SA84 : BERserk NSS Signature Vulnerability
SUMMARY
Blue Coat products using Mozilla Network Security Services (NSS) for certificate validation are vulnerable to certificate validation flaw when validating RSA X.509 certificates. A remote attacker may exploit this vulnerability using a specially crafted X.509 certificate to spoof a legitimate certificate.
AFFECTED PRODUCTS
The following products are vulnerable:
Content Analysis System
CAS 1.1.x prior to 1.1.5.6 and 1.2.x prior to 1.2.3.1 are vulnerable. CAS 1.3 is not vulnerable.
Director
Director 6.1 prior to 6.1.21.1 is vulnerable. Director uses NSS for update image downloads and connections to Blue Coat.
Management Center
MC 1.x prior to 1.2.1.1 is vulnerable. MC 1.3, 1.4, 1.5, 1.6, 1.7, and 1.8 are not vulnerable. MC uses NSS for Java, SSH, and LDAPS connections.
Security Analytics
SA 6.6 prior to 6.6.10, 7.0, and 7.1 prior to 7.1.5 are vulnerable. SA 7.2 is not vulnerable.
X-Series
All versions of XOS are vulnerable. XOS uses NSS only for LDAPS connections, however LDAP is not enabled by default.
Patches
Content Analysis System
CAS 1.2 - a fix is available in 1.2.3.1.
CAS 1.1 - a fix is available in 1.1.5.6.
Director
Director 6.1 - a fix is available in 6.1.21.1.
Management Center
MC 1.2 - a fix is available in 1.2.1.1.
MC 1.1 - a fix will not be provided.
Security Analytics
SA 7.1 – a fix is available in 7.1.5.
SA 7.0 – a patch RPM to update the version of OpenSSL is available through Blue Coat Support.
SA 6.6 – a fix is available in 6.6.10.
SA 6.0 – an updated release with a fix will not be provided, please upgrade to the latest SA version with a fix.
XOS
XOS 11.0.0 – a fix is available in 11.0.0.
XOS 10.0 – a fix is available in 10.0.3.
XOS 9.7 – a fix is available in 9.7.6.
XOS 9.6 – a fix is available in 9.6.10.
XOS prior to 9.6 – a fix will not be provided. Please upgrade to the latest XOS release with the vulnerability fix.
ADDITIONAL PRODUCT INFORMATION
The following products are not vulnerable:
Advanced Secure Gateway
Android Mobile Agent
Auth Connector
BCAAA
CacheFlow
Client Connector
Cloud Data Protection for Salesforce
Cloud Data Protection for Salesforce Analytics
Cloud Data Protection for ServiceNow
Cloud Data Protection for Oracle CRM On Demand
Cloud Data Protection for Oracle Field Service Cloud
Cloud Data Protection for Oracle Sales Cloud
Cloud Data Protection Integration Server
Cloud Data Protection Communication Server
Cloud Data Protection Policy Builder
General Auth Connector Login Application
IntelligenceCenter
IntelligenceCenter Data Collector
K9
Mail Threat Defense
Malware Analysis Appliance
Malware Analyzer G2
Norman Shark Industrial Control System Protection
Norman Shark Network Protection
Norman Shark SCADA Protection
OPIC
PacketShaper
PacketShaper S-Series
PolicyCenter
PolicyCenter S-Series
ProxyAV
ProxyAV ConLog and ConLogXP
ProxyClient
ProxySG
Reporter
SSL Visibility
Unified Agent
Blue Coat no longer provides vulnerability information for the following products:
DLP
Please contact Digital Guardian technical support regarding vulnerability information for DLP.
ISSUES
CVE-2014-1568 - 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P)
The Mozilla Network Security Services (NSS) library incorrectly parses PKCS#1 v1.5 padded signatures. This flaw allows an attacker to forge a digital certificate when an RSA key with a low public exponent is used. This vulnerability is a variant of the Bleichenbacher flaw.
Blue Coat products that use the NSS library for signature validation of a client or server certificate are vulnerable. Certificates are validated most often during the SSL/TLS session establishment. Certificates may also be validated as part of certificate based authentication using other protocols.
REFERENCES
CVE-2014-1568 - https://nvd.nist.gov/vuln/detail/CVE-2014-1568
US CERT VU#772676 - https://www.kb.cert.org/vuls/id/772676
Mozilla Foundation Security Advisory 2014-73 - https://www.mozilla.org/en-US/security/advisories/mfsa2014-73/
REVISION
2017-02-15 MC 1.8 is not vulnerable. Vulnerability inquiries for DLP should be addressed to Digital Guardian technical support. SA status moved to Final.
2016-11-17 Cloud Data Protection for Oracle Field Service Cloud is not vulnerable.
2016-11-14 MC 1.6 and 1.7 are not vulnerable.
2016-09-15 Advanced Secure Gateway is not vulnerable.
2016-08-11 Security Analytics 7.2 is not vulnerable.
2016-06-16 PolicyCenter S-Series is not vulnerable.
2016-05-21 General Auth Connector Login Application and K9 are not vulnerable. MC 1.3, 1.4, and 1.5 are not vulnerable.
2016-05-20 ProxyAV ConLog and ConLogXP is not vulnerable. CAS 1.3 is not vulnerable.
2016-05-11 No Cloud Data Protection products are vulnerable.
2016-04-23 Mail Threat Defense is not vulnerable.
2016-01-21 Director is vulnerable and a fix is available.
2016-01-19 CacheFlow, IntelligenceCenter, and IntelligenceCenter Data Collector are not vulnerable.
2016-01-18 PolicyCenter is not vulnerable
2016-01-14 PacketShaper is not vulnerable
2015-12-02 All fixes are available for Security Analytics Platform
2015-10-01 SSLV is not vulnerable
2015-09-30 Fix is available for CAS 1.1
2015-7-02 Fixes are available for XOS 9.6 and later
2015-03-12 Fixes are available for Security Analytics
2015-03-11 IntelligenceCenter is under investigation
2015-03-04 SSL Visibility is under investigation
2015-03-03 Fix is available for MC
2015-02-20 Norman Shark products, Auth Connector, and BCAAA are not vulnerable
2015-02-19 PacketShaper S-Series is not vulnerable
2015-02-17 Specifically noted products that are not vulnerable - Android Mobile Agent, Client Connector, MAA, MAG2, OPIC, ProxyAV, ProxyClient, ProxySG, Reporter, Unified Agent
2015-01-21 MAA and MAG2 are not vulnerable. ProxyAV is not vulnerable. Fix is available for CAS 1.2.
2015-01-20 Advanced Secure Gateway Limited Availability version is vulnerable
2014-12-22 MC 1.1 will not be fixed
2014-11-17 Initial public release