Package: libsasl2-2 Version: 2.1.25.dfsg1-6 Severity: important Tags: security upstream
Some SASL implementations allow the server to specify a list of mechanisms it supports. The client should then pick the strongest mechanism it supports to authenticate. For example, when PLAIN and SCRAM-SHA-1 are available, it should use SCRAM-SHA-1, as it is in many ways more secure than PLAIN. A bug in Cyrus-SASL 2.1.24 and up causes PLAIN to be chosen over SCRAM-SHA-1 when the server ordered PLAIN before SCRAM-SHA-1 (the order in which the server specifies the mechanisms should be ignored by the client). This can cause a client using Cyrus-SASL to disclose its password in plain, while it doesn't need to. Here is an example of it happening in Pidgin, compiled with Cyrus-support: (01:39:37) jabber: Recv (ssl)(497): <?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' version='1.0' from='xnyhps.nl' id='9531b529-e769-4c00-a17f-fae4221436da' xml:lang='en' xmlns='jabber:client'><stream:features><register xmlns='http://jabber.org/features/iq-register'/><auth xmlns='http://jabber.org/features/iq-auth'/><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>DIGEST-MD5</mechanism></mechanisms></stream:features> (01:39:37) sasl: Mechs found: PLAIN SCRAM-SHA-1 DIGEST-MD5 (01:39:37) sasl: No worthy mechs found (01:39:41) sasl: Mechs found: PLAIN SCRAM-SHA-1 DIGEST-MD5 (01:39:41) jabber: Sending (ssl) (t...@xnyhps.nl): <auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='PLAIN' xmlns:ga='http://www.google.com/talk/protocol/auth' ga:client-uses-full-bind-result='true'>password removed</auth> (01:39:41) jabber: Recv (ssl)(60): <success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'></success> This issue was reported upstream at https://bugzilla.cyrusimap.org/show_bug.cgi?id=3793. However, it has received no response. I'm also reporting it here because I think it's a security issue that puts Debian users at risk. -- System Information: Debian Release: 7.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libsasl2-2 depends on: ii libc6 2.13-38 ii libdb5.1 5.1.29-5 ii multiarch-support 2.13-38 Versions of packages libsasl2-2 recommends: ii libsasl2-modules 2.1.25.dfsg1-6 libsasl2-2 suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
