Neil Hopcroft

A digital misfit

I was intrigued to note these vulnerabilities and would bet good money there are hundreds more such defects in that code. It is trivial to test for this kind of vulnerability if you put a bit of thought into it but nobody bothers.


Categories: Memories.

/ 5 Comments

5 comments

  2. neilh

    ASN1? Its quite widely used in certain types of data transfer, one of the big areas its used in is X500 directory services, so anything based on that will have a parser (X509 certificates, SNMP, SET, etc), I think it also turns up in a bunch of scientific instrument protocols, but I don’t know.

    It is a data structure that is able to represent arbitrary data in such a way that it is still possible to parse the data even if some parts of it are not understood – type-length-value encoding, where it is possible for types to be composite.

    There are some significant problems with it, the main one being a confusion over the encoding rules for it – ASN1 itself is just that, an Abstract Syntax Notation, you need to specify some encoding rules to be able to transfer it. There are a whole bunch of different encoding rules, but the two most common are DER and BER, Distinguished and Basic Encoding Rules. DER is a subset of BER, in the sense that DER is always valid BER but BER is not always valid DER. Given this most people just implement a BER parser which will accept either, in security sensitive contexts this is an incorrect thing to do since BER leaves plenty of opportunity for an attacker to ‘legally’ adjust the data to match a signature (if they’ve got a reasonable birthday attack on the signature, something that could be expected if you’re looking at, say, all the certificates issued by Verisign).

    Another problem is that corruption of any single byte within a DER encoded structure may render the entire structure incomprehensible. Arguably this is a good thing in a security context, but it does mean that your parser needs to be strong enough to deal with the kinds of things that go wrong if that happens. This is the vulnerability noted in the article, the OpenSSL parser isn’t robust to badly formed data, leaving potential for buffer overruns, and since a lot of those buffers live on the stack theres a reasonably simple way in if you know what you’re doing.

    There are plenty of other problems with ASN1 – multitudinous string encodings (plenty of opportunity for homoglyphs and other nasties), complexity of specification, poor handling of arbitrary extensions. But I’ve got to go to work now…

    Reply
  3. neilh

    Only the other day I was wondering what you’d give me for a postmodernist narcissistic paranoia, but I don’t suppose thats really worth much since nearly everyones got one – they just don’t know it.

    How about a paranoia about waking up in the middle of the night with everything around me shaking? I think it was another earthquake, but it might be a well deserved haunting.

    Or why are they only sending us contractors to Helsinki & Tampere next week, no permies?

    Reply
  4. neilh

    Alright, Helsinki car rental desk, sunday evening. Have you checked out the dispatch rider this time? We don’t want any repeats of the Brazil incident.

    Reply

Leave a Reply

Your email address will not be published.