Bug 510202
Summary: | differences in handling of SSL Common Names (Kaminsky) | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Mark J. Cox <mjc> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | hyc, ludwig.nussel, osoukup, security-response-team |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-10-19 09:07:16 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Mark J. Cox
2009-07-08 10:57:10 UTC
Multiple Common Names handled differently I've been looking at various applications that use OpenSSL to check CN and how they deal with multiple CNs. So I found things we ship in Red Hat products (not necessarily the latest versions of each): Just uses least specific CN: cyrus-imapd 2.2.12 freeradius 1.1.13 postfix 2.2.10 fetchmail 6.3.6 openldap 2.3.27 gftp 2.0.17 sendmail 8.13.1 dovecot 1.0 postgresql 7.3.19 curl 7.10.6 neon: the code quoted in the draft Kaminsky paper is from a very old (more than 5 years old) version of neon. Neon since 0.22 at least has used the most specific CN if there is no subjectAltName (using different function X509_NAME_get_index_by_NID) curl 7.12.1: uses most specific CN if no subjectAltName, but older versions (7.10.6) used least specific w3m 0.5.1: uses least specific CN if no subjectAltName squid 2.6: uses any CN if no subjectAltName wget 1.10.2: uses least specific CN but code notes it should be 'most specific' libesmtp 0.8.12: uses least specific CN, but code notes it should be 'any' pam_pkcs11 0.5.3: gets all CN presentation given by Dan yesterday at Blackhat, removing embargo. Also removing EMBARGOED from the title as the embargo has been removed. Just fyi, this was fixed in OpenLDAP CVS on August 10 for our OpenSSL and GnuTLS support. It was fixed on July 30 for our MozNSS support. Hey Howard, thanks for heads-up. I presume you are referring to following commits: MozNSS: http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_m.c.diff?r1=1.8&r2=1.11&f=h OpenSSL: http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_o.c.diff?r1=1.8&r2=1.11&f=h GnuTLS: http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_g.c.diff?r1=1.13&r2=1.14&f=h I presume those fixes should also address CVE-2009-2408-like problem where they existed before (from quick testing, it seems at least OpenSSL variant had issues with NULs in CNs). Have you looked at / tested that too? Thanks! Yes, those commits also address CVE-2009-2408, tested / confirmed. (Actually our gnutls code was already correct on that issue.) Thank you! Yes, from the patch, it looked that GnuTLS variant was unaffected. |