-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
4da6343
commit 8928ca0
Showing
1 changed file
with
61 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,61 @@ | ||
| # CVE-2024-27632 | ||
| CVE-2024–27632 Reference | ||
| # CVE-2024-27632 Vulnerability Details | ||
|
|
||
| ## Overview | ||
|
|
||
| In Savane v3.12 and prior, the Unix timestamp is used as a seed in the Pseudo-Random Number Generator (PRNG) used to generate Cross-Site Request Forgery (CSRF) protection tokens (`form_id`). As a result, an attacker may be able to independently generate the same valid CSRF token that was assigned to a victim user, thereby passing CSRF checks and leading to a successful CSRF attack. The impact of a CSRF attack includes privilege escalation and account takeover. | ||
|
|
||
|
|
||
| **CWE Classification:** CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) | ||
|
|
||
| **Reported By:** Ally Petitt | ||
|
|
||
| **Affected Product**: Savane | ||
|
|
||
| **Affected Versions**: 3.12 and prior | ||
|
|
||
| ## Technical Details | ||
|
|
||
| Before the `form_id` is generated, `utils_srand()` is called. Then, the generated `form_id` is created as an MD5 hash of a value generated by PHP's PRNG. | ||
|
|
||
| _frontend/php/include/form.php:61_ | ||
| ``` | ||
| if (!$form_id) | ||
| { | ||
| utils_srand (); | ||
| $form_id = md5 (mt_rand (0, 1000000)); | ||
| } | ||
| ``` | ||
|
|
||
| As shown in the code block below, `utils_srand()` is defined as a function that seeds the `microtime()`, a function that returns the Unix timestamp, multiplied by 1,000,000. | ||
|
|
||
| _frontend/php/include/utils.php:969_ | ||
| ``` | ||
| function utils_srand () | ||
| { | ||
| mt_srand ((int)((double)microtime () * 1000000)); | ||
| } | ||
| ``` | ||
|
|
||
| As a result, the Unix timestamp, a predictable value, is used to generate a security-critical psuedo-random number. The time that a user's token was created can potentially be guessed or triggered by an attacker in order to obtain a valid timestamp that they can use to craft a valid CSRF token. | ||
|
|
||
| ## Validation Steps | ||
| These steps aim to demonstrate that knowing the timestamp is enough to generate a valid token independently. Real-world attack strategies may involve additional creativity in order to ensure that the correct timestamp of the token creation is being deduced. | ||
|
|
||
| 1. Visit a Savane webpage that generates a `form_id`. | ||
| 2. Note the Unix timestamp that you visited that page. | ||
| 3. Replace `$RECORDED_UNIX_TIME` with the time that was recorded and un the following PHP script. Observe that the value generated matches the `form_id` that the server returned upon initially visiting the webpage. | ||
|
|
||
| ``` | ||
| <?php | ||
| mt_srand ((int)((double)$RECORDED_UNIX_TIME* 1000000)); | ||
| echo md5 (mt_rand (0, 1000000)); | ||
| ?> | ||
| ``` | ||
|
|
||
|
|
||
| ## Mitigation | ||
|
|
||
| Upgrade to Savane version 3.13 or higher. The patch can be found [here](https://git.savannah.nongnu.org/cgit/administration/savane.git/commit/?h=i18n&id=dee5195d18f9ab16c860e8114819083673f66b95). | ||
|
|
||
|
|
||
|
|