Hello everyone,
I sent few days ago to the security DL a mail reporting a vulnerability in how Postgres is requesting DH params to be used later for encryption algorithms. So, due to there is no problem sharing with this group, here is what I sent:
------------------------------------------------------------------------------------------------------------------------------------------
Hi folks,
We are working with Postgres 9.3.14 and executing nmap we found that it is using “weak DH group” (nmap –script ssl-dh-params). Weak = 1024 bits.
See nmap output (1)
We don’t know if other versions are affected or not. The environment used is a RHEL 6 x86_6, OpenSSL version 1.0.2i with FIPS module.
This issue is similar to what this post explains about using weak DH parameters: http://www.usefuljs.net/2016/09/29/imperfect-forward-secrecy/
Following with the code, it seems that PostgreSQL has missed the keyLength OpenSSL parameter, and it delivers into a weak crypto configuration.. Affected Code:
https://git.postgresql.org/gitweb/?p=postgresql.git;a=blob;f=src/backend/libpq/be-secure-openssl.c;h=8d8f12952a4a4f14a15f8647b96935e13d68fb39;hb=48d50840d53eb62842c0d9b54eab9cd7c9a3a46d
(Thanks to Damian in order to found the affected code)
(1) nmap output:
# nmap –script ssl-dh-params -p 5432 <ip>
Starting Nmap 7.25BETA2 ( https://nmap.org )
Nmap scan report for <ip>
Host is up (0.00035s latency).
PORT STATE SERVICE
5432/tcp open postgresql
| ssl-dh-params:
| VULNERABLE:
| Diffie-Hellman Key Exchange Insufficient Group Strength
| State: VULNERABLE
| Transport Layer Security (TLS) services that use Diffie-Hellman groups
| of insufficient strength, especially those using one of a few commonly
| shared groups, may be susceptible to passive eavesdropping attacks.
| Check results:
| WEAK DH GROUP 1
| Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
| Modulus Type: Safe prime
| Modulus Source: Unknown/Custom-generated
| Modulus Length: 1024
| Generator Length: 8
| Public Key Length: 1024
| References:
|_ https://weakdh.org
------------------------------------------------------------------------------------------------------------------------------------------
Thanks in advance
Nicolas Guini