Full Disclosure mailing list archives
Re: [TZO-27-2009] Firefox Denial of Service (Keygen)
From: Pete Licoln <pete.licoln () gmail com>
Date: Wed, 27 May 2009 22:45:32 -0400
Looks like some doctors have made some in vitro fertilization fuzzing with jeremy a while ago ... 2009/5/27 Jeremy Brown <0xjbrown41 () gmail com>
Looks like somebody's been using a browser fuzzer :) On Wed, May 27, 2009 at 9:14 PM, Thierry Zoller <Thierry () zoller lu> wrote:________________________________________________________________________ From the very-low-hanging-fruit-department Firefox Denial of Service (KEYGEN) ________________________________________________________________________ Release mode: Forced release. Ref : [TZO-27-2009] - Firefox Denial of Service (KEYGEN) WWW :http://blog.zoller.lu/2009/04/advisory-firefox-denial-of-service.htmlVendor : http://www.firefox.com Status : No patch CVE : none provided Credit : none Bugzilla entry: https://bugzilla.mozilla.org/show_bug.cgi?id=469565 Security notification reaction rating : There wasn't any appropriatereaction.Notification to patch window : x+n Disclosure Policy :http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.htmlAffected products : - Firefox 3.0.10 (Windows) - Likely : All Firefox versions supporting the KEYGEN tag. I. Background ~~~~~~~~~~~~~ Firefox is a popular Internet browser from the Mozilla Corporation. In2007 theMozilla Corporation had a revenue of over 75 million dollars [1], out of which 68 million where made with a search advertising deal, in otherwords withthe search box in Firefox that defaults to Google. I envy the spirit of everyone that works on Firefox code in their sparetime,for free. II. Description ~~~~~~~~~~~~~~~ This bug is a simple design bug that results in an endless loop (andinterestingmemory leaks). Once upon a time Netscape thought it would be a great idea to add thekeygen tag(<keygen>) as a feature to their Browser. The keygen tag offers a simplewayof automatically generating key material using various algorithms. Forinstanceit is possible to generate RSA, DSA and EC key material. "The public key and challenge string are DER encoded asPublicKeyAndChallenge andthen digitally signed with the private key to produce aSignedPublicKeyAndChallenge.The SignedPublicKeyAndChallenge is base64 encoded, and the ASCII data isfinallysubmitted to the server as the value of a name-value pair, where the nameisspecified by the NAME attribute of the KEYGEN tag." More information:https://developer.mozilla.org/En/HTML/HTML_Extensions/KEYGEN_TagThis feature includes the automatic submission of the public part to ascript,the crux. The Keygen tag reloads the document by submitting the publickey as an argumentto the current URI. Combining this with a javascript body onload() call (or meta refresh) results in an neat endless loop blocking access to theUI.Furthermore memory is leaked during the process. III. Impact ~~~~~~~~~~~ The browser doesn't respond any longer to any user input, tabs are no longer accessible, your work if any might be lost. Restarting the Firefox process and restoring the previous Firefox session will re-spawn the tab and start the loop again. According to a Bugzilla entry memory is also leaked during the process. So let's recap, we have a function that generates key material andloopingcauses memory to leak. One might think this should be important enough to investigate, especially if you know that for DSA for instance, only a few bits of k can reveal an entire private key. [3] Note: I am not saying the memory leaks include key material, seeing thelackof interest this bugzilla ticket triggered, I have not consideredinvestigatingfurther. What I am saying is that if security is taken seriously memory leaks that directly or indirectly happen during key generation need to be investigated thoroughly. IV. Proof of concept (hold your breath) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <html> <body onLoad="document.forms[0].submit()"> <FORM> <KEYGEN NAME="somekey" CHALLENGE="1125983021"> <INPUT TYPE="submit" NAME="SubmitButton" VALUE="Done"> </FORM> </html> Live : http://secdev.zoller.lu/ff_dos_keygen.html IV. Disclosure timeline ~~~~~~~~~~~~~~~~~~~~~~~~~ DD/MM/YYYY 14/12/2008 : Created bugzilla entry (security) with (the wrong) proof ofconceptfile. 14/12/2008 : Attached the correct POC file (mea culpa) and a stack traceand detailsof memory corruption that repeatedly occurred during testingthe POC24/12/2008 : dveditz () mozilla com comments : "I can definitely confirmthe denialof service aspect, and there's a very minor memory leak(after 9hours of CPU time memory use went from 60MB to 360MB).Haven't beenable to reproduce a crash." 27/05/2009 : The 4 month grace period [2] given is reached. Release ofthis advisory.[1]http://www.mozilla.org/foundation/documents/mf-2007-audited-financial-statement.pdfhttp://www.guidestar.org/FinDocuments//2007/200/097/2007-200097189-047bbaa9-9.pdf[2]http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html[3] http://rdist.root.org/?s=dsa _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [TZO-27-2009] Firefox Denial of Service (Keygen) Thierry Zoller (May 27)
- Re: [TZO-27-2009] Firefox Denial of Service (Keygen) Jeremy Brown (May 27)
- Re: [TZO-27-2009] Firefox Denial of Service (Keygen) Pete Licoln (May 27)
- Re: [TZO-27-2009] Firefox Denial of Service (Keygen) Tavis Ormandy (May 28)
- Message not available
- Re: [TZO-27-2009] Firefox Denial of Service (Keygen) Tavis Ormandy (May 28)
- Re: [TZO-27-2009] Firefox Denial of Service (Keygen) Thierry Zoller (May 28)
- Re: [TZO-27-2009] Firefox Denial of Service (Keygen) Tavis Ormandy (May 28)
- Re: [TZO-27-2009] Firefox Denial of Service (Keygen) Nico Golde (May 28)
- Message not available
- Re: [TZO-27-2009] Firefox Denial of Service (Keygen) Jeremy Brown (May 27)