-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SIP over TLS: X.509 peer authentication vulnerability in Ingate products ======================================================================== Product: Ingate Firewall and Ingate SIParator Versions: all current versions Tracking ID: 2829 Summary ======= The OpenSSL project has released an advisory titled "RSA Signature Forgery (CVE-2006-4339)". This advisory possibly affects some installations of Ingate Firewall and Ingate SIParator. To be affected, you have to use an external CA and SIP over TLS. See below for details. The IPsec implementation is not affected by this issue. Impact ====== It may be possible for an attacker to connect using SIP over TLS even if an X.509 client certificate is required. It may be possible for an attacker to intercept connections to TLS-secured servers that the Ingate product initiates. Affected versions ================= All current versions of Ingate Firewall and Ingate SIParator are affected. Details ======= The vulnerability is only exploitable if an X.509 certificate uses an RSA key with exponent 3. The Ingate product never creates such keys by itself, but if an external CA is used, and if that CA uses exponent 3, the configuration may be vulnerable. Most CAs uses exponent 65537, and certificates issued by them are not vulnerable. SIP installations are vulnerable if any of the certificates in the "TLS CA Certificates" table on the "Signaling Encryption" tab uses exponent 3. How to determine if an X.509 certificate uses exponent 3 ======================================================== If you have the OpenSSL package installed, you can examine a certificate with a command such as this (assuming that the X.509 certificate is stored in PEM format in the file named "cert.cer"). openssl x509 -inform pem -in cert.cer -text Among the lines printed, there will be a line such as: Exponent: 65537 (0x10001) If it says 3 instead of 65537 the certificate is vulnerable. Workarounds =========== Switch to a CA that don't use exponent 3. If that is not possible, turn off the SIP module. Fix === Since Ingate believes that few of our customers use an external CA that uses exponent 3, we plan to resolve this issue in the next regular release. Contact <support@xxxxxxxxxx> to obtain a patch that fixes this problem if you are affected. Background ========== The OpenSSL advisory is available here: http://www.openssl.org/news/secadv_20060905.txt Further questions regarding this issue can be directed to support@xxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFFCRhgTl5zjNKUYI4RAncPAJ0YvMYY9M9elI7Wtt5djt0ZzUg2TQCeKBe8 Gro5v7fwPMRlCU4Kxzj+M7A= =iTB4 -----END PGP SIGNATURE-----