[Japanese]

JVNDB-2009-000079

SEIL/B1 authentication issue

Overview

SEIL/B1 contains an issue in the implementation of the PPP Access Concentrator (PPPAC) function, which may allow replay attacks to be performed during the authentication process.

The PPP Access Concentrator (PPPAC) function within SEIL/B1 contains an issue in the CHAP and MS-CHAP-V2 authentication processes, the same challenge value is repeatedly used for each authentication attempt.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 2.6 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


Internet Initiative Japan Inc.
  • SEIL/B1 firmware 1.00 through 2.52

Impact

A third party may be able to perform replay attacks. As a result, the third party may gain access to the network.

According the developer, when L2TP/IPsec is being used, the authentication challenges are protected by the encryption provided by IPsec, and therefore the probability of being affected by this issue are reduced.
Solution

[Update the Software]
Update to the latest version according to the information provided by the developer.
This vulnerability has been addressed by firmware 2.60 that was released on December 1, 2009.
Vendor Information

Internet Initiative Japan Inc.
CWE (What is CWE?)

  1. Improper Authentication(CWE-287) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2009-4409
References

  1. JVN : JVN#49602378
  2. National Vulnerability Database (NVD) : CVE-2009-4409
  3. Secunia Advisory : SA37628
  4. SecurityFocus : 37293
  5. OPEN SOURCE VULNERABILITY DATABASE (OSVDB) : 61118
Revision History

  • [2009/12/09]
      Web page published