NTLM implementation security issue

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

NTLM implementation security issue

Samba - jcifs mailing list
Hi,

working on the SPNEGO/NTLM support in jcifs-ng I stubled over an
security issue in the NTLM implementation originating from the original
jcifs codebase.

If NTLMSSP_NEGOTIATE_SIGN is set but the NTLMSSP_NEGOTIATE_KEY_EXCH flag
is cleared (e.g. by an attacker) the Type3Message will include the
session key in the clear.

This does not so much affect the use in SMB signing in the original
jcifs - as signing cannot be enforced (i.e. does not provide any real
security guarantees anyways).

But as it might affect people using the NTLM implementation on it's own
or maybe other forks I'm just making this public here.

Fix in jcifs-ng is
https://github.com/AgNO3/jcifs-ng/commit/6bcf3e4b3c61b0cfe154d05b3869870c31df6205
(included in 2.0.4)

CVE has been requested, will update when available.


regards

Moritz

--
AgNO3 GmbH & Co. KG, Sitz Tübingen, Amtsgericht Stuttgart HRA 728731
Persönlich haftend:
Metagesellschaft mbH, Sitz Tübingen, Amtsgericht Stuttgart HRB 744820,
Vertreten durch Joachim Keltsch

Reply | Threaded
Open this post in threaded view
|

Re: NTLM implementation security issue

Samba - jcifs mailing list
Hi Moritz,

Great work finding this. This only affects a client initiating so I
think the impact is going to be moderate if even that.

But great find and thanks for reporting it.

I added a link on the JCIFS site to your jcifs-ng project which looks
very interesting.

Keep up the good work.

Mike

On Tue, Dec 19, 2017 at 5:06 AM, Moritz Bechler via jCIFS
<[hidden email]> wrote:

> Hi,
>
> working on the SPNEGO/NTLM support in jcifs-ng I stubled over an
> security issue in the NTLM implementation originating from the original
> jcifs codebase.
>
> If NTLMSSP_NEGOTIATE_SIGN is set but the NTLMSSP_NEGOTIATE_KEY_EXCH flag
> is cleared (e.g. by an attacker) the Type3Message will include the
> session key in the clear.
>
> This does not so much affect the use in SMB signing in the original
> jcifs - as signing cannot be enforced (i.e. does not provide any real
> security guarantees anyways).
>
> But as it might affect people using the NTLM implementation on it's own
> or maybe other forks I'm just making this public here.
>
> Fix in jcifs-ng is
> https://github.com/AgNO3/jcifs-ng/commit/6bcf3e4b3c61b0cfe154d05b3869870c31df6205
> (included in 2.0.4)
>
> CVE has been requested, will update when available.
>
>
> regards
>
> Moritz
>
> --
> AgNO3 GmbH & Co. KG, Sitz Tübingen, Amtsgericht Stuttgart HRA 728731
> Persönlich haftend:
> Metagesellschaft mbH, Sitz Tübingen, Amtsgericht Stuttgart HRB 744820,
> Vertreten durch Joachim Keltsch
>



--
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/