2011-07 Out of Cycle Security Bulletin: Multiple Products; TLS/SSL Renegotiation Vulnerability (CVE-2009-3555)

  [JSA10482] Show Article Properties

Legacy Advisory Id:
Product Affected:
IDP: IDP8200, IDP800, IDP250, IDP75, IDP1100, IDP600, IDP200
IVE: SA 500, SA 700, SA 2000, SA 2500, SA 4000, SA 4500, SA 6000, SA 6500, SA 4000 FIPS, SA 6000 FIPS, SA 4500 FIPS, SA 6500 FIPS, MAG2600, MAG4610, MAG-SM160, MAG-SM360
UAC: IC4000, IC6000, IC6000 FIPS, IC4500, IC6500, IC6500 FIPS, MAG2600, MAG4610, MAG-SM160, MAG-SM360
JUNOS: EX-series, M-series, T-series, J-series, MX-series, SRX-series
ScreenOS: ISG 1000, ISG 1000-IDP, ISG 2000, ISG 2000-IDP, NetScreen Hardware Security Client (HSC), NetScreen-5GT Series, NetScreen-25, NetScreen-50, NetScreen-200 Series, NetScreen-500, SSG 5, SSG 20, SSG 140, SSG 300M-series, SSG 500/500M-series, NetScreen-5000 series (NS 5000-MGT2/SPM2 and NS 5000-MGT3/SPM3)
AAA SBR EE Appliance
AAA SBR GE Appliance
AAA SBR Carrier: n/a
WXOS: WX-series, WXC-series
The Juniper Networks products, listed above, have resolved CVE-2009-3555, in accordance with IETF standards.

CVE-2009-3555 summary: The TLS protocol, and the SSL protocol 3.0 and possibly earlier, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. (Note: US-CERT identifies this issue as VU#120541.)

Any workarounds published by Juniper Networks are still valid however upgrade is recommended.

Junos Workaround Note: Since SSL is only used for remote network configuration and management applications such as J-Web and SSL Service for JUNOScript (XNM-SSL), viable workarounds for this issue in Junos may include:
- Disabling J-Web
- Disable SSL service for JUNOScript and only use Netconf, which makes use of SSH, to make configuration changes
- Limit access to J-Web and XNM-SSL from only trusted networks
For customers who are concerned with this issue, upgrade is recommended to the following or later releases:
IDPOS: 5.1R1
IVEOS: 7.1R1
UAC: 4.1R1
JUNOS: 11.1R1
ScreenOS: 5.4r18, 6.2r7, 6.3r4
AAA SBR Carrier: 7.2.4, 7.3.0
WXOS: 5.7.7

SBR Note: If you have SBR version 5.41 or 6.0x, the upgrades listed above may (depending on your support plan) require purchasing a license. You may instead patch your existing version at no cost. If you have an SBR Appliance, the upgrades listed above are not applicable. Patching the appliance is recommend. Either way, go to the Juniper support site for instructions on obtaining and installing the patch for your version.
(see notes listed above)
Modification History:
Modification History:

2017-03-08: Category restructure.

Related Links:
CVSS Score:
5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P)
Severity Level:
Severity Assessment:
- Based on the available public information, this vulnerability is seen to be difficult to exploit on Juniper's products. Existing Best Common Practices (BCP) to limit the "attack surface" are effective tools to limit potential risk to Juniper products.