-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Shibboleth Security Advisory [25 July 2011] Updated versions of the Shibboleth Project's OpenSAML software in Java and C++ are available which correct a security issue. This general issue affects BOTH Identity and Service Provider deployments, so a single advisory is being issued for both. For the Identity Provider, this issue is rated as "important". An unauthenticated remote attacker could leverage the flaw to obtain unauthorized access to user data under certain circumstances. For the Service Provider, this issue is rated as "critical", and allows an unauthenticated remote attacker to access protected resources. Deployers should take immediate steps as outlined in this advisory and apply the relevant update(s) at the soonest possible moment. OpenSAML software is vulnerable to XML Signature wrapping attacks ======================================================================= The Shibboleth software relies on the OpenSAML libraries to perform verification of signed XML messages such as attribute queries or SAML assertions. Both the Java and C++ versions are vulnerable to a so-called "wrapping attack" that allows a remote, unauthenticated attacker to craft specially formed messages that can be successfully verified, but contain arbitrary content. Identity Provider Vulnerability - -------------------------------- The Identity Provider software relies on the Java version of OpenSAML and is vulnerable to attacks when XML message signing is used in place of TLS client authentication for requests such as attribute queries or SAML artifact resolution. It is also vulnerable to attacks involving signed AuthnRequest messages, but these are not critical in most deployments. Some vulnerabilities also exist with use of the extension that supports delegation of user access, which is not included with the core software, but available as an add-on. All versions of the Identity Provider software prior to V2.3.2 ship with a version of OpenSAML containing the vulnerability. Some mitigation for these attacks is possible by disabling support for accepting signed messages. See below for information on this option. Identity Provider Recommendations - ---------------------------------- Upgrade to V2.3.2 of the Identity Provider software to obtain the corrected version of OpenSAML (V2.5.1), per the normal upgrade process: https://wiki.shibboleth.net/confluence/display/SHIB2/IdP2Upgrade If you cannot upgrade immediately, you may mitigate the attack by disabling support for message signing in the security policies defined near the bottom of "relying-party.xml" by commenting out all elements with xsi:type="samlsec:ProtocolWithXMLSignature" and restarting your Java container. Service Provider Vulnerability - ------------------------------- The Service Provider software relies on the C++ version of OpenSAML and is vulnerable to attacks when handling authentication responses from IdPs. This allows an attacker to subvert the security of the system and supply an unauthenticated login identity and data under the guise of a trusted issuer. All versions of the OpenSAML library prior to V2.4.3 contain this vulnerability. Note that this refers to the OpenSAML version, *not* the Shibboleth version. To determine the version you're using: - - Windows: check the DLL version for saml2_4.dll in your installation's lib folder (anything older than saml2_4 is obviously too old) - - Linux/RPM: Check the package version using "rpm -qa | grep saml" - - Macport: Use the "port installed" command Do not rely on log files for version determination, as this can be inaccurate and may refer to the version against which the software was compiled. There are no known mitigations to prevent this attack apart from applying this update. Deployers should take immediate steps, and may wish to disable the use of the SP until the upgrade is done. Service Provider Recommendations - --------------------------------- Upgrade to V2.4.3 or later of the OpenSAML library and restart the shibd service/daemon. Sites relying on official RPM packages or Macports can update via the yum and port commands respectively, but should manually restart shibd. The updated library has been built into the Windows installation kits for V2.4.3 of the SP software, and can be found in the "postinstall" ZIP kits provided for SP update. *Any* version of the SP since 2.0 can be safely upgraded by unpacking the latest postinstall ZIP over top of the original software. One exception to this: Windows 2000, which has not been supported since V2.4 was released. Note that older Windows installs may not have the latest Microsoft C/C++ runtime libraries present. Installation kits for both 32-bit and 64-bit runtimes can be found here: http://shibboleth.net/downloads/service-provider/msredist/ Complete details on procedures and caveats for updating Windows installations can be found here: https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPWindowsUpgrade For those using platforms unsupported by the project team directly, refer to your vendor or package source directly for information on obtaining the fixed version. If the update from your vendor lags, you should consider building opensaml from source for your own use as an interim step. Credits - -------- Juraj Somorovsky, Andreas Mayer, Meiko Jensen, Florian Kohlar, Marco Kampmann, Jšrg Schwenk Horst Gšrtz Institute for IT Security, Ruhr-University Bochum Thanks to Juraj Somorovsky for working with the developers to explore and address this issue. URL for this Security Advisory: http://shibboleth.internet2.edu/secadv/secadv_20110725.txt The OpenSAML portion of this advisory has been assigned CVE-2011-1411 by the National Vulnerability Database. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1411 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (Darwin) iEYEAREKAAYFAk4tvFUACgkQpXtW80eQXRWEQgCgoexVudKsBljzuFFs5zF3pbds 9MQAnjy5oyFa3hjn1W6PCVQgHqznOjAl =ELyq -----END PGP SIGNATURE-----