From owner-freebsd-bugbusters@FreeBSD.ORG Thu Feb 13 01:07:46 2014 Return-Path: Delivered-To: bugbusters@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8CE49D2F for ; Thu, 13 Feb 2014 01:07:46 +0000 (UTC) Received: from power.freeradius.org (power.freeradius.org [88.190.25.44]) by mx1.freebsd.org (Postfix) with ESMTP id 476731204 for ; Thu, 13 Feb 2014 01:07:45 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by power.freeradius.org (Postfix) with ESMTP id 7415C2240165; Thu, 13 Feb 2014 02:00:08 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at power.freeradius.org Received: from power.freeradius.org ([127.0.0.1]) by localhost (power.freeradius.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hTsWu2jwZkVK; Thu, 13 Feb 2014 02:00:07 +0100 (CET) Received: from Thor.local (unknown [70.50.217.206]) by power.freeradius.org (Postfix) with ESMTPSA id A73762240159; Thu, 13 Feb 2014 02:00:06 +0100 (CET) Message-ID: <52FC1916.4060501@freeradius.org> Date: Wed, 12 Feb 2014 20:00:06 -0500 From: Alan DeKok User-Agent: Thunderbird 2.0.0.24 (Macintosh/20100228) MIME-Version: 1.0 To: Pierre Carrier Subject: Re: freeradius denial of service in authentication flow References: In-Reply-To: X-Enigmail-Version: 0.96.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: secalert , pkgsrc-security , security@ubuntu.com, security@freeradius.org, pupykin.s+arch@gmail.com, security@debian.org, bugbusters , product.security@airbnb.com X-BeenThere: freebsd-bugbusters@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Coordination of the Problem Report handling effort." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Feb 2014 01:07:46 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pierre Carrier wrote: > Some forms of SSHA, including forms that would be validated by servers > applying standard constraints on the user's password attribute, will > generate lengths over 64 bytes after hex-decoding. Do you have examples of such SSHA passwords? That would help with testing. Right now, it's not clear to me why this happens. The code does a number of checks for size of password in the various encodings. What, exactly, is going wrong? > Terrible hotfix quickly packaged to avoid constant crashes here, does > not address the vulnerability: > > --- freeradius-2.1.10+dfsg.orig/src/modules/rlm_pap/rlm_pap.c > +++ freeradius-2.1.10+dfsg/src/modules/rlm_pap/rlm_pap.c > @@ -244,7 +244,7 @@ > static void normify(REQUEST *request, VALUE_PAIR *vp, size_t min_length) > { > size_t decoded; > - uint8_t buffer[64]; > + uint8_t buffer[4096]; The checks in the code rely on sizeof(buffer). Making "buffer" bigger prevents small passwords from causing the issue. But larger ones could still cause it. I'd like to reproduce this, and come up with a definitive fix for the problem. I'd need examples of SSHA passwords to be sure. > On environments where such an issue did not arise previously, a user > allowed to provide *validated* SSHA values to their LDAP servers can > easily trigger denial of services, as the freeradius server will crash > on every authentication attempt. That's an issue, but a rare one IMHO. The user has to exist on the system. So this isn't a remote DoS. Alan DeKok. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBUvwZFqkul4vkAkl9AQJohgQAmAw3IbPAuA0DprpviCPiOMtJ+DTQZ8i8 FrBlXOIoAYU2f7Li4M8PSDizvrGaKIoXtwoMbLiJKfTWobWroOu8Ew1Yu+rKDbQG 4dMT7KoOaEky79A4kNGsbjAObny7G5+ckxaVxfNE+r2DyrWHyOPfqbKtb/PO0NrC JVyo0LHuFP4= =q9tL -----END PGP SIGNATURE-----