Ruby Net::IMAP SCRAM Authentication Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Ruby Net::IMAP library, specifically in versions 0.4.0 prior to 0.4.24, 0.5.0 prior to 0.5.14, and 0.6.0 prior to 0.6.4. When using SCRAM-SHA1 or SCRAM-SHA256 for authentication, a malicious server can cause significant computational delays in the client by sending a large iteration count value. This exploitation takes advantage of the PBKDF2 function, which is a blocking operation in a C extension, effectively freezing the Ruby virtual machine and disrupting other running threads.

Impact

Exploitation of this vulnerability locks the entire Ruby virtual machine for an extended period, depending on the hardware and OpenSSL version, potentially causing a delay of several minutes. This disruption can be particularly impactful in environments where multiple threads are active, as it halts all thread execution until the computation is complete.

Reproduction

To reproduce this vulnerability, connect to an IMAP server that is under the attacker's control and initiate authentication using the SCRAM-SHA1 or SCRAM-SHA256 mechanism. The server can then send a deliberately inflated iteration count in the authentication response, which will be processed by the client, causing a significant delay.

Remediation

Users can upgrade to Net::IMAP versions 0.4.24, 0.5.14, or 0.6.4, all of which include the necessary fix. After upgrading, it's important to set the `max_iterations` parameter to a safe value when using SCRAM authentication.