The Intel Security Advanced Threat Research Team has discovered a critical signature forgery vulnerability in the Mozilla Network Security Services (NSS) crypto library that could allow malicious parties to set up fraudulent sites masquerading as legitimate businesses and other organizations.
The Mozilla NSS library, commonly utilized in the Firefox web browser, can also be found in Thunderbird, Seamonkey, and other Mozilla products. Dubbed “BERserk”, this vulnerability allows for attackers to forge RSA signatures, thereby allowing for the bypass of authentication to websites utilizing SSL/TLS. Given that certificates can be forged for any domain, this issue raises serious concerns around integrity and confidentiality as we traverse what we perceive to be secure websites.
Why it’s called BERserk
This attack exploits a vulnerability in the parsing of ASN.1 encoded messages during signature verification. ASN.1 messages are made up of various parts that are encoded using BER (Basic Encoding Rules) and/or DER (Distinguished Encoding Rules). This attack exploits the fact that the length of a field in BER encoding can be made to use many bytes of data. In vulnerable implementations, these bytes are then skipped during parsing. This condition enables the attack. This is a variation on the Bleichenbacher PKCS#1 RSA Signature Verification vulnerability of 2006.
How we’re addressing the problem
Upon discovery of this issue, our team engaged CERT/CC in an effort to ensure that all affected parties were responsibly and effectively notified and given proper guidance around this issue. The Intel Security Advanced Threat Research team is continuing to work with CERT/CC in addition to reviewing other commonly used cryptographic libraries for this issue. We will continue to update our customers and affected parties as new details emerge. The team will also be releasing a paper with full technical details on this potential exploit.
McAfee Product Coverage & Countermeasures
McAfee Vulnerability Manager (MVM) will release an update to check for vulnerable systems and report their exposure. We continue to review other potential mitigation methods and technologies and will keep our customers up to date.
What users can do immediately
Individual Firefox browser users can take immediate action by updating their browsers with the latest patches from Mozilla.
Ensuring that privacy and integrity be maintained is core to what we do at Intel Security. As this issue unfolds we will continue to provide updates on effective countermeasures and proper mitigation strategies.