-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Advisory Number 06062014
CVE-2014-0224


TITLE
 
OpenSSL Multiple Vulnerabilities
 

SUMMARY
 
On June 5, 2014, the OpenSSL Foundation announced multiple vulnerabilities in OpenSSL
through the advisory at http://www.openssl.org/news/secadv_20140605.txt.  A number of
Aruba Networks products make use of OpenSSL.  This advisory has been created to describe
Aruba's exposure to these vulnerabilities.


AFFECTED PRODUCTS
	SSL/TLS MITM vulnerability (CVE-2014-0224)
		- Multiple Aruba products impacted.  See below for further details.

	DTLS recursion flaw (CVE-2014-0221)
		- No impact.  No Aruba products implement DTLS.

	DTLS invalid fragment vulnerability (CVE-2014-0195)
		- No impact.  No Aruba products implement DTLS.

	SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)
		- No impact.  Aruba products do not enable SSL_MODE_RELEASE_BUFFERS

	SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)
		- No impact.  Aruba products do not enable SSL_MODE_RELEASE_BUFFERS

	Anonymous ECDH denial of service (CVE-2014-3470)
		- No impact.  Aruba products do not enable anonymous TLS ciphersuites


AFFECTED VERSIONS (for CVE-2014-0224)
 
	- ArubaOS (6.3.X, 6.4.X - including FIPS versions)
	- ClearPass (6.1.x, 6.2.x, 6.3.x)
	- AirWave (All versions)
	- VIA for Linux (2.0.X)

NOT AFFECTED
	- Aruba Central (cloud services updated on June 5 to patch vulnerability)
	- Aruba Instant (product does not use OpenSSL)
	- Aruba VIA, other than Linux version (product does not use OpenSSL)
	- MeshOS


POSSIBLY AFFECTED
	- ArubaOS 5.x, 6.1.x, 6.2.x
	- ArubaOS 7.x (Mobility Access Switch)
	  These versions contain an older version of OpenSSL which is not reported
	  to be vulnerable when acting as a TLS server.  Although Aruba does not
	  believe these versions pose a danger, OpenSSL will be patched during the
	  next scheduled maintenance cycle as a precaution.
 
 
DETAILS
 
An attacker using a carefully crafted handshake can force the use of weak
keying material in OpenSSL SSL/TLS clients and servers. This can be exploited
by a Man-in-the-middle (MITM) attack where the attacker can decrypt and 
modify traffic from the attacked client and server.  The attack can only be
performed between a vulnerable server *and* client (both server and client
must be running a vulnerable version of OpenSSL.)

Most common web browsers do not make use of OpenSSL, and thus HTTPS connections between
a browser and an affected Aruba device would not be impacted.  The major exception is
Chrome running on Android devices, which does use OpenSSL.

Wireless EAP sessions *may* be impacted between an affected Aruba product and a 
client device that uses OpenSSL as part of its EAP stack.  This primarily
impacts Unix-like operating systems which employ the open-source "wpa_supplicant" package
when it is built and linked against OpenSSL.  Android is reported to use wpa_supplicant
to manage 802.1X sessions.  Aruba has not yet confirmed that EAP is vulnerable, but 
based on preliminary analysis:
 - EAP-TLS will not reveal credentials during an attack. EAP-TLS uses TLS for 
   certificate verification, and does not actually communicate encrypted authentication
   messages over a TLS tunnel.
 - EAP-PEAP *may* be vulnerable to credential exposure.  The impact would be the exposure 
   of an MSCHAPv2 hash to an attacker, who could then conduct an offline dictionary 
   or brute-force attack against the password hash.  The strength of the password will
   determine how successful the attack is.
 - For any EAP type, the Pairwise Master Key (PMK) used to protect the resulting wireless
   session is based off the TLS master secret.  If a man-in-the-middle attack 
   successfully forces weak keying material to be used, the resulting PMK will
   be similarly weak.

Given the ability to conduct man-in-the-middle attacks over a wireless network, 
Aruba recommends caution when connecting vulnerable client devices to WPA2 networks 
until either the client or server has been patched for this vulnerability.
We expect numerous popular client operating systems to be patched immediately - for example,
Red Hat and Ubuntu both issued patches on June 5.  This caution applies only when the 802.1X
EAP session is handled by an OpenSSL-enabled EAP authentication server - for example, when 
EAP termination is enabled on an Aruba controller, or when ClearPass Policy Manager is used
as an authentication server for EAP sessions, or if another OpenSSL-enabled RADIUS
server (e.g. FreeRADIUS) is used.  Customers using a RADIUS server which does not use OpenSSL
(e.g. Microsoft NPS) would not be vulnerable.

 
DISCOVERY

These vulnerabilities were announced publicly by the OpenSSL Foundation.



IMPACT

OpenSSL is used in a variety of ways in Aruba products, including:
* HTTPS communications via the Administrative Web GUI
* HTTPS communications via Captive Portal
* 802.1X
* Secure LDAP communication
* Secure communication with some third party APIs
* VIA profile download

Aruba Networks participates in the Common Vulnerability Scoring System (CVSS). This 
rating system is a vendor agnostic, industry open standard designed to convey 
vulnerability severity and help determine urgency and priority of response. The CVSS score
for this release is:

CVSS v2 Base Score: 5.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:N)



MITIGATION

HTTPS sessions with affected products should only be made from a trusted network segment, or using
a browser which is known not to be using a vulnerable version of OpenSSL. This practice should
continue until one of the two devices participating in the HTTPS session has been updated.

TLS sessions between network elements (e.g. between AirWave and an Aruba Mobility Controller) should
be made through a trusted network segment that is protected from man-in-the-middle attacks. 

Customers should use caution when allowing wireless 802.1X-PEAP authentication between an authentication
server using OpenSSL (e.g. ArubaOS with EAP Termination, or ClearPass Policy Manager) and a client 
operating system which uses OpenSSL to provide the EAP stack (e.g wpa_supplicant).

 
 
SOLUTION
 
Aruba Networks has published patch releases for the affected products. We recommend that all 
customers upgrade to these versions.

ArubaOS 6.3.1.8 posted 6/13/2014
ArubaOS 6.4.1.0 posted 6/17/2014
ClearPass 6.1.3 or 6.1.4 patch posted 6/13/2014
ClearPass 6.2.6 patch posted 6/13/2014
ClearPass 6.3.3 patch posted 6/13/2014
AirWave 7.7.12 posted 6/12/2014
	- Note: AirWave customers running older versions are strongly encouraged to upgrade to 7.7.12. 
	  Customers who are unable to upgrade may run "yum update openssl; rd" from a root shell.  
	  This will update OpenSSL and restart all required processes.
AirWave 8.0.1
VIA for Linux 2.0.2 posted 6/13/2014


+----------------------------------------------------

OBTAINING FIXED FIRMWARE

Aruba customers can obtain the firmware on the support website:
	http://support.arubanetworks.com


Aruba Support contacts are as follows:

	1-800-WiFiLAN (1-800-943-4526) (toll free from within North America)
	
	+1-408-754-1200 (toll call from anywhere in the world)

	The full contact list is at:
	http://www.arubanetworks.com/support-services/support-program/contact-support/

	e-mail: support(at)arubanetworks.com

Please do not contact "sirt(at)arubanetworks.com" for software upgrades.


STATUS OF THIS NOTICE: Final

Although Aruba Networks cannot guarantee the accuracy of all statements
in this advisory, all of the facts have been checked to the best of our
ability. Aruba Networks does not anticipate issuing updated versions of
this advisory unless there is some material change in the facts. Should
there be a significant change in the facts, Aruba Networks may update
this advisory.

A stand-alone copy or paraphrase of the text of this security advisory
that omits the distribution URL in the following section is an uncontrolled
copy, and may lack important information or contain factual errors.


DISTRIBUTION OF THIS ANNOUNCEMENT

This advisory will be posted on Aruba's website at:
http://www.arubanetworks.com/support/alerts/aid-06062014.txt


Future updates of this advisory, if any, will be placed on Aruba's worldwide
website, but may or may not be actively announced on mailing lists or
newsgroups. Users concerned about this problem are encouraged to check the
above URL for any updates.


REVISION HISTORY
      Revision 1.0 / 06-06-2014 / Initial release
      Revision 1.1 / 06-09-2014 / Update to EAP vulnerability estimate
      Revision 1.2 / 06-17-2014 / Update to include release information


ARUBA SIRT SECURITY PROCEDURES

Complete information on reporting security vulnerabilities in Aruba Networks
products, obtaining assistance with security incidents is available at

http://www.arubanetworks.com/support-services/security-bulletins/
   
  
For reporting *NEW* Aruba Networks security issues, email can be sent to
sirt(at)arubanetworks.com. For sensitive information we encourage the use of 
PGP encryption. Our public keys can be found at 

http://www.arubanetworks.com/support-services/security-bulletins/


(c) Copyright 2014 by Aruba Networks, Inc.
This advisory may be redistributed freely after the release date given at
the top of the text, provided that redistributed copies are complete and
unmodified, including all date and version information.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBCAAGBQJToIEwAAoJEJj+CcpFhYbZ0F8H/1UymWW1dvvD/YvN6o4ARIZs
fT+2N+kRSKc/H2l9V8MK+MtvV1oS7S70yMV20y1iFzymGpxw/mVVSk+08iWEkYy7
dMOfskdh6BxspSi55BVFLVsMn8TbGxwTf0ZYu86Tu1WSBIFd32HD5HQN2MENGxCE
hnASnpJ99iNspdM3WnUVW97scUs8WCcw/EWZs6mHd72fmm4CYDstU1C+vlGIT+mH
lNZl4D6N87rZy0zcioCjCmttXbty4seN1Onj4Oee4g9pyizlZ0BeiDk0oOjx1dQL
y+ki52fwX6guZaICPmtMT8vsVpHh/F2SkyYz67ZWlzC3F0QKzhhlosG3huD7T6I=
=1ogj
-----END PGP SIGNATURE-----