security Note

The security for all of the Reflection and EXTRA! products using the Reflection and EXTRA! security features depends upon the security of the operating system, host, and network environment. Attachmate strongly recommends that you evaluate and implement all relevant security service packs, updates, and patches recommended by your operating system, host, and network manufacturers.

Status

Security Alert

Additional Information

Legacy KB ID

This document was originally published as Attachmate Technical Note 2137.