CVE-2009-2474: fix handling of NUL in SSL cert subject names
Joe Orton
joe at manyfish.co.uk
Tue Aug 18 11:51:03 EDT 2009
At Black Hat USA '09, Dan Kaminsky and Moxie Marlinspike disclosed a way
to bypass cert verification in some SSL implementations by using a NUL
(zero) byte in either the common Name field of the subject attribute, or
in the "subject alternative name" attribute.
Certificate Authorities should be verifying and rejecting certificates
with a NUL byte embedded in either of these attributes, but, allegedly
some Internet CAs are, or have in the past, signed such certs.
All versions of neon versions up to 0.28.5 inclusive are vulnerable to
this issue, where neon is built with SSL support using OpenSSL. An
attacker holding a bogus cert signed by a trusted CA could perform a
man-in-the-middle attack against a server.
This issue has been assigned CVE name CVE-2009-2474.
All versions of neon older than 0.28.6 are affected, where linked
against OpenSSL.
If neon is linked against GnuTLS, version 2.8.2 or later must be used to
avoid the vulnerability. No changes are necessary to existing releases
of neon to avoid the vulnerability if and only if used in conjuction
with GnuTLS version 2.8.2 or later.
Regards, Joe
More information about the neon
mailing list