Secure Computing's SafeWord PremierAccess product (earlier known as SafeWord Plus) is an access control system capable of using several different authentication mechanisms for controlling access to network resources. The most used mechanism is one time passwords, generated by hardware or software authenticators, similar to SecureID's token based authentication. The SafeWord system consists of a central authentication server that uses a proprietary protocol to communicate with different authentication agents. Secure Computing provides many kinds of such agents, including web server plug-ins, PAM libraries and a RADIUS server that can proxy RADIUS authentication requests to the SafeWord server. One of the provided agents is an ssh server that has been modified to authenticate users by sending authentication requests on to the SafeWord server, using the proprietary protocol. The distribution of this ssh server consists of the slightly modified source of SSH.com's ssh 1.2.27, along with libraries (in binary form) for communicating with the SafeWord server. (As a side note, I suspect this constitutes a license violation, since Secure Computing is distributing the source in a modified form, rather than distributing the pristine source along with a set of patches. IANAL, though.) This ssh server is vulnerable to the by now well-known CRC-32 compensation attack detector vulnerability, described in CERT incident note IN-2001-12 (http://www.cert.org/incident_notes/IN-2001-12.html). I would urge all users of this ssh server, called SafeWord Agent for SSH, to either replace it with OpenSSH and use the SafeWord PAM libraries for authentication, or to carry over Secure Computing's modifications of the ssh 1.2.27 sources to ssh 1.2.32, which is not vulnerable. This later operation is rather trivial. Please note, though, that ssh 1.x is officially deprecated by SSH.com. Secure Computing was contacted about this vulnerability on Nov 10, 2001 (ticket #42085). Their support department was helpful in working out the details with me, and the information "was passed along to the development team for their consideration". Then nothing happened. Despite further contact on Nov 20, urging the seriousness of the vulnerability, Secure Computing has taken no action, has issued no advisory, and are still distributing the vulnerable ssh server from their web site. Since this vulnerability is being actively exploited on the Internet, in what appears to be a large scale manner, I have decided to take this to the public. -- Leif Nixon Network security Ericsson SoftLab AB ---------------------------------------------------------- E-mail: nixon@softlab.ericsson.se Phone: +46 13 23 57 61 ----------------------------------------------------------
