Project

Profile

Help

Issue #1858

CVE-2016-3704: Unsafe use of bash $RANDOM for NSS DB password and seed

Added by rbarlow over 3 years ago. Updated 7 months ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Severity:
3. High
Version:
Platform Release:
2.8.5
Blocks Release:
OS:
Backwards Incompatible:
No
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
QA Contact:
Complexity:
Smash Test:
Verified:
No
Verification Required:
No
Sprint:

Description

In working on another security issue in this same script, I noticed that
Pulp's pulp-qpid-ssl-cfg script uses bash's $RANDOM in unsafe ways. One
of them is already being fixed as part of another CVE (the TMP directory
is unsafe, CVE-2016-3696), but the other two uses are:

0) The default NSS DB password is a single value from $RANDOM,
limiting it to the strings from 0 to 32768:

https://github.com/pulp/pulp/blob/pulp-2.8.2-1/server/bin/pulp-qpid-ssl-cfg#L25

1) The certutil -z flag receives a "noise file". The script uses $RANDOM to
populate a file with numbers to generate this file:

https://github.com/pulp/pulp/blob/pulp-2.8.2-1/server/bin/pulp-qpid-ssl-cfg#L97-L105

Since $RANDOM is used in this way, the seed file ends up having low
diversity since only 11 possible bytes appear in the file: ASCII 0-9 and
newline. Additionally, bash's RANDOM has not been described as a
sound random generator for such purposes.

pwgen can be used to fix #0, but I'm not sure we want to depend
on pwgen. One possibility is to avoid having a default password and force
the user to provide one. Suggestions for this problem welcome.

For #1 we should just grab 8 kB from /dev/urandom and call it a day.

Associated revisions

Revision 1b9b635d View on GitHub
Added by rbarlow over 3 years ago

CVE-2016-3704: Use stronger seed and DB password. (#2555)

Pulp's pulp-qpid-ssl-cfg script used bash's $RANDOM in unsafe
ways:

0) The default NSS DB password was a single value from $RANDOM,
limiting it to the strings from 0 to 32768.

1) The certutil -z flag receives a "noise file". The script
used $RANDOM to populate a file with numbers to generate this
file. Since $RANDOM was used in this way, the seed file
had low diversity since only 11 possible bytes appeared in the
file (ASCII 0-9 and newline).

This commit alters the script to use /dev/urandom as the source
for generating the DB password and the seed.

https://pulp.plan.io/issues/1858

fixes #1858

Revision 1b9b635d View on GitHub
Added by rbarlow over 3 years ago

CVE-2016-3704: Use stronger seed and DB password. (#2555)

Pulp's pulp-qpid-ssl-cfg script used bash's $RANDOM in unsafe
ways:

0) The default NSS DB password was a single value from $RANDOM,
limiting it to the strings from 0 to 32768.

1) The certutil -z flag receives a "noise file". The script
used $RANDOM to populate a file with numbers to generate this
file. Since $RANDOM was used in this way, the seed file
had low diversity since only 11 possible bytes appeared in the
file (ASCII 0-9 and newline).

This commit alters the script to use /dev/urandom as the source
for generating the DB password and the seed.

https://pulp.plan.io/issues/1858

fixes #1858

Revision 1b9b635d View on GitHub
Added by rbarlow over 3 years ago

CVE-2016-3704: Use stronger seed and DB password. (#2555)

Pulp's pulp-qpid-ssl-cfg script used bash's $RANDOM in unsafe
ways:

0) The default NSS DB password was a single value from $RANDOM,
limiting it to the strings from 0 to 32768.

1) The certutil -z flag receives a "noise file". The script
used $RANDOM to populate a file with numbers to generate this
file. Since $RANDOM was used in this way, the seed file
had low diversity since only 11 possible bytes appeared in the
file (ASCII 0-9 and newline).

This commit alters the script to use /dev/urandom as the source
for generating the DB password and the seed.

https://pulp.plan.io/issues/1858

fixes #1858

Revision d86b111b View on GitHub
Added by Randy Barlow over 3 years ago

Add release notes for the CVEs included with Pulp 2.8.4.

re #1854
re #1858

Revision d86b111b View on GitHub
Added by Randy Barlow over 3 years ago

Add release notes for the CVEs included with Pulp 2.8.4.

re #1854
re #1858

Revision d86b111b View on GitHub
Added by Randy Barlow over 3 years ago

Add release notes for the CVEs included with Pulp 2.8.4.

re #1854
re #1858

History

#1 Updated by rbarlow over 3 years ago

  • Description updated (diff)

#2 Updated by rbarlow over 3 years ago

  • Description updated (diff)

#3 Updated by rbarlow over 3 years ago

  • Severity changed from 2. Medium to 3. High

#4 Updated by rbarlow over 3 years ago

  • Description updated (diff)

#5 Updated by rbarlow over 3 years ago

  • Subject changed from CVE-2016-XXXX: Unsafe use of bash $RANDOM for NSS DB password and seed to CVE-2016-3700: Unsafe use of bash $RANDOM for NSS DB password and seed

#6 Updated by rbarlow over 3 years ago

  • Subject changed from CVE-2016-3700: Unsafe use of bash $RANDOM for NSS DB password and seed to CVE-2016-3704: Unsafe use of bash $RANDOM for NSS DB password and seed

#7 Updated by rbarlow over 3 years ago

  • Status changed from ASSIGNED to POST

#8 Updated by rbarlow over 3 years ago

  • Platform Release set to 2.8.4

#9 Updated by dkliban@redhat.com over 3 years ago

  • Triaged changed from No to Yes

#10 Updated by rbarlow over 3 years ago

  • Status changed from POST to MODIFIED
  • % Done changed from 0 to 100

#11 Updated by semyers over 3 years ago

  • Status changed from MODIFIED to ON_QA

#12 Updated by semyers over 3 years ago

  • Platform Release changed from 2.8.4 to 2.8.5

#13 Updated by semyers over 3 years ago

  • Status changed from ON_QA to MODIFIED

#15 Updated by semyers over 3 years ago

  • Status changed from MODIFIED to ON_QA

#16 Updated by semyers over 3 years ago

  • Status changed from ON_QA to CLOSED - CURRENTRELEASE

#18 Updated by bmbouter 7 months ago

  • Tags Pulp 2 added

Please register to edit this issue

Also available in: Atom PDF