CVE-2016-3704

Vulnerability

The pulp-qpid-ssl-cfg script in Pulp versions before 2.8.5 uses $RANDOM from bash to generate the default NSS database password and a noise file for certutil. The password is derived from a single $RANDOM value (range 0-32767), and the noise file is populated with numbers and newlines from repeated $RANDOM calls [2][3]. This results in extremely low entropy, making the password and seed file predictable.

Exploitation

An attacker with network access to the Pulp service can exploit the weak password by brute-forcing or predicting it due to the limited entropy. No authentication is required; the attacker can attempt to authenticate to the NSS database using the generated password. The use of $RANDOM also makes the noise file predictable, potentially aiding in cryptographic attacks [3][4].

Impact

Successful exploitation allows the attacker to access the NSS database, which stores SSL/TLS certificate keys and passwords. This could lead to compromise of encrypted communications, impersonation of the Pulp server, or other unauthorized actions with the privileges of the Pulp service (typically root) [2].

Mitigation

The vulnerability is fixed in Pulp version 2.8.5 [3]. Red Hat Satellite users received the fix via RHSA-2018:0336 [1]. Users should upgrade to Pulp 2.8.5 or later. As a workaround, avoid using the default generated password and manually provide a strong password via configuration.