Forum - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

SSL data injection
updated since 09.11.2009
Published: 10.02.2010
Source: BUGTRAQ
SecurityVulns ID: 10388
Type: m-i-t-m
Level: 8/10
Description: Data injection possibility connected with SSL in-session renegotiation.

Affected: OPENSSL : OpenSSL 0.9
PROFTPD : ProFTPD 1.3
APACHE : Apache 2.2
ARUBANETWORKS : ArubaOS 2.4
ARUBANETWORKS : ArubaOS 2.5
ARUBANETWORKS : ArubaOS 3.1
ARUBANETWORKS : ArubaOS 3.3
GNU : GnuTLS 2.8
ARUBANETWORKS : ArubaOS 3.4
MOZILLA : Mozilla Network Security Services 3.12
CVE: CVE-2009-3555 (The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.)

Original document ARUBANETWORKS, Aruba Advisory ID: AID-020810 TLS Protocol Session Renegotiation Security Vulnerability (10.02.2010)

RedTeam Pentesting, TLS Renegotiation Vulnerability: Proof of Concept Code (Python) (22.12.2009)

RedTeam Pentesting, msgid:20091221130346.GA23192@otis.atalante.redteam-pentesting.de?to=bugtraq@securityfocus.com&from=RedTeam%20Pentesting%20GmbH&folder=\\3APA3A\Bugtraq&subject=TLS%20Renegotiation%20Vulnerability:%20Proof (22.12.2009)

document MANDRIVA, [ MDVSA-2009:337 ] proftpd (22.12.2009)

Thierry Zoller, TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability) (30.11.2009)

Thierry Zoller, TLS / SSLv3 vulnerability explained (DRAFT) (18.11.2009)

CISCO, Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability (11.11.2009)

document MANDRIVA, [ MDVSA-2009:295 ] apache (09.11.2009)

Files: PoC exploit for the TLS renegotiation vulnerability (CVE-2009-3555)
Discuss: Read or add your comments to this news (0 comments)

Show		Threads
		Messages


Login:*		(Register)
Password:*
(private)	To:
(reply)	Subject:*
Text:

Main Forum (Eng) General security questions not appropriate for another forums.	3proxy Forum (Eng) All 3proxy question must be posted to this forum.	Bugs, Vulnerabilities, PoCs and Exploits (Eng) All vulnerability related questions, vulnerability digging and exploit creation.	Windows programming and administration (Eng) Administering Windows and application development.	Unix programming and administation (Eng) Administering Unix and application development.	Test forum Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)	3proxy Forum (Rus)	Bugs, Vulnerabilities, PoCs and Exploits (Rus)	Windows programming and administration (Rus)	Unix programming and administation (Rus)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server