Apache Update: TLS Certificate Authentication Bypass with HTTP/2 (CVE-2016-4979)

Published: 2016-07-05
Last Updated: 2016-07-05 19:52:55 UTC
by Johannes Ullrich (Version: 1)
2 comment(s)

Apache released an important update today to fix a vulnerability that affects servers that have http/2 enabled and use TLS client certificates for authentication.

Apache 2.4.18-20 are vulnerable if:

- TLS certificates are used for authenticating clients (look for the "SSLVerifyClient require" directive in your configuration file)

- http/2 is enabled. (see if the "Protocols" line includes h2 and/or h2c). 

Only access over http/2 is affected. Access via http/1.1 is still properly controlled even if http/2 is enabled. Over TLS, clients that suport http/2 will likely use it over http/1.1.

http/2 is not enabled by default in any currently shipping version of Apache.

To quickly check your network traffic for http/2 use, you can use this tshark line:

tshark -Y 'ssl.handshake.extensions_alpn_str == "h2"' -n -i en0  \
-T fields -e ip.src -e ip.dst -e ssl.handshake.type -e ssl.handshake.extensions_server_name \
-e ssl.handshake.extensions_alpn_str
 

It will list the client requests as well as the server responses that contain http/2 including the host name that the client is trying to reach. For example:

10.5.1.12    216.58.192.66    1    cm.g.doubleclick.net    h2,spdy/3.1,http/1.1
216.58.192.66    10.5.1.12    2        h2

In this handshake, the client offers http/2, spdy/3.1 as well as http/1.1 to cm.g.doubleclick.net . The server then selects http/2 (h2).

 

 

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Keywords: apache http2 tls
2 comment(s)
ISC Stormcast For Tuesday, July 5th 2016 http://isc.sans.edu/podcastdetail.html?id=5067

Comments


Diary Archives