Bouncy Castle CVE-2018-1000180 Security Weakness

Bouncy Castle is prone to a security weakness.
Successfully exploiting this issue will allow attackers to perform unauthorized actions; this may aid in launching further attacks.

Information

Bugtraq ID: 106567
Class: Design Error
CVE: CVE-2018-1000180

Remote: Yes
Local: No
Published: Apr 18 2018 12:00AM
Updated: Apr 17 2019 09:00AM
Credit: Bernd Eckenfels
Vulnerable: Redhat Virtualization 4
Redhat Software Collections for RHEL 0
Redhat Satellite 6
Redhat Openshift Application Runtimes 1.0
Redhat JBoss Fuse 6.0
Oracle Weblogic Server 12.2.1.3
Oracle WebCenter Portal 12.2.1.3.0
Oracle WebCenter Portal 11.1.1.9.0
Oracle SOA Suite 12.2.1.3.0
Oracle SOA Suite 12.1.3.0.0
Oracle Retail Xstore Point of Service 7.1
Oracle Retail Xstore Point of Service 7.0
Oracle Retail Convenience and Fuel POS Software 2.8.1
Oracle PeopleSoft Enterprise PeopleTools 8.57
Oracle PeopleSoft Enterprise PeopleTools 8.56
Oracle PeopleSoft Enterprise PeopleTools 8.55
Oracle Managed File Transfer 12.2.1.3.0
Oracle Managed File Transfer 12.1.3.0.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Communications WebRTC Session Controller 7.1
Oracle Communications WebRTC Session Controller 7.0
Oracle Communications Converged Application Server 7.0
Oracle Communications Application Session Controller 3.8
Oracle Communications Application Session Controller 3.7.1
Oracle Business Transaction Management 12.1.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle API Gateway 11.1.2.4.0
Bouncycastle Fips Java Api 1.0.1
Bouncycastle Fips Java Api 1.0
Bouncycastle Bouncy Castle 1.59
Bouncycastle Bouncy Castle 1.54

Not Vulnerable: Oracle Communications WebRTC Session Controller 7.2
Oracle Communications Converged Application Server 7.0.0.1
Bouncycastle Fips Java Api 1.0.2
Bouncycastle Bouncy Castle 1.60 Beta4

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

References:

• Bouncy Castle Homepage (Bouncy Castle)
  
• Bug 1588306 (CVE-2018-1000180) - CVE-2018-1000180 bouncycastle: flaw in the low- (Red Hat Bugzilla)
  
• CVE-2018-1000180 (Red Hat Bugzilla)
  
• RSA Key Generation: computation of iterations for MR Primality Test (Bouncycastle)
  
• Oracle Critical Patch Update Advisory - April 2019 (Oracle)
  
• Oracle Critical Patch Update Advisory - January 2019 (Oracle)
  

Source: www.securityfocus.com