nCipher nCore API bypass security
| ncipher-ncore-bypass-security (25062) |  Medium Risk |
Description:
nCipher's nCore API is vulnerable to a security bypass caused by weaker than expected security in the MAC protocol. The nCore API transmits a non-zero IV together with the message, causing modified messages to bypass security restrictions in CBC-MAC.
Platforms Affected:
- nCipher, nCipher V10 prior to 2.22.6
Remedy:
Upgrade to the latest nCipher V10 firmware (2.22.6 or later), as listed in the nCipher Security Advisory #13. See References.
Consequences:
Bypass Security
References:
- nCipher Security Advisory #13, SA#13: CBC-MAC IV misleading programming interface at http://www.ncipher.com/resources/96/sa13_cbcmac_iv_misleading_programming_interface.
- BID-17011: nCipher Insecure CBC-MAC API Vulnerability
- CVE-2006-1116: The CBC-MAC integrity functions in the nCipher nCore API before 2.18 transmit the initialization vector IV as part of a message when the implementation uses a non-zero IV, which allows remote attackers to bypass integrity checks and modify messages without being detected.
- SA19137: nCipher Products Multiple Vulnerabilities
- SECTRACK ID: 1015718: nCipher nCore May Let Users Conduct Key Determination Attacks and May Fail to Detect MAC Message Modification
- VUPEN/ADV-2006-0862: nCipher Products Multiple Insecure Keys and Security Bypass Vulnerabilities
Reported:
Mar 07, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net