What You Need to Know About BERserk

In the process of its ongoing research, the Intel Security Advanced Threat Research Team (ATR) has discovered a critical signature forgery vulnerability in the Mozilla Network Security Services (NSS) crypto library that could allow malicious parties to set up fraudulent sites impersonating as legitimate businesses and other organizations.

The Mozilla NSS library is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. NSS provides open source implementation of the crypto libraries used by AOL, Red Hat, Google, and other companies in a variety of products, including the following:
  • AOL Instant Messenger (AIM)
  • Open source client applications, such as Evolution, Pidgin, and Apache OpenOffice
  • Server products such as Red Hat: Red Hat Directory Server, Red Hat Certificate System, and the mod_nss SSL module for the Apache web
  • Server products from the Sun Java Enterprise System
In addition, NSS is commonly used in the Firefox web browser and is can also be found in Thunderbird, Seamonkey, and other Mozilla products.  The critical signature vulnerably, dubbed “BERserk”, allows attackers to forge RSA signatures, thereby allowing for the bypass of authentication to websites utilizing SSL/TLS.  Given that certificates can be forged for any domain, this issue raises serious concerns around integrity and confidentiality as we navigate what we perceive to be secure websites.

Why it’s called BERserk

This attack exploits a vulnerability in the parsing of ASN.1 encoded messages during signature verification. ASN.1 messages are made up of various parts that are encoded using BER (Basic Encoding Rules) and/or DER (Distinguished Encoding Rules). This attack exploits the length of a field in BER encoding can be made to use many bytes of data. In vulnerable implementations, these bytes are then skipped during parsing. This condition enables the attack.  This is a variation on the Bleichenbacher PKCS#1 RSA Signature Verification vulnerability of 2006.

How is it Being Addressed?

“Upon discovery of this issue, the Intel Security ATR team notified Mozilla to facilitate the mitigation and resolution of the vulnerability. We also engaged CERT/CC to ensure that all affected parties are responsibly and effectively notified and given mitigation guidance on this issue, and to review other commonly used cryptographic libraries for similar issues,” stated James Walter, director of advanced threat research of Intel Security.

The Intel Security Advanced Threat Research team is continuing to work with CERT/CC in addition to reviewing other commonly used cryptographic libraries for this issue.  They will continue to update users and affected parties as new details emerge.  The team will also be releasing a paper with full technical details on this potential exploit.

McAfee Product Coverage & Countermeasures

McAfee Vulnerability Manager (MVM) will release an update to check for vulnerable systems and report their exposure.   McAfee will continue to review other potential mitigation methods and technologies and will keep customers up to date.

What Users can do Immediately

If you’re a Firefox browser user, you can take immediate action by updating your browser with the latest patches from Mozilla. Google has also released updates for Google Chrome and ChromeOS, as these products also utilize the vulnerable library.

As this issue unfolds, Intel Security will continue to provide updates on effective countermeasures and proper mitigation strategies.

|Featured Content_$type=three$c=3$l=0$m=0$s=hide$rm=0

Made with in NYC

Android,16,Apple,22,Apps,21,Camera,10,Computing,16,Electronics,8,Electronics and Gadgets,3,Email,1,Entertainment,1,Featured,10,Features,74,Gadgets,53,Games,25,Google,25,Industry,5,Internet,23,iPad,4,iPhone,16,Laptops,9,Microsoft,6,Mobile,22,News,1,Operating Systems,3,Portable Media,14,Printer,2,Security,23,Smartphone,52,Social Media,49,Tech Advice,12,Tech Education,8,Tech Hacks,21,Tech Updates,3,Tutorials,15,TV,2,Web & Social,17,WhatsApp,2,Wi-Fi,4,YouTube,5,
Tech Magazine: What You Need to Know About BERserk
What You Need to Know About BERserk
Tech Magazine
Loaded All Posts Not found any posts VIEW ALL Read More Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy