PSIRT Note: 'Secure Client-Initiated Renegotiation' vulnerability report on FortiGate admin webui is a false positive

fropert_FTNT · ‎03-01-2017

Description

The automatic scanner tools mentioned below have been identified to incorrectly report FortiGate web admin GUI support "Secure Client-Initiated Renegotiation" or "Client-initiated Renegotiations".

a) testssl.sh (v2.8rc3 https://testssl.sh/) report

Supposed result:

Secure Client-Initiated Renegotiation not vulnerable (OK)

Result aganist FortiGate web admin GUI:

"Secure Client-Initiated Renegotiation" - "VULNERABLE (NOT ok), DoS threat"

b) sslyze (https://github.com/iSECPartners/sslyze) report

Supposed result:

"Client-initiated Renegotiations: Rejected"

Result aganist FortiGate web admin GUI:

"Client-initiated Renegotiations: Honored" (v0.8) or
"Client-initiated Renegotiation: VULNERABLE - Server honors client-initiated renegotiations"

c) thc-ssl-doc (v1.4 http://www.thc.org/thc-ssl-dos) report

Supposed result:

Waiting for script kiddies to piss off................
The force is with those who read the source...
Handshakes 0 [0.00 h/s], 1 Conn, 0 Err
ERROR: Target has disabled renegotiations.
Use your own skills to modify the source to test/attack
the target [hint: TCP reconnect for every handshake].

Result against FortiGate web admin GUI:

Waiting for script kiddies to piss off................
The force is with those who read the source...
Handshakes 0 [0.00 h/s], 1 Conn, 0 Err
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
......

d) openssl report

Supposed result:

---
R
RENEGOTIATING
140565523859104:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:599:
#

Result aganist FortiGate web admin GUI:

---
R
RENEGOTIATING
depth=0 O = Fortinet Ltd., CN = FGVM00UNLICENSED
verify error:num=18:self signed certificate
verify return:1
depth=0 O = Fortinet Ltd., CN = FGVM00UNLICENSED
verify return:1
read:errno=0
#
(The connection will be terminated after the "read:errno=0" message)

Scope

All FortiGate versions starting from v4.3.12.

Solution

The web admin GUI has the SSL/TLS renegotiation support disabled in a special way since FortiGate 4.3.12 which may result in scanning tools incorrectly reporting that "Secure Client-Initiated Renegotiation" is supported, so such reports are false positives. Hence the FortiGate web admin GUI SSL/TLS service port (by default it is 443) will not be vulnerable by related DOS attacks.