CVE-2009-2474: fix handling of NUL in SSL cert subject names
joe at manyfish.co.uk
Tue Aug 18 11:51:03 EDT 2009
At Black Hat USA '09, Dan Kaminsky and Moxie Marlinspike disclosed a way
to bypass cert verification in some SSL implementations by using a NUL
(zero) byte in either the common Name field of the subject attribute, or
in the "subject alternative name" attribute.
Certificate Authorities should be verifying and rejecting certificates
with a NUL byte embedded in either of these attributes, but, allegedly
some Internet CAs are, or have in the past, signed such certs.
All versions of neon versions up to 0.28.5 inclusive are vulnerable to
this issue, where neon is built with SSL support using OpenSSL. An
attacker holding a bogus cert signed by a trusted CA could perform a
man-in-the-middle attack against a server.
This issue has been assigned CVE name CVE-2009-2474.
All versions of neon older than 0.28.6 are affected, where linked
If neon is linked against GnuTLS, version 2.8.2 or later must be used to
avoid the vulnerability. No changes are necessary to existing releases
of neon to avoid the vulnerability if and only if used in conjuction
with GnuTLS version 2.8.2 or later.
More information about the neon