cURL / libcurl SSL certificate spoofing - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

cURL / libcurl SSL certificate spoofing
Published: 17.08.2009
Source: BUGTRAQ
SecurityVulns ID: 10154
Type: library
Level: 6/10
Description: Certificate name spoofing via NULL byte.

Affected: CURL : cURL 7.19
CURL : libcurl 7.19
CVE: CVE-2009-2417 (lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.)
CVE-2009-2408 (Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.)

Original document MANDRIVA, [ MDVSA-2009:203 ] curl (17.08.2009)

Discuss: Read or add your comments to this news (0 comments)

test server