"Mu's Analyzer complements our internal vulnerability detection methods, which accelerates our remediation efforts, and decreases exposure to exploitation. "

Joe Levy
Chief Technology Officer
SonicWALL

MU DYNAMICS DISCOVERS, REMEDIATES LEADING OPEN SOURCE VPN VULNERABILITY: STRONGSWAN IKEv2 DENIAL-OF-SERVICE

SUNNYVALE, CA – September 19, 2008 - Mu Dynamics, a pioneer in helping network operators and their vendors eliminate downtime through proactive service assurance, has discovered and helped remediate a dangerous 0-day vulnerability within strongSwan's IKEv2 implementation.  strongSwan is an open source IPsec-based virtual private network (VPN) solution for the Linux operating system.  IPsec-based VPNs secure corporate VoIP, email, web, IPTV and other IP-based services over public network infrastructures. 

A precise sequence of complex events (the IKEv2 protocol) is required to establish VPN connectivity.  strongSwan includes an Internet Key Exchange version 2 implementation (IKEv2) to authenticate users and establish session keys, enabling Internet Protocol (IP) traffic to be encrypted and/or digitally signed within IPsec-based VPNs.  Mu Labs discovered that an unauthenticated anonymous attacker could crash a strongSwan-based VPN terminator or other IPsec device using only the very first IKEv2 packet.

“The best defense against this 0-day vulnerability is to immediately upgrade to the patched version of strongSwan,” said Thomas Maufer, Mu Dynamics’ Director of Technical Marketing.  “The Mu Labs development team appreciates strongSwan’s extremely rapid response time in producing a fix to this serious bug in just one day."

Other IKEv2 implementations are at least as complex and thus likely vulnerable to similar failures.  In order to prevent IPsec VPN service downtime from similar software weakness in complex code, IKEv2 implementations must be subjected to variations on real world service-level traffic throughout the deployment life cycle.  For both operators offering IPsec VPN services and their vendors, products must continuously prove they can tolerate unexpected or invalid inputs without experiencing service degradation or downtime.

Technical Background

What:                                         strongSwan IKEv2 Denial-of-Service Vulnerability

Affected Products/Versions:    strongSwan 4.2.6 and other branches

Product Overview:                    strongSwan is an open source IPsec-based VPN Solution for the Linux operating system.

Vulnerability Details:               An IKE_SA_INIT message with a Key Exchange payload containing a large number of NULL values can cause a crash of the IKEv2 charon daemon. The problem is strongSwan dereferences a NULL pointer returned by the mpz_export() function of the GNU Multiprecision Library (GMP).

Vendor Response/Solution:      Fixed in strongSwan 4.2.7 and other branches. Available from www.strongswan.org

History:                                     First contact with vendor:       September 16, 2008

                                                   Vendor releases fix:               September 17, 2008

See also:                                    http://wiki.strongswan.org/changeset/4345

Credit:                                       The Mu Dynamics research team discovered this vulnerability - http://labs.mudynamics.com/pgpkey.txt

Mu Dynamics proactively eliminates the high cost of service, application and network downtime.  Mu's solution automates a systematic and repeatable process that identifies hard-to-detect sources of potential downtime within IP services, applications, and underlying networks.  The award-winning Mu solution is deployed at more than 100 locations, primarily at leading global service providers, cable operators and network product vendors.  Headquartered in Sunnyvale, California, Mu is backed by leading venture capital firms that include Accel Partners, Benchmark Capital, DAG Ventures and Focus Ventures.  http://www.mudynamics.com

###