Transport Layer Security (TLS) handshake renegotiation weak security (CVE-2009-3555) in relation to WebSphere Application Server products

Flash (Alert)


Abstract

TLS/SSL weakness exists in multiple implementations of the Transport Layer Security (TLS) protocol, including SSL.

Content

Versions affected:

IBM WebSphere Application Server Versions 6.0.2 through 6.0.2.39, 6.1 through 6.1.0.29, for Distributed, i5/OS and z/OS operating systems. This does not occur on Versions before 6.0.2, and after Version 7.0*.

* Note: IBM WebSphere Application Server Version 7 is not affected by this security vulnerability (CVE-2009-3555) because the application server does not support renegotiation in Version 7.

Additionally, this is required for the IBM HTTP Server, Versions 6.0, 6.1, and 7.0 for Distributed operating systems, and Versions 6.1 and 7.0 for z/OS operating systems.

Reference the IBM Internet Security Systems document for Transport Layer Security (TLS) handshake renegotiation security for additional details.

Problem Description:
All customers using WebSphere Application Server, or using IBM HTTP Server relying on Secure Socket Layer v3 (SSLv3), or any of the multiple versions of Transport Layer Security (TLS) in support of secure communications between a client and server, or between server and server, are impacted by a recently discovered weakness in the TLS and SSLv3 protocols. SSLv2 is not affected.

The TLS/SSL weakness exists in multiple implementations of the Transport Layer Security (TLS) protocol, including SSL.

Solution:
To address the weakness in the TLS/SSL handshake renegotiation, IBM, along with the other members in the Industry Consortium for the Advancement of Security on the Internet (ICASI), are working together with the Internet Engineering Task Force (IETF) to enhance and strengthen the handshake renegotiation protocol in the TLS specification. This effort will take some time to complete. The delivery outlook for inclusion of this enhanced handshake renegotiation capability in TLS protocol implementations is unknown at this time.

In the interim, WebSphere Application Server is delivering APAR fixes to the SDK for the Application Server to disable the TLS handshake renegotiation. The TLS handshake renegotiation is rarely used. Disabling the TLS handshake renegotiation will block a remote attacker from attempting to exploit the weakness in the TLS protocol. After installing this fix, the default setting will disable the TLS handshake renegotiation. The fix also provides an option to re-enable renegotiation if warranted. TLS handshake renegotiation should be re-enabled only if absolutely necessary and with a clear understanding and acceptance of the potential security risks.

Applying the appropriate Interim Fix APAR (see below), or a Fix Pack containing the APAR (see below), will address allowing an installation to disable the TLS handshake renegotiation as a temporary solution.

Also, please note, for customers using the IBM HTTP Server, an updated GSKit security library is available. This Interim Fix APAR PM00675 is a standalone GSKit update. See details below under "For IBM HTTP Server".

For IBM WebSphere Application Server on Distributed and z/OS Operating Systems:

WebSphere Application Server leverages IBM Java Secure Socket Extensions (JSSE) for secure communications. JSSE includes TLS support. IBM JSSE APAR IZ65239 disables TLS renegotiation.

After installing the appropriate fixes below, which include APAR IZ65239, the following properties will be added:


    com.ibm.jsse2.renegotiate – default NONE
    ALL - allow both abbreviated and unabbreviated (full) renegotiation handshakes
    NONE - allow no renegotiation handshakes (this is the new default setting)
    ABBREVIATED - allow only abbreviated renegotiation handshakes
    For WebSphere Application Server on Distributed Operating Systems:
    For Version 6.1 through 6.1.0.29:
    • Apply Interim Fix APAR PM04482 or PM04483
      • Please note that applying either of these Interim Fix APARs, will update your JDK level to:
      --OR--
    • Apply Fix Pack 31 (6.1.0.31), or later (targeted to be available May 2010)

    For Version 6.0.2 through 6.0.2.39:
    • Apply Interim Fix APAR PM04534 or PM04544
      • Please note that applying either of these Interim Fix APAR will update your JDK level to:
        • PM04534: SDK 1.4.2 SR13 (V6.0.2.35)
        • PM04544: SDK 1.4.2 SR13 FP2 (V6.0.2.39)
      --OR--
    • Apply Fix Pack 41 (6.0.2.41), or later (targeted to be available April 2010)
    For IBM WebSphere Application Server for z/OS Operating Systems:

    If WebSphere Application Server runs on z/OS, it is the recommendation of IBM to install all Security and System Integrity PTFs applicable to z/OS and any installed FMIDs.

    To determine whether PTFs are needed, customers should follow normal procedures in obtaining security/integrity PTFs from IBM for z/OS. The IBM System z policy restricts distribution of security and system integrity APARs to reduce the risk of exposure. Customer representatives who have been authorized for System z Security Access can obtain Security/Integrity information, including SMP/E Enhanced HOLD DATA, for all security/integrity APARs.

    Please see System z Security / Integrity APAR Notification for System z Customers that demonstrate a need to know for details on the procedures authorizing access to IBM System z security/integrity information. Security/integrity service information should be checked on a regular basis and PTFs applied as soon as possible to eliminate potential risks.

    For V6.1 through 6.1.0.29:
    • Apply corresponding PTF for APAR PM04626 from PTFs for 6.1.0.31 or later (targeted to be available May 2010).

    For V6.0.2 through 6.0.2.39:
    • Apply corresponding PTF for APAR PM04394 from PTFs for 6.0.2.41 or later (targeted to be available April 2010).
For IBM WebSphere Application Server for i5/OS:

    If WebSphere Application Server runs on OS/400 or i5/OS, WebSphere Application Server or IBM i leverages IBM JSSE.

    After installing the appropriate fixes below, which include APAR IZ65239, the following properties will be added:
      com.ibm.jsse2.renegotiate – default NONE

      ALL - allow both abbreviated and unabbreviated (full) renegotiation handshakes
      NONE - allow no renegotiation handshakes (this is the new default setting)
      ABBREVIATED - allow only abbreviated renegotiation handshakes

    For V6.1.0.11 through 6.1.0.29:
    • Install the PTFs listed in APAR II14533 for the JDK and JVM versions used on your system, and then
    • Apply Interim Fix PM06400
    --OR--
    • Apply the WebSphere Application Server PTF group which includes Fix Pack 31 or later (6.1.0.31 targeted to be available May 2010), according to the PTF group instructions.

    For V6.1 through 6.1.0.9:
      • Install the PTFs listed in APAR II14533 for the JDK and JVM versions used on your system
      --OR--
      • Apply the WebSphere Application Server PTF group which includes Fix Pack 31 or later (6.1.0.31 targeted to be available May 2010), according to the PTF group instructions.

    For V6.0.2 through 6.0.2.35:
    • Apply Interim Fix APAR PM06400
      --OR--
    • Apply the WebSphere Application Server PTF group which includes Fix Pack 43 or later (6.0.2.43 targeted to be available October 2010), according to the PTF group instructions.
      • Note: Fix Pack 37 (6.0.2.37), Fix Pack 39 (6.0.2.39) and Fix Pack 41 (6.0.2.41) are not provided for i5/OS. Fix Pack 43 (6.0.2.43) is the next planned fix pack for i5/OS.
Special note for IBM WebSphere MQ customers:
    Customer using IBM WebSphere MQ may need to install APAR IZ64859 (zOS MQ V6 is PM01584 and zOS MQ V7 PM01586).
    After installing the TLS/SSL renegotiation disablement fixes, MQ SSL Secret Key Reset function, controlled by the QMGR attribute SSLRKEYC or equivalent WMQ client variables, will no longer function until APAR IZ64859 has been installed.
For IBM HTTP Server:

For IBM HTTP Server on Distributed Operating Systems:
    For v6.0, 6.1 and 7.0:

For IBM HTTP Server on i5/OS (uses IBM i System SSL):
  • See APAR II14533 for fix information.

For IBM HTTP Server on z/OS:
    For IBM HTTP Server f or z/OS V5.30, and IBM HTTP Server for WebSphere for z/OS V6.1, V7.0:
      If using IBM HTTP Server for z/OS or IBM HTTP Server for WebSphere for z/OS, it is the recommendation of IBM to install all Security and System Integrity PTFs applicable to z/OS and any installed FMIDs.
        To determine whether PTFs are needed, customers should follow normal procedures in obtaining security/integrity PTFs from IBM for z/OS. The IBM System z policy restricts distribution of security and system integrity APARs to reduce the risk of exposure. Customer representatives who have been authorized for System z Security Access can obtain Security/Integrity information, including SMP/E Enhanced HOLD DATA, for all security/integrity APARs.
          Please see System z Security / Integrity APAR Notification for System z Customers that demonstrate a need to know for details on the procedures authorizing access to IBM System z security/integrity information. Security/integrity service information should be checked on a regular basis and PTFs applied as soon as possible to eliminate potential risks.

        Additional documentation:
        For additional details and information on WebSphere Application Server product updates:

        Cross reference information
        Segment Product Component Platform Version Edition
        Application Servers WebSphere Application Server for z/OS Security z/OS 6.1, 6.0
        Business Integration WebSphere MQ 6.0
        Application Servers IBM HTTP Server Not Applicable AIX, HP-UX, IBM i, Linux, Solaris, Windows, z/OS 7.0, 6.1, 6.0 All Editions

        Rate this page:

        (0 users)Average rating

        Document information


        More support for:

        WebSphere Application Server
        Security

        Software version:

        6.0, 6.1

        Operating system(s):

        AIX, HP-UX, IBM i, Linux, Solaris, i5/OS

        Software edition:

        Base, Developer, Express, Network Deployment, Single Server

        Reference #:

        1413714

        Modified date:

        2010-02-05

        Translate my page

        Machine Translation

        Content navigation