cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [CONF] Apache CXF > Note on CVE-2011-2487
Date Tue, 11 Dec 2012 15:50:00 GMT
    <base href="">
            <link rel="stylesheet" href="/confluence/s/2042/9/15/_/styles/combined.css?spaceKey=CXF&amp;forWysiwyg=true"
<body style="background: white;" bgcolor="white" class="email-body">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="">Note
on CVE-2011-2487</a></h2>
    <h4>Page  <b>added</b> by             <a href="">Colm
O hEigeartaigh</a>
    <div class="notificationGreySide">
         <p>----<del>BEGIN PGP SIGNED MESSAGE</del>----<br/>
Hash: SHA1</p>

<p>Another attack has emerged on the XML Encryption standard, as described by<br/>
the security advisory CVE-2011-2487:</p>

<p><a href="" class="external-link"

<p>Tibor Jager, Sebastian Schinzel and Juraj Somorovsky have published a paper<br/>
that describes a number of attacks on the PKCS#1 v1.5 Key Transport Algorithm,<br/>
used to encrypt symmetric keys as part of WS-Security. One of these attacks<br/>
exploits the fact that WSS4J can leak information about where a particular<br/>
decryption operation fails. This bug has been fixed in WSS4J 1.6.5, where a <br/>
new symmetric key is generated if the decryption of the encrypted key fails. <br/>
In this way it is not possible for an attacker to find out whether a decryption<br/>
failure was due to the failure of decrypting the key or the data.</p>


<p>Any version of CXF that uses Apache WSS4J 1.6.4 or below is vulnerable to this<br/>
attack. </p>

<p>CXF 2.5.2 users or below should upgrade to the latest version of CXF 2.5.x.<br/>
CXF 2.4.6 users or below should upgrade to the latest version of CXF 2.4.x.<br/>
CXF 2.6 and 2.7 are unaffected.</p>

<p>Additional Recommendation:</p>

<p>It is recommended that the use of the RSA v1.5 key transport algorithm be<br/>
discontinued. Instead the RSA-OAEP key transport algorithm should be used.<br/>
This algorithm is used by default from WSS4J 1.6.8 onwards. If you are using<br/>
WS-SecurityPolicy, then make sure not to use the AlgorithmSuite policies ending<br/>
in "Rsa15".</p>

<p>----<del>BEGIN PGP SIGNATURE</del>----<br/>
Version: GnuPG v1.4.11 (GNU/Linux)</p>

----<del>END PGP SIGNATURE</del>----</p>
    <div id="commentsSection" class="wiki-content pageSection">
       <div style="float: right;">
            <a href=""
class="grey">Change Notification Preferences</a>
       <a href="">View
       <a href=";showCommentArea=true#addcomment">Add

View raw message