Wireless Access

last person joined: 17 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

WebUI & Sweet32 (CVE-2016-2183)

This thread has been viewed 4 times

  • 1.  WebUI & Sweet32 (CVE-2016-2183)

    Posted Nov 18, 2016 03:29 PM

    Got dinged by InfoSec for the Sweet32 issue recently. I reviewed the ArubaOS hardening guide and confirmed that we are running the default `web-server profile ciphers high` configuration. The cipher suites in question are: TLS_RSA_WITH_3DES_EDE_CBC_SHA & TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA. I can't find any mention of deprecating those suites in any recent release notes. Is there anyway to disable them manually?



  • 2.  RE: WebUI & Sweet32 (CVE-2016-2183)

    EMPLOYEE
    Posted Nov 21, 2016 02:40 PM

    This should have been resolved under bug 127301 in the following versions:

    • 6.3.1.22
    • 6.4.2.18
    • 6.4.3.10
    • 6.4.4.6
    • 6.5.0.0

    I didn't have a look at the release notes to see if/how this was documented though...

     

    Here is the actual source code where the ciphersuites are defined, so you can see what is included.  The intent here was to make the non-FIPS version of software behave just like the FIPS version of software.  As you'll see, 3DES has been removed:

    #define HIGH_CIPHER_SUITE "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA"
 
#define MEDIUM_CIPHER_SUITE "IDEA-CBC-SHA:RC4-SHA:RC4-MD5:IDEA-CBC-MD5:RC2-CBC-MD5" 

 #define LOW_CIPHER_SUITE "DES-CBC-SHA:DES-CBC-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA"

     



  • 3.  RE: WebUI & Sweet32 (CVE-2016-2183)

    Posted Nov 21, 2016 02:48 PM

    Thanks, Jon. I just enumerated ciphers on a couple boxes running 6.4.4.9. They are working as you have described. Thanks for the code snippet. That should be enough to shake the security guys ;).



  • 4.  RE: WebUI & Sweet32 (CVE-2016-2183)

    Posted Oct 04, 2017 09:15 AM

    Jon,  Can you tell me if AOS 6.5.1.5 and all newer 6.5.2 were also patched?  We had an auditor do a scan and they are seeing the below on our controller running AOS 6.5.1.5.

     

    sweet32.jpg

    I just disabled the lower versions of TLS.  So now my web-server profile looks like the below.  I think this fixes all the non Sweet32 lines above.  But for the Sweet32 stuff I was already on the "High" Chipher Suite setting.  This is leading me to think the 6.5.1 AOS is not patched???

     

    (Hostname) #show web-server profile

    Web Server Configuration
    ------------------------
    Parameter                                          Value
    ---------                                          -----
    Cipher Suite Strength                              high
    SSL/TLS Protocol Config                            tlsv1.2

     

     

     



  • 5.  RE: WebUI & Sweet32 (CVE-2016-2183)

    EMPLOYEE
    Posted Oct 04, 2017 09:23 AM

    Yes, all patches made to earlier versions of ArubaOS are carried forward to later versions.  I've done a number of scans of my own against 6.5.x and never seen anything like this - I would tend to suspect the scanning tool.  If you happen to have a Linux system handy, you might install "sslscan" and test it for yourself.  If you DO find something wrong I would be very interested in that information, but I suspect something's wrong with the scanner here.



  • 6.  RE: WebUI & Sweet32 (CVE-2016-2183)

    EMPLOYEE
    Posted Oct 04, 2017 10:30 AM

    I decided to run a quick test.  Here's the "sslscan" output for a controller running 6.5.1.5 - I do not see anything that would trigger the "sweet32" warning here:

     

      TLS Fallback SCSV:
Server supports TLS Fallback SCSV

  TLS renegotiation:
Session renegotiation not supported

  TLS Compression:
Compression disabled

  Heartbleed:
TLS 1.2 not vulnerable to heartbleed
TLS 1.1 not vulnerable to heartbleed
TLS 1.0 not vulnerable to heartbleed

  Supported Server Cipher(s):
Preferred TLSv1.2  256 bits  ECDHE-RSA-AES256-GCM-SHA384   Curve P-256 DHE 256
Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
Accepted  TLSv1.2  256 bits  DHE-RSA-AES256-SHA256         DHE 1024 bits
Accepted  TLSv1.2  256 bits  DHE-RSA-AES256-SHA            DHE 1024 bits
Accepted  TLSv1.2  256 bits  AES256-SHA256                
Accepted  TLSv1.2  256 bits  AES256-SHA                   
Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-GCM-SHA256   Curve P-256 DHE 256
Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
Accepted  TLSv1.2  128 bits  DHE-RSA-AES128-SHA256         DHE 1024 bits
Accepted  TLSv1.2  128 bits  DHE-RSA-AES128-SHA            DHE 1024 bits
Accepted  TLSv1.2  128 bits  AES128-SHA256                
Accepted  TLSv1.2  128 bits  AES128-SHA                   

  SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength:    2048

Subject:  securelogin.arubanetworks.com
Altnames: DNS:securelogin.arubanetworks.com
Issuer:   Aruba7210-US-BA0002913

Not valid before: Jan  1 00:00:00 2016 GMT
Not valid after:  Jan 20 04:45:02 2045 GMT


  • 7.  RE: WebUI & Sweet32 (CVE-2016-2183)

    Posted Oct 04, 2017 10:46 AM

    Thank you Jon.  We are rescanning as well and finding out what tool is being used for this.