Vulnerability title: Remote SSL VPN Endpoint Identity Not Verified In Viprinet Multichannel VPN Router 300
|Product:||Multichannel VPN Router 300|
|Reported by:||Tim Brown|
In order for the hardware VPN client on the affected device to establish a VPN channel it connects to the remote VPN endpoint and initiates an SSL connection using TLSv1.1. It then initiates the following exchange (protocol version 2):
client> VERSION 3 server> ERROR client> VERSION 2 server> +OK Protocol version 2 chosen client> TUNNEL test server> +OK Tunnel chosen client> PASS test server> +OK You are now authenticated client> CHANNEL test server> +OK Channel selected client> DATA
The hardware VPN client does not validate the remote VPN endpoint identity (through the checking of the endpoint's SSL key) before initiating the exchange.
In this example, we perform a downgrade attack from protocol version 3 to protocol version 2, however as noted in the impact, version 3 of the protocol is similarly affected.
Note: MITRE have assigned CVE-2014-9754 to reference the missing certificate validation and CVE-2014-9755 to reference the protocol downgrade attack.
An attacker could perform an active "Man-In-The-Middle" attack. The underlying protocol is text based and can easily be manipulated. On version 2 of the protocol, the password is sent in plain text, whilst on version 3, the password is obfuscated using a fixed SHA based HMAC. Irrespective of the protocol version, this also allows for replay attacks.
The proof of concept exploit is available.
The vendor has released a patch.
|30/01/2014||Initial vendor contact established|
|30/01/2014||Vendor responded||03/11/2015||MITRE assigned CVE-2014-9754 and CVE-2014-9755|
Copyright @ Portcullis Computer Security Limited 2015, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited.
The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user’s risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.