Tried, Tested and Proven

Vulnerability title: Remote SSL VPN Endpoint Identity Not Verified In Viprinet Multichannel VPN Router 300

CVE: CVE-2014-9754, CVE-2014-9755
Vendor: Viprinet
Product: Multichannel VPN Router 300
Affected version: 2013070830/2013080900
Fixed version: 2014013131/2014020702
Reported by: Tim Brown

Details:

In order for the hardware VPN client on the affected device to establish a VPN channel it connects to the remote VPN endpoint and initiates an SSL connection using TLSv1.1. It then initiates the following exchange (protocol version 2):

client> VERSION 3
server> ERROR
client> VERSION 2
server> +OK Protocol version 2 chosen
client> TUNNEL test
server> +OK Tunnel chosen
client> PASS test
server> +OK You are now authenticated
client> CHANNEL test
server> +OK Channel selected
client> DATA

The hardware VPN client does not validate the remote VPN endpoint identity (through the checking of the endpoint's SSL key) before initiating the exchange.

In this example, we perform a downgrade attack from protocol version 3 to protocol version 2, however as noted in the impact, version 3 of the protocol is similarly affected.

Note: MITRE have assigned CVE-2014-9754 to reference the missing certificate validation and CVE-2014-9755 to reference the protocol downgrade attack.

Impact:

An attacker could perform an active "Man-In-The-Middle" attack. The underlying protocol is text based and can easily be manipulated. On version 2 of the protocol, the password is sent in plain text, whilst on version 3, the password is obfuscated using a fixed SHA based HMAC. Irrespective of the protocol version, this also allows for replay attacks.

Exploit:

The proof of concept exploit is available.

Remediation:

The vendor has released a patch.

Vendor status:

30/01/2014 Initial vendor contact established
30/01/2014 Vendor responded
03/11/2015 MITRE assigned CVE-2014-9754 and CVE-2014-9755
03/11/2015 Published
Copyright:

Copyright @ Portcullis Computer Security Limited 2015, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited.

Disclaimer:

The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user’s risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.