OpenVAS flags XrootD 5.4.2 "SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094)"

[binkleym]

I'm the security guy, not the local XrootD expert, but wanted to post it here just in case.

I ran an OpenVAS vulnerability against our XrootD servers which are running 5.4.2, and it flags them with the above error, which is considered 5 out of 10 for severity.

---

Summary
The remote SSL/TLS service is prone to a denial of service (DoS) vulnerability.

Detection Result
The following indicates that the remote SSL/TLS service is affected:

Protocol Version | Successful re-done SSL/TLS handshakes (Renegotiation) over an existing / already established SSL/TLS connection

TLSv1.2 | 10

Insight
The flaw exists because the remote SSL/TLS service does not
properly restrict client-initiated renegotiation within the SSL and TLS protocols.

Note: The referenced CVEs are affecting OpenSSL and Mozilla Network Security Services (NSS) but
both are in a DISPUTED state with the following rationale:

It can also be argued that it is the responsibility of server deployments, not a security
library, to prevent or limit renegotiation when it is inappropriate within a specific environment.

Both CVEs are still kept in this VT as a reference to the origin of this flaw.

Detection Method
Checks if the remote service allows to re-do the same SSL/TLS
handshake (Renegotiation) over an existing / already established SSL/TLS connection.

Details:
SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094...
OID: 1.3.6.1.4.1.25623.1.0.117761
Version used:
2021-11-15T10:28:20Z

Affected Software/OS
Every SSL/TLS service which does not properly restrict
client-initiated renegotiation.

Impact
The flaw might make it easier for remote attackers to cause a
DoS (CPU consumption) by performing many renegotiations within a single connection.

Solution
Solution Type:
Vendorfix
Users should contact their vendors for specific patch information.

A general solution is to remove/disable renegotiation capabilities altogether from/in the affected
SSL/TLS service.
References
CVE
CVE-2011-1473
CVE-2011-5094
CERT
DFN-CERT-2017-1013
DFN-CERT-2017-1012
DFN-CERT-2014-0809
DFN-CERT-2013-1928
DFN-CERT-2012-1112
CB-K17/0980
CB-K17/0979
CB-K14/0772
CB-K13/0915
CB-K13/0462
Other
https://orchilles.com/ssl-renegotiation-dos/
https://mailarchive.ietf.org/arch/msg/tls/wdg46VE_jkYBbgJ5yE4P9nQ-8IU/
https://vincent.bernat.ch/en/blog/2011-ssl-dos-mitigation
https://www.openwall.com/lists/oss-security/2011/07/08/2
https://vincent.bernat.ch/en/blog/2011-ssl-dos-mitigation

[abh3]

For XRootD this appears to be a tangible problem for unauthenticated connections which, in practice, no one does. So, here we trust that clients that we accept will not launch a DOS attack. Thus far this has been shown to be true. Hence, the severity of this problem is far lower than one would expect.

[abh3]

For what it's worth, here is a ticket that describes how to disable renegotiation. This may differ for various versions of OpenSSL.
openssl/openssl#11673

[amadio]

The fix for this is merged into the devel branch and will be part of release 5.7.0, closing.