=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2009/VULN547
_____________________________________________________________________

DATE                      : 22/12/2009

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running IBM SDK for Java.

======================================================================
http://www-01.ibm.com/support/docview.wss?uid=swg21415080
______________________________________________________________________

Transport Layer Security (TLS) handshake renegotiation weak security
CVE-2009-3555

Flash (Alert)

Abstract

All customers using IBM SDK for Java relying on Secure Socket Layer v3 (SSLv3)
or any of the multiple versions of Transport Layer Security (TLS) in support
of secure communications between a client and server or between server and
server are impacted by a recently discovered weakness in the TLS and SSL v3
protocols. SSLv2 is not affected.

Content

The TLS/SSL weakness exists in multiple implementations of the Transport Layer
Security (TLS) protocol, including SSL.

To address the weakness in the TLS/SSL handshake renegotiation, IBM, along with
the other members in the Industry Consortium for the Advancement of Security
on the Internet (ICASI), are working together with the Internet Engineering
Task Force (IETF) to enhance and strengthen the handshake renegotiation
protocol in the TLS specification. This effort will take some time to complete.
The delivery outlook for inclusion of this enhanced handshake renegotiation
capability in TLS protocol implementations is unknown at this time.

In the interim, the IBM SDK for Java is delivering a fix to allow an
installation to disable the TLS handshake renegotiation. The TLS handshake
renegotiation is rarely used. Disabling the TLS handshake renegotiation will
block a remote attacker from attempting to exploit the weakness in the TLS
protocol. After installing this fix, the default setting will disable the
TLS handshake renegotiation. The fix also provides an option to re-enable
renegotiation if warranted. TLS handshake renegotiation should be
re-enabled only if absolutely necessary and with a clear understanding and
acceptance of the potential security risks.

IBM Java Secure Socket Extensions (JSSE) includes TLS support. If your Java
application uses JSSE for secure communication, you can disable TLS
renegotiation by installing APAR IZ65239. After installing JSSE APAR IZ65239,
the following properties are added:

com.ibm.jsse2.renegotiate=[ALL | NONE | ABBREVIATED]

      ALL: allow both abbreviated and unabbreviated (full) renegotiation
      handshakes.
      NONE: allow no renegotiation handshakes. This option is the new default
      setting.
      ABBREVIATED: allow only abbreviated renegotiation handshakes.


It is the recommendation of IBM to install all Security and System Integrity
PTFs applicable to z/OS and any installed FMIDs. To determine whether PTFs are
needed, customers should follow normal procedures in obtaining
security/integrity PTFs from IBM for z/OS. The IBM System z policy restricts
distribution of security and system integrity APARs to reduce the risk of
exposure. Customer representatives who have been authorized for System z
Security Access can obtain Security/Integrity information, including SMP/E
Enhanced HOLD DATA, for all security/integrity APARs. Please see the URL
http://www.vm.ibm.com/devpages/spera/aparinfo.html for details on the
procedures authorizing access to IBM System z security/integrity
information. Security/integrity service information should be checked on a
regular basis and PTFs applied as soon as possible to eliminate potential
risks.

If your Java application or IBM i leverages IBM JSSE and i System SSL. Fixes
for security vulnerabilities identified to be applicable to IBM i are available
in a Security PTF group as well as the HIPER PTF group. The PTF groups can be
viewed at the Preventive Service Planning - PSP web site
http://www-912.ibm.com/s_dir/sline003.NSF/GroupPTFs?OpenView&view=GroupPTFs.
Expand the release to see groups, including Group Security.


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================