PHP-A1007 · Audit required: Use of an insecure cipher

Audit required: Use of an insecure cipher PHP-A1007

Security

Critical

a month ago — a year old

a02 cwe-327 sans top 25 owasp top 10 cwe-331

Insecure cipher algorithm MCRYPT_DES found

lib/phpmailer/extras/ntlm_sasl_client.php

 79                $b = $s . ((substr_count($s, "1") % 2) ? "0" : "1");
 80                $key .= chr(bindec($b));
 81            }
 82            $ciphertext = mcrypt_encrypt(MCRYPT_DES, $key, $challenge, MCRYPT_MODE_ECB, $iv); 83            $response .= $ciphertext;
 84        }
 85        return $response;

Description

Cipher algorithm used to encrypt data is not strong. Using weak cipher algorithm such as RC2, RC4, DES, MD5, etc. for encrypting sensitive data can be vulnerable to several attacks.

In past it has led to the following vulnerabilities:

CWE-327: Use of a Broken or Risky Cryptographic Algorithm

It is recommended to use robust and secure cipher such as AES to encrypt data.

Bad practice

// sensitive: vulnerable to several attacks (refer: https://en.wikipedia.org/wiki/RC4#Security)
$encryptedData = openssl_encrypt($data, "rc4", $key, $options = OPENSSL_RAW_DATA, $iv);

rathena / FluxCP

Bad practice

Recommended

References