Vulnerabilities > CVE-2013-0137 - Cryptographic Issues vulnerability in multiple products

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
digital-alert-systems
monroe-electronics
CWE-310
critical
nessus
NVD
Published: 2013-06-30
Updated: 2020-01-29

Summary

The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session.

Vulnerable Configurations

Part Description Count
Hardware
Digital_Alert_Systems
2
Hardware
Monroe_Electronics
2

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Nessus

NASL familyMisc.
NASL idEAS_DEFAULT_KEY.NASL
descriptionThe remote EAS device permits root login using an SSH key with a publicly available private key. The private key was included in older copies of Monroe Electronics and Digital Alert Systems firmware. A remote attacker with access to the private key can bypass authentication of the root user.
last seen2019-10-28
modified2013-08-19
plugin id69471
published2013-08-19
reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/69471
titleMultiple Vendors EAS Authentication Bypass
code
#TRUSTED 8eb49d23102df717f66ae1ac61e0632df5cb487ca6de0264117a3cf943c04174b63720ac57f8ea807583275372a765222e2c157ec9b86ff9922a6466bf3dc2e0efed4fc1d1f5b5e725ba620bae4d610f94168421d37ef313aeeae42b52d557d3c98026a49b48160e714e10ec4dc6910061b4b6a51fda7ed74a323f7a5334a999f87f2cd38e5e594a1df0b901c9e3ea9f29d62a7979d3d5ad89769af19e2d05bd250560ff1ac83faa5d8c5ee59a3d3a893dfa7f4e73a54d4d4179d4269bee5870b40c30d751cb05835deff9e33b45c78d1541c00c0f36446694006e573e0fc9e1939f04e162d6215148e6c3b46729e7d67d7c635f5c6291397d47b7c9da6a93098ba79461ba2233acaa7021bdf3b7d8c8838c9440de8c543c155bb75bbd4915fa7765be795f8e3beaaae2b533b5b9ea9e993d9f3561d65ecaa606e245ee75a6d7ff327562cbdef2c880da7aae4249945c36154c75d62b725925faa8f5962fb6f7166c77c58f2a2bf62c8f546007d1ad7b43101e8a1e236da1c6d280036bed26951929f3de677f710c6b785cdf390253081fed3c02664fef6bd302bc44937c36667f089ae5e179eab8807c3e12454191d33d1b79f4c7089fbe6f7c6a3aa626a4e7988be7043a1ec5cddba49f0a6772fc1c05c7d51d367b3452e2eb303212cdd5be3849a2371ce1ea344e39fbb26795c6e271b7df01944e45fdb561c8e5907b1ed1
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(69471);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2018/11/15");

  script_cve_id("CVE-2013-0137");
  script_bugtraq_id(60810);
  script_xref(name:"CERT", value:"662676");

  script_name(english:"Multiple Vendors EAS Authentication Bypass");
  script_summary(english:"Checks the authorized_keys2.dasdec file for the presence of the compromised key");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by an authentication bypass 
vulnerability.");
  script_set_attribute(attribute:"description", value:
"The remote EAS device permits root login using an SSH key with a 
publicly available private key. The private key was included in 
older copies of Monroe Electronics and Digital Alert Systems firmware.
A remote attacker with access to the private key can bypass 
authentication of the root user.");
  script_set_attribute(attribute:"solution", value:"Update to firmware version 2.0-2 or higher.");
  script_set_attribute(attribute:"see_also", value:"https://www.kb.cert.org/vuls/id/662676/");
  # https://web.archive.org/web/20130712221439/http://www.informationweek.com/security/vulnerabilities/zombie-apocalypse-broadcast-hoax-explain/240157934
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?637f824e");
  # https://arstechnica.com/information-technology/2013/07/we-interrupt-this-program-to-warn-the-emergency-alert-system-is-hackable/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fbb8fb12");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/06/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/04/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/08/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:monroe_electronics:r189_one-net_eas");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:digital_alert_systems:dasdec_eas");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_ports("Services/ssh", 22);
  script_require_keys("Host/local_checks_enabled");

  exit(0);
}

include("global_settings.inc");
include("audit.inc");
include("misc_func.inc");
include("ssh_func.inc");


if(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS)
  enable_ssh_wrappers();
else disable_ssh_wrappers();

if (!get_kb_item("Host/local_checks_enabled"))
  audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

keygen_command = "test -f /root/.ssh/authorized_keys2.dasdec && ssh-keygen -l -f /root/.ssh/authorized_keys2.dasdec";
line_count_command = 'test -f /root/.ssh/authorized_keys2.dasdec && wc -l /root/.ssh/authorized_keys2.dasdec';
keygen_expected = "1024 0c:89:49:f7:62:d2:98:f0:27:75:ad:e9:72:2c:68:c3 ";

if ("Linux" >!< get_kb_item_or_exit("Host/uname"))
  audit(AUDIT_OS_NOT, "Linux");

ret = ssh_open_connection();
if (!ret)
  audit(AUDIT_SVC_FAIL, "SSH", kb_ssh_transport());

keygen_output = ssh_cmd(cmd:keygen_command, nosh:TRUE, nosudo:FALSE);

if (keygen_expected >< keygen_output)
{
  ssh_close_connection();
  
  vuln_report = NULL;
  if (report_verbosity > 0)
  {
    vuln_report = '\nFound the RSA public key with fingerprint "0c:89:49:f7:62:d2:98:f0:27:75:ad:e9:72:2c:68:c3" in the authorized keys file.\n';
  }

  security_hole(port:kb_ssh_transport(), extra:vuln_report);
  exit(0);
}

if (report_paranoia > 1)
{
  line_count_output = ssh_cmd(cmd:line_count_command, nosh:TRUE, nosudo:FALSE);
  ssh_close_connection();

  matches = eregmatch(pattern:"^([0-9]+) ", string:line_count_output);
  if (isnull(matches) || isnull(matches[1]))
    # This is set to 1 arbitrarily. It could just as well be set to 0.
    # It is set to something <=1 to pass the (... && line_count > 1) check below.
    # If we can't get a number out of the wc -l output, we can't advise the user to manually audit.
    line_count = 1;
  else
    line_count = int(matches[1]);

  if (line_count > 1)
  {
    audit_msg =
      " Note that Nessus checked only the first key in the authorized_keys2.dasdec file,
      yet the file has more than one line. Please manually audit this file.";
    exit(0, audit_msg);
  }
  else
    audit(AUDIT_HOST_NOT, "an affected EAS device");
}
else
{
  ssh_close_connection();
  audit(AUDIT_HOST_NOT, "an affected EAS device");
}

References